Latest News

Brinto's paper got accepted!

July 19, 2021

Brinto's WIP paper got accepted at FIE 2021!

Links

Publications


2021

  1. Akond Rahman, Hossain Shahriar, and Dibyendu Brinto Bose, "How Do Students Feel About Automated Security Static Analysis Exercises?", in the Frontiers in Education (FIE) Conference (FIE) 2021. Pre-print
  2. Akond Rahman, Hossain Shahriar, and Dibyendu Brinto Bose, "Exercise Perceptions: Experience Report From A Secure Software Development Course", in the 14th International Conference on the Quality of Information and Communications Technology (QUATIC) 2021. Pre-print
  3. Kaitlyn Cottrell, Dibyendu Brinto Bose, Hossain Shahriar, and Akond Rahman, "An Empirical Study of Vulnerabilities in Robotics", in the 45th IEEE Computer Society Computers, Software, and Applications Conference (COMPSAC) 2021. Pre-print
  4. Akond Rahman, and Laurie Williams, "A Different Kind of Smell: Security Smells in Infrastructure as Code Scripts", in the IEEE Security and Privacy (S&P) Magazine 2021. Pre-print
  5. Farzana Ahamed Bhuiyan, Justin Murphy, Patrick Morrison and Akond Rahman, "Practitioner Perception of Vulnerability Discovery Strategies", to appear in the 2nd International Workshop on Engineering and Cybersecurity of Critical Systems (EnCyCriS 2021), co-located with the 43rd International Conference on Software Engineering (ICSE 2021). Pre-print
  6. Dibyendu Brinto Bose, Akond Rahman and Shazibul Islam Shamim, "'Under-reported' Security Defects in Kubernetes Manifests", to appear in the 2nd International Workshop on Engineering and Cybersecurity of Critical Systems (EnCyCriS 2021), co-located with the 43rd International Conference on Software Engineering (ICSE 2021). Pre-print
  7. Akond Rahman and Effat Farhana, "An Empirical Study of Bugs in COVID-19 Software Projects", to appear in the Journal of Software Engineering Research and Development (JSERD). Pre-print
  8. Farzana Ahamed Bhuiyan, Md. Bulbul Sharif, and Akond Rahman, "Security Bug Report Usage for Software Vulnerability Research: A Systematic Mapping Study", to appear in the journal of IEEE Access. Pre-print
  9. Akond Rahman, Md. Rayhanur Rahman, Chirs Parnin, and Laurie Williams, "Security Smells in Ansible and Chef Scripts: A Replication Study", in the journal of ACM Transactions on Software Engineering and Methodology (TOSEM), 2021. Pre-print

    10. 2020

  10. Mohammad Mehedi Hasan, Farzana Ahamed Bhuiyan, and Akond Rahman, "Testing Practices for Infrastructure as Code", to appear in the Languages and Tools for Next Generation Testing Workshop - LANGETI 2020, co-located with the ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE). Pre-print
  11. Farzana Ahamed Bhuiyan and Akond Rahman, "Characterizing Co-located Insecure Coding Patterns in Infrastructure as Code Scripts", to appear in the 2020 Workshop on Human Centric Software Engineering and Cyber Security, co-located with the 35th IEEE/ACM International Conference on Automated Software Engineering (ASE). Pre-print
  12. Farzana Ahamed Bhuiyan, Akond Rahman and Patrick Morrison, "Vulnerability Discovery Strategies Used in Software Projects", to appear in the 2020 Workshop on Human Centric Software Engineering and Cyber Security, co-located with the 35th IEEE/ACM International Conference on Automated Software Engineering (ASE). Pre-print
  13. Akond Rahman and Farzana Ahamed Bhuiyan, "A Vision to Mitigate Bioinformatics Software Development Challenges", to appear in the 2020 Workshop on Human Centric Software Engineering and Cyber Security, co-located with the 35th IEEE/ACM International Conference on Automated Software Engineering (ASE). Pre-print
  14. Raunak Shakya and Akond Rahman, "A Preliminary Taxonomy of Techniques Used in Software Fuzzing", to appear in the 7th Annual Hot Topics in the Science of Security (HoTSoS) Symposium 2020. Pre-print
  15. Justin Murphy, Elias Brady, Shazibul Islam Shamim, and Akond Rahman, "A Curated Dataset of Security Defects in Scientific Software Projects", to appear in the 7th Annual Hot Topics in the Science of Security (HoTSoS) Symposium 2020. Pre-print
  16. Farzana Ahamed Bhuiyan, Raunak Shakya, and Akond Rahman, "Can We Use Software Bug Reports to Identify Software Vulnerability Strategies?", to appear in the 7th Annual Hot Topics in the Science of Security (HoTSoS) Symposium 2020. Pre-print
  17. Md. Shazibul Islam Shamim, Farzana Ahamed Bhuiyan, and Akond Rahman, "XI Commandments of Kubernetes Security: A Systematization of Knowledge Related to Kubernetes Security Practices", in the IEEE Secure Development Conference (SecDev) 2020. Pre-print
  18. Akond Rahman, Effat Farhana, and Laurie Williams, "The 'as Code' Activities: Development Anti-patterns for Infrastructure as Code", in the Journal of Empirical Software Engineering (EMSE) 2020. (Journal-first at FSE 2020) Pre-print
  19. Akond Rahman, Effat Farhana, Chirs Parnin, and Laurie Williams, "Gang of Eight: A Defect Taxonomy for Infrastructure as Code Scripts", to appear in the International Conference on Software Engineering (ICSE) 2020. Pre-print

