Akond A. U. Rahman

Works (17)

Updated: July 5th, 2023 15:38

2021 article

Different Kind of Smells: Security Smells in Infrastructure as Code Scripts

Rahman, A., & Williams, L. (2021, March 29). IEEE Security & Privacy.

By: A. Rahman* & L. Williams n

topics (OpenAlex): Advanced Malware Detection Techniques; Security and Verification in Computing; Information and Cyber Security
TL;DR: This article summarizes the recent research findings related to infrastructure as code (IaC) scripts, where 67,801 occurrences of security smells that include 9,175 hard-coded passwords are identified. (via Semantic Scholar)
UN Sustainable Development Goals Color Wheel
UN Sustainable Development Goal Categories
9. Industry, Innovation and Infrastructure (OpenAlex)
Source: Web Of Science
Added: June 10, 2021

2021 article

Security Smells in Ansible and Chef Scripts

Rahman, A., Rahman, M. R., Parnin, C., & Williams, L. (2021, January 20). ACM Transactions on Software Engineering and Methodology.

By: A. Rahman*, M. Rahman n, C. Parnin n & L. Williams n

topics (OpenAlex): Advanced Malware Detection Techniques; Information and Cyber Security; Software Engineering Research
TL;DR: This article identifies two security smells not reported in prior work: missing default in case statement and no integrity check and recommends practitioners to rigorously inspect the presence of the identified security smells in Ansible and Chef scripts using code review, and static analysis tools. (via Semantic Scholar)
UN Sustainable Development Goals Color Wheel
UN Sustainable Development Goal Categories
9. Industry, Innovation and Infrastructure (OpenAlex)
Source: Web Of Science
Added: March 8, 2021

2020 article

Gang of eight

Rahman, A., Farhana, E., Parnin, C., & Williams, L. (2020, June 27).

By: A. Rahman*, E. Farhana n, C. Parnin n & L. Williams n

author keywords: bug; category; configuration as code; configuration scripts; defect; devops; infrastructure as code; puppet; software quality; taxonomy
topics (OpenAlex): Software Engineering Research; Software System Performance and Reliability; Software Reliability and Analysis Research
TL;DR: A taxonomy of IaC defects is developed by applying qualitative analysis on 1,448 defect-related commits collected from open source software (OSS) repositories of the Openstack organization and the quantified frequency of the defect categories may help in advancing the science of IAC script quality. (via Semantic Scholar)
UN Sustainable Development Goals Color Wheel
UN Sustainable Development Goal Categories
9. Industry, Innovation and Infrastructure (OpenAlex)
Source: Web Of Science
Added: June 21, 2021

2020 article

The ‘as code’ activities: development anti-patterns for infrastructure as code

Rahman, A., Farhana, E., & Williams, L. (2020, August 17). Empirical Software Engineering.

By: A. Rahman*, E. Farhana n & L. Williams n

author keywords: Anti-pattern; Bugs; Configuration script; Continuous deployment; Defect; Devops; Infrastructure as code; Practice; Puppet; Quality
topics (OpenAlex): Software Engineering Research; Software System Performance and Reliability; Advanced Software Engineering Methodologies
TL;DR: Five development anti-patterns of infrastructure as code (IaC) scripts, namely, ‘boss is not around’, “many cooks spoil”, � ‘minors are spoiler‚, ’silos‚ and ‘unfocused contribution’ are identified. (via Semantic Scholar)
UN Sustainable Development Goals Color Wheel
UN Sustainable Development Goal Categories
9. Industry, Innovation and Infrastructure (OpenAlex)
Source: Web Of Science
Added: September 7, 2020

2019 article

Blockchain Enabled AI Marketplace: The Price You Pay for Trust

Sarpatwar, K., Ganapavarapu, V. S., Shanmugam, K., Rahman, A., & Vaculin, R. (2019, June 1).

By: K. Sarpatwar*, V. Ganapavarapu*, K. Shanmugam*, A. Rahman n & R. Vaculin*

topics (OpenAlex): Privacy-Preserving Technologies in Data; Blockchain Technology Applications and Security; Cryptography and Data Security
TL;DR: This work provides a blockchain implementation that enables an "AI marketplace": a platform where consumers and data providers can transact data and/or models and derive value and demonstrates that the blockchain implementation plays a crucial role in addressing the issue of fair value attribution and privacy in a trustable way. (via Semantic Scholar)
UN Sustainable Development Goals Color Wheel
UN Sustainable Development Goal Categories
Source: Web Of Science
Added: October 5, 2020

2019 article

Share, But be Aware: Security Smells in Python Gists

Rahman, M. R., Rahman, A., & Williams, L. (2019, September 1).

