Career

Professional Experience

Lecturer, CSE Department

July 2025 – Present

BRAC University, Dhaka, Bangladesh

Courses Taught:

Computer Architecture Software Engineering

Research Assistant, CSE Department

March 2025 – Present

Bangladesh University of Engineering & Technology (BUET), Dhaka, Bangladesh

  • Explored WebUI Gyms such as WebArena and worked on a UI Testing Automation Pipeline.
  • Built an end-to-end pipeline to generate Playwright testing scripts from website user stories.
  • Building and fine-tuning a bilingual (Bangla/English) vision-language model with Socratic prompts and step-by-step scaffolding.
  • Implementing personalized student modeling with knowledge tracing and bilingual hinting for adaptive learning.
Publications

Research Experience

Secret Breach Detection in Source Code with Large Language Models

✓ ESEM 2025 – Technical Track Oct 2024 – Jul 2025 Undergraduate Thesis

Introduced a novel approach for Secret Breach Detection using a Small Language Model (SLM) fine-tuned with QLoRA. Our model outperforms state-of-the-art regex tools (Trufflehog) and large LLMs (GPT-4o) on the SecretBench dataset, demonstrating the efficacy of compact specialized models over zero-shot giants.

QLoRA DeepSeek-7B Gemma-7B LLaMA-3.1-8B Mistral-7B DeepSeek-V3 GPT-4o

Supervisors: Dr. Rifat Shahriyar (Prof., CSE, BUET) · Dr. S M Sohan (Sr. Eng. Manager, Google LLC)

🔗 ESEM 2025 Paper

Secret Leak Detection in Software Issue Reports using LLMs: A Comprehensive Evaluation

✓ MSR 2026 – Technical Track ArXiv Jul 2024 – Oct 2025 Undergraduate Thesis

First large-scale study and hybrid detection pipeline for secret leaks in GitHub issue reports. Integrates regex-based extraction with LLM contextual classification to reduce false positives. Curated and released the first public benchmark of 54,000+ labeled instances. Fine-tuned LLMs achieve up to 0.945 F1.

RoBERTa BERT CodeBERT QLoRA PEFT GPT-4o Gemini-2.0-Flash DeepSeek-7B Gemma-7B Qwen-7B

Supervisors: Dr. Rifat Shahriyar (Prof., CSE, BUET) · Dr. Gias Uddin (Assoc. Prof., York University)

🔗 MSR 2026 Paper

A Survey on Agentic Security: Applications, Threats and Defenses

ArXiv Preprint Aug 2025 – Oct 2025 Independent Research

First holistic survey of the rapidly evolving agentic security landscape, systematically analyzing 150+ papers (2024–2025). Structures the field around three interdependent pillars: Applications, Threats, and Defenses — providing a unified framework for understanding LLM agent capabilities and vulnerabilities in cybersecurity.

Supervisors: Dr. Farig Sadeque (Assoc. Prof., BRAC University) · Dr. Md Rizwan Parvez (Scientist, QCRI)

🔗 ArXiv

BanglaForge: LLM Collaboration with Self-Refinement for Bangla Code Generation

✓ BLP Workshop @ AACL-IJCNLP 2025 (ACL Anthology) Aug – Sep 2025 Independent Research

BanglaForge: a novel framework for generating executable code from Bangla descriptions (a low-resource language). Employs retrieval-augmented dual-model collaboration with iterative self-refinement based on execution feedback. Achieves 84.00% Pass@1 on the BLP-2025 Bangla Code Generation benchmark.

Dual-LLM Architecture RAG Few-shot TF-IDF Lg Exaone Deep 32B Gemini-2.5-Pro

Collaborators: Mahir Labib Dihan (Lecturer, BRACU) · Md Nafiu Rahman (Lecturer, BRACU)

🔗 ACL Anthology

ISSUEGUARD: Real-Time Secret Leak Prevention Tool for GitHub Issue Reports

✓ FSE 2026 – Tool Demo Track ArXiv Oct 2025 – Feb 2026 Undergraduate Thesis

Browser-based security tool providing real-time feedback to prevent accidental secret leaks in GitHub issue reports. Hybrid detection engine (Regex + Fine-tuned CodeBERT) achieves 92.70% F1-score with <200ms end-to-end latency. User study with 50 developers — 80% reported "Very High Confidence" in detection capabilities.

Chrome Extension (MV3) JavaScript FastAPI CodeBERT PyTorch FP16 Inference LRU Cache

Supervisors: Dr. Rifat Shahriyar (Prof., CSE, BUET) · Dr. Gias Uddin (Assoc. Prof., York University)

🔗 ArXiv