    20. 2019

  20. Nuthan Munaiah, Akond Rahman, Justin Pelletier, Laurie Williams, and Andrew Meneely "Characterizing Attacker Behavior in a Cybersecurity Penetration Testing Competition" in Proceedings of the International Symposium on Empirical Software Engineering and Measurement (ESEM) 2019, Porto de Galinhas, Brazil, Sep 2019 Pre-print
  21. Md. Rayhanur Rahman, Akond Rahman, and Laurie Williams "Share, But Be Aware: Security Smells in Python Gists" in Proceedings of the International Conference on Software Maintenance and Evolution (ICSME) 2019, Ohio, USA, Oct 2019 Pre-print
  22. Effat Farhana, Nasif Imtiaz, and Akond Rahman "Synthesizing Program Execution Time Discrepancies in Julia Used for Scientific Software" in Proceedings of the International Conference on Software Maintenance and Evolution (ICSME) 2019, Ohio, USA, Oct 2019 Pre-print
  23. Akond Rahman and Laurie Williams, "Source Code Properties of Defective Infrastructure as Code Scripts", in the Journal of Information and Software Technology (IST), (Journal-first at ICSME 2019) Pre-print
  24. Akond Rahman, "Anti-patterns in Infrastructure as Code", PhD Dissertation, NC State University 2019. (NC State CSC and COE Distinguished Dissertation Award) Pre-print
  25. Kanthi Sarpatwar, Venkata Sitaramagiridharganesh Ganapavarapu, Karthikeyan Shanmugam, Akond Rahman, and Roman Vaculin, "Blockchain Enabled AI Marketplace: The Price You Pay For Trust" in Proceedings of the International Workshop of Blockchain Meets Computer Vision and Artificial Intelligence 2019, CA, USA 2019. Preprint
  26. Akond Rahman, Effat Farhana, and Nasif Imtiaz, "Snakes in Paradise?: Insecure Python-related Coding Practices in Stack Overflow" in Proceedings of the International Conference on Mining Software Repositories (MSR) 2019, Montreal, Canada, May 2019. Preprint
  27. Nasif Imtiaz, Akond Rahman, Effat Farhana, and Laurie Williams, "Challenges with Responding to Static Analysis Tool Alerts" in Proceedings of the International Conference on Mining Software Repositories (MSR) 2019, Montreal, Canada, May 2019. Preprint
  28. Akond Rahman and Laurie Williams, "Poster: A Bird's Eye View of Knowledge Needs Related to Penetration Testing" in Proceedings of the Symposium and Bootcamp on the Science of Security (HotSoS) 2019, Nashville, Tennessee, April 2019 Preprint
  29. Akond Rahman, Chirs Parnin, and Laurie Williams, "The Seven Sins: Security Smells in Infrastructure as Code Scripts", in the International Conference on Software Engineering (ICSE) 2019. (ACM SIGSOFT Distinguished Paper Award) Pre-print

    30. 2018

  30. Akond Rahman, Rezvan Mahdavi-Hezaveh, and Laurie Williams, "A Systematic Mapping Study of Infrastructure as Code Research", in the Journal of Information and Software Technology (IST) , Pre-print
  31. Akond Rahman, Amritanshu Agrawal, Rahul Krishna, and Alexander Sobran, "Characterizing The Influence of Continuous Integration: Empirical Results from 250+ Open Source and Proprietary Projects", in 4th International Workshop on Software Analytics (SWAN 2018), co-located with European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE), Florida, USA, November 2018. Preprint
  32. Akond Rahman, Jonathan Stallings, and Laurie Williams. "Poster: Defect Prediction Metrics for Infrastructure as Code Scripts in DevOps" in Companion Proceedings of International Conference for Software Engineering 2018, Gothenburg, Sweden, May 2018. Preprint
  33. Akond Rahman, Asif Partho, Pat Morrisson, and Laurie Williams. "What Questions Do Programmers Ask About Configuration As Code?" in Proceedings of the 4th International Workshop on Rapid Continuous Software Engineering (RCoSE '18), co-located with International Conference for Software Engineering (ICSE) 2018, Gothenburg, Sweden, May, 2018. Preprint
  34. Akond Rahman, "Comprehension Effort and Programming Activities: Related? Or Not Related?" in Proceedings of the International Conference of Mining Software Repositories (MSR) 2018, Gothenburg, Sweden, May 2018. Preprint
  35. Akond Rahman, "Anti-patterns in Infrastructure as Code" in Proceedings of the International Conference of Software Testing, Validation, and Veriification (ICST-PhD Symposium) 2018, Vasteras, Sweden, April 2018. Preprint
  36. Akond Rahman, "Characteristics of Defective Infrastructure as Code Scripts in DevOps" in Companion Proceedings of International Conference for Software Engineering (ICSE-Doctoral Symposium) 2018, Gothenburg, Sweden, May 2018. Preprint (ACM SIGSOFT Best Doctoral Symposium Paper Award)
  37. Rahul Krishna, Amritanshu Agrawal, Akond Rahman, Alexander Sobran and Tim Menzies, "What is the Connection Between Issues, Bugs, and Enhancements? (Lessons Learned from 800+ Software Projects)", in Companion Proceedings of International Conference for Software Engineering (ICSE-SEIP) 2018, Gothenburg, Sweden, May 2018. Preprint
  38. Amritanshu Agrawal, Akond Rahman, Rahul Krishna, Alexander Sobran and Tim Menzies, "We Don't Need Another Hero? The Impact of "Heroes" on Software Development", in Companion Proceedings of International Conference for Software Engineering (ICSE-SEIP) 2018, Gothenburg, Sweden, May 2018. Preprint
  39. Akond Rahman, Laurie Williams, "Characterizing Defective Configuration Scripts Used For Continuous Deployment", in Proceedings of the International Conference on Software Testing, Validations, and Verification (ICST) 2018, Vasteras, Sweden, April 2018. (Invited for journal extension) Preprint

