Biography
I am a Ph.D. candidate and Graduate Research Assistant at Auburn University, AL, USA, working in the Computer Science and Software Engineering Department. I hold a Bachelor of Science (B.Sc.) in CSE from Bangladesh University of Engineering and Technology (BUET) and have previously worked as a Software Engineer (DevOps) at a Fin-Tech start-up, iPay Systems Limited, in Bangladesh.
I am passionate about DevOps, Software Security, and Cybersecurity education. My research focuses on developing security analysis tools and innovative techniques for software practitioners, enabling them to better understand and implement security measures in their software applications. Currently, I am working in the Practical and Actionable Software Engineering Research (PASER) group at Auburn University, where I collaborate with Professor Dr. Akond Rahman. We are developing security analysis tools and techniques to help practitioners prevent security misconfigurations in Kubernetes-based container deployments. Additionally, we are working on creating hands-on cybersecurity exercises for students.
- Software Engineering
- DevOps
- Cybersecurity Education
PhD in Computer Science and Software Engineering, 2024 (May 2024 Expected)
Auburn University
BSc in Computer Science and Engineering, 2016
Bangladesh University of Engineering and Technology
Experience
- Created a map between AWS CIS Kubernetes recommendations and the rules of open-source Kubernetes security analysis tools.
- Designed and conducted a survey among the practitioners to understand their perceptions of Kubernetes CIS recommendations.
- Created an Oracle dataset from the proprietary repositories and executed static analysis tools on the Oracle dataset.
- Reported precision, recall and low agreements, coverage among the static analysis tools on the static analysis results.
- Collaborated with the product security team to execute dynamic analysis tools in production clusters and reported low AWS CIS Kubernetes recommendation coverage and low agreement among the dynamic analysis tool.
- Collaborated with the data team and internal stakeholders to identify 66 relevant attributes out of 780 in the data of the past 24 months.
- Performed feature selection on the relevant attributes and identified 15 attributes that are correlated more with the freight inspection.
- Conducted statistical analysis and created visualizations to explore freight inspection, which is a rare event ($<$0.02%).
- Developed several machine learning models for freight inspection prediction, and proposed an autoencoder model that outperformed other models by uncovering latent patterns in the data related to freight inspection.
- Increased deployment frequency by 200% and reduced downtime by automating CI/CD pipelines with Jenkins, Ansible, and deploying Docker containers in production Docker swarm cluster
- Configured and managed the ELK cluster for a centralized logging system with Apache Kafka and Zookeeper.
- Built real-time monitoring and alert systems for the Kibana visualizer and Elastic search for the production application.
- Performed security scanning for vulnerabilities in the production cluster to comply with PCI-DSS standards.
- Developed a cross-platform automated test suite for mobile platforms such as Android, iOS and web platforms with Calabash, Appium, and Capybara frameworks, respectively, that saved 20 hours for UI feature testing time for each release.
- Designed API automated test suites and used SonarQube for code security analysis with CI pipeline that saved 10 hours per release.
Publications
Contact
Please send an email if you are interested about my work and research
- mzs0283@auburn.edu, shazibulislam.shamim@gmail.com
- +1 931 252 8439
- 345 W Magnolia Av,, Auburn, AL 36849
- 3137 (Collaborative Software Engineering Lab)
-
Monday 10:00 to 13:00
Wednesday 09:00 to 10:00 - Book an appointment
- DM Me
- Skype Me
- Zoom Me