By: M. Rahman n, A. Rahman* & L. Williams n

author keywords: GitHub; Gist; Python; Security; Security Smell; Static Analysis; Software Security
topics (OpenAlex): Software Engineering Research; Advanced Malware Detection Techniques; Security and Verification in Computing
TL;DR: This paper finds 13 types of security smells with 4,403 occurrences in 5,822 publicly-available Python Gists and finds no significance relation between the presence of these security smells and the reputation of the Gist author. (via Semantic Scholar)
UN Sustainable Development Goals Color Wheel
UN Sustainable Development Goal Categories
16. Peace, Justice and Strong Institutions (OpenAlex)
Source: Web Of Science
Added: April 14, 2020

2019 article

Source code properties of defective infrastructure as code scripts

Rahman, A., & Williams, L. (2019, May 2). Information and Software Technology.

By: A. Rahman n & L. Williams n

author keywords: Configuration as code; Continuous deployment; Defect prediction; Devops; Empirical study; Infrastructure as code; Puppet
topics (OpenAlex): Software Engineering Research; Software System Performance and Reliability; Software Reliability and Analysis Research
TL;DR: This paper applies qualitative analysis on defect-related commits mined from open source software repositories to identify source code properties that correlate with defective IaC scripts and constructs defect prediction models using the identified properties. (via Semantic Scholar)
UN Sustainable Development Goals Color Wheel
UN Sustainable Development Goal Categories
9. Industry, Innovation and Infrastructure (OpenAlex)
Source: Web Of Science
Added: June 17, 2019

2019 article

The Seven Sins: Security Smells in Infrastructure as Code Scripts

Rahman, A., Parnin, C., & Williams, L. (2019, May 1).

By: A. Rahman n, C. Parnin n & L. Williams n

author keywords: devops; devsecops; empirical study; infrastructure as code; puppet; security; smell; static analysis
topics (OpenAlex): Software Engineering Research; Advanced Malware Detection Techniques; Information and Cyber Security
TL;DR: The goal of this paper is to help practitioners avoid insecure coding practices while developing infrastructure as code (IaC) scripts through an empirical study of security smells in IaC scripts. (via Semantic Scholar)
UN Sustainable Development Goals Color Wheel
UN Sustainable Development Goal Categories
9. Industry, Innovation and Infrastructure (OpenAlex)
Source: Web Of Science
Added: September 7, 2020

2018 article

A systematic mapping study of infrastructure as code research

Rahman, A., Mahdavi-Hezaveh, R., & Williams, L. (2018, December 12). Information and Software Technology.

By: A. Rahman n, R. Mahdavi-Hezaveh n & L. Williams n

author keywords: Devops; Configuration as code; Configuration script; Continuous deployment; Infrastructure as code; Software engineering; Systematic mapping study
topics (OpenAlex): Information and Cyber Security; Advanced Malware Detection Techniques; Service-Oriented Architecture and Web Services
TL;DR: The findings suggest that framework or tools is a well-studied topic in IaC research, as defects and security flaws can have serious consequences for the deployment and development environments in DevOps. (via Semantic Scholar)
Source: Web Of Science
Added: March 11, 2019

2018 article

Characteristics of defective infrastructure as code scripts in DevOps

Rahman, A. (2018, May 27).

By: A. Rahman n

author keywords: defects; devops; infrastructure as code; metrics
topics (OpenAlex): Software Engineering Research; Software System Performance and Reliability; Software Reliability and Analysis Research
TL;DR: Methods to help practitioners increase the quality of IaC scripts are proposed to identify structural characteristics that correlate with defects, and identify characteristics that violate security and privacy objectives. (via Semantic Scholar)
UN Sustainable Development Goals Color Wheel
UN Sustainable Development Goal Categories
9. Industry, Innovation and Infrastructure (OpenAlex)
Source: Web Of Science
Added: December 3, 2018

2018 article

Characterizing the influence of continuous integration: empirical results from 250+ open source and proprietary projects

Rahman, A., Agrawal, A., Krishna, R., & Sobran, A. (2018, November 5).