    40. 2017

  40. Akond Rahman, Priysha Pradhan, Asif Partho, and Laurie Williams. "Predicting Android application security and privacy risk with static code metrics" in Proceedings of the 4th International Conference on Mobile Software Engineering and Systems (MOBILESoft '17), co-located with International Conference for Software Engineering (ICSE) 2017, Buenos Aires, Argentina, May, 2017. Preprint
  41. Akond Rahman, Asif Partho, David Meder, and Laurie Williams. "Which Factors Influence Usage of Build Automation Tools?" in Proceedings of 3rd International Workshop on Rapid Continuous Software Engineering (RCoSE), co-located with International Conference for Software Engineering (ICSE) 2017, Buenos Aires, Argentina, May, 2017. Preprint
  42. Morgan Burcham, Mehran Al-Zyoud, Jeffrey Carver, Mohammed Alsaleh, Hongyi Du, F. Gilani, Jin Jiang, Akond Rahman, Ozgur Kafali, Ehab Al-Shaer, Laurie Williams, "Characterizing Scientific Reporting in Security Literature: An analysis of ACM CCS and IEEE S&P Paper", in Proceedings of the Symposium and Bootcamp on the Science of Security (HotSoS) 2017, MD, USA, April 2017. Link

    43. 2016

  43. Akond Rahman. "Code Metrics For Predicting Risk Levels of Android Applications", in Proceedings of 2016 KSU Conference on Cybersecurity Education, Research and Practice (CCERP' 2016), GA, USA, October, 2016. Link
  44. Akond Rahman and Laurie Williams. "Software Security in DevOps: Synthesizing Practitioners’ Perceptions and Practices", in Proceedings of the 1st International Workshop on Continuous Software Evolution and Delivery (CSED), Austin, TX, USA, May, 2016. Preprint
  45. Akond Rahman and Laurie Williams. "Security practices in DevOps", in Proceedings of the Symposium and Bootcamp on the Science of Security (HotSos '16), April 2016. Preprint

    46. 2015

  46. Akond Rahman, Eric Helms, Laurie Williams, and Chris Parnin "Synthesizing Continuous Deployment Practices Used in Software Development" in Proceedings of 13th Agile Conference, pages 1-10, Washington D.C., USA, August, 2015. Preprint

    47. 2011

  47. Akond Rahman, Md. Atiqul Islam Mollah, and Mahmuda Naznin "Multiple Targets Tracking Using Kinematics in Wireless Sensor Networks" in Wireless Sensor Networks, pages 263-274, August, 2011. Link

    48. 2010

  48. M.M.Shahiduzzaman, Mahmuda Naznin, and Akond Rahman. "Portable and Secure Multimedia Data Transfer in Mobile Phones Using Record Management Store (RMS)" in Proceedings of 3rd IEEE International Conference on Science and Information Technology (ICCSIT), pages 364-367, Chengdu, China, July, 2010. Link
  49. Akond Rahman, Md. Atiqul Islam Mollah, and Mahmuda Naznin "Service Priority Based Target Tracking Framework in a Wireless Sensor Network" in Proceedings of 3rd IEEE International Conference on Science and Information Technology (ICCSIT), pages 389-392, Chengdu, China, July, 2010. Link
  50. Akond Rahman, Mahmuda Naznin, and Md. Atiqul Islam Mollah "Energy Efficient Multiple Targets Tracking Using Target Kinematics in Wireless Sensor Networks" in Proceedings of 4th International Conference on Sensor Technologies and Applications (SensorComm), pages 275-280, Venice, Italy, July, 2010. Link