Research
Current research interests and ongoing projects
Research Interests
An Empirical Study on Remote Code Execution in ML Model Hosting Ecosystems
First large-scale cross-platform study analyzing ~45,000 repositories across 5 major platforms (Hugging Face, ModelScope, OpenCSG, OpenMMLab, PyTorch Hub) with co-authors Mohammad Latif Siddiq and Joanna C. Santos. Detected security vulnerabilities using static analyzers (Bandit, CodeQL, Semgrep) and YARA malware signatures: found CWE-502 (unsafe deserialization) in 74.54% and CWE-95 (eval injection) in 15.02% of affected repositories; 10.41% of Hugging Face repos contain security smells. Analyzed 600+ developer discussions to create taxonomy of security misconceptions; revealed only 6.6% SafeTensors adoption and widespread trust_remote_code usage. In Review at MSR 2026.
All Research Projects
Extending ReAgent to detect aligned backdoors that maintain semantic consistency while subverting user intent through preference manipulation.
Multi-Agent Framework for Generating Relational DB Schema & ERD
Targeting PVLDBExtended SchemaAgent with LangGraph StateGraph architecture and 3-tier auto-repair system, reducing redundant LLM calls by 80%.
Developed uReporter -- Bangladesh's first anonymous reporting system during 2024 national crisis, analyzing 124 crowd-sourced reports using transformer models.
Undergraduate thesis on blockchain framework for EHR management with encrypted off-chain IPFS storage and on-chain Ethereum access control.