By: A. Rahman n, A. Agrawal n, R. Krishna n & A. Sobran*

author keywords: Continuous Integration; DevOps; GitHub; Mining Software Repositories; Software Development Practice
topics (OpenAlex): Software Engineering Research; Open Source Software Innovations; Software Testing and Debugging Techniques
TL;DR: The findings indicate that only adoption of CI might not be enough to the improve software development process, and recommend industry practitioners to adopt the best practices of CI to reap the benefits of CI tools for example, making frequent commits. (via Semantic Scholar)
Source: Web Of Science
Added: April 2, 2019

2018 article

Comprehension effort and programming activities

Rahman, A. (2018, May 28).

By: A. Rahman n

author keywords: Comprehension; Halstead's complexity; Programmer behavior
topics (OpenAlex): Software Engineering Research; Software System Performance and Reliability; Software Engineering Techniques and Practices
TL;DR: An empirical study using the MSR 2018 Mining Challenge Dataset quantifies programmers' comprehension effort, and investigates the relationship between program comprehension effort and four programming activities: navigating, editing, building projects, and debugging. (via Semantic Scholar)
Source: Web Of Science
Added: March 4, 2019

2018 article

Defect prediction metrics for infrastructure as code scripts in DevOps

Rahman, A., Stallings, J., & Williams, L. (2018, May 27). Proceedings - International Conference on Software Engineering, pp. 414–415.

By: A. Rahman n, J. Stallings n & L. Williams n

Contributors: A. Rahman n, J. Stallings n & L. Williams n

author keywords: Continuous Deployment; DevOps; Infrastructure as Code; Metrics
topics (OpenAlex): Software System Performance and Reliability; Software Engineering Research; Service-Oriented Architecture and Web Services
TL;DR: The goal of this paper is to help software practitioners in prioritizing their inspection efforts for infrastructure as code (IaC) scripts by proposing defect prediction model-related metrics, and applies Constructivist Grounded Theory on defect-related commits mined from version control systems to identify metrics suitable for IaC scripts. (via Semantic Scholar)
UN Sustainable Development Goals Color Wheel
UN Sustainable Development Goal Categories
9. Industry, Innovation and Infrastructure (OpenAlex)
Sources: Web Of Science, ORCID
Added: December 3, 2018

2018 article

What questions do programmers ask about configuration as code?

Rahman, A., Partho, A., Morrison, P., & Williams, L. (2018, May 29).

By: A. Rahman n, A. Partho, P. Morrison n & L. Williams n

author keywords: challenge; configuration as code; continuous deployment; devops; infrastructure as code; programming; puppet; question; stack over-flow
topics (OpenAlex): Software Engineering Research; Software Engineering Techniques and Practices; Software System Performance and Reliability
TL;DR: This paper extracts 2,758 Puppet-related questions asked by programmers from January 2010 to December 2016, posted on Stack Overflow, and applies qualitative analysis to identify the questions programmers ask about Puppet. (via Semantic Scholar)
Source: Web Of Science
Added: January 21, 2019

2016 article

Software security in DevOps

Rahman, A. A. U., & Williams, L. (2016, May 14).

By: A. Rahman n & L. Williams n

author keywords: DevOps; security; software practices; survey
topics (OpenAlex): Software Engineering Techniques and Practices; Software Engineering Research; Information and Cyber Security
TL;DR: The goal of this paper is to aid software practitioners in integrating security and DevOps by summarizing experiences in utilizing security practices in a DevOps environment by analyzing a selected set of Internet artifacts. (via Semantic Scholar)
Source: Web Of Science
Added: August 6, 2018

2016 conference paper

Tutorial: text analytics for security

Symposium and Bootcamp on the Science of Security, 124–125.

By: T. Xie & W. Enck

Source: NC State University Libraries
Added: August 6, 2018

2015 article

Synthesizing Continuous Deployment Practices Used in Software Development

Rahman, A. A. U., Helms, E., Williams, L., & Parnin, C. (2015, August 1).

By: A. Rahman n, E. Helms n, L. Williams n & C. Parnin n

author keywords: agile; continuous deployment; continuous delivery; industry practices; internet artifacts; follow-up inquiries
topics (OpenAlex): Software Engineering Techniques and Practices; Software Engineering Research; Software System Performance and Reliability
TL;DR: It is observed that continuous deployment necessitates the consistent use of sound software engineering practices such as automated testing, automated deployment, and code review, which are used by software companies. (via Semantic Scholar)
Source: Web Of Science
Added: August 6, 2018

Citation Index includes data from a number of different sources. If you have questions about the sources of data in the Citation Index or need a set of data which is free to re-distribute, please contact us.

Certain data included herein are derived from the Web of Science© and InCites© (2026) of Clarivate Analytics. All rights reserved. You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.