Sanjay Malakar

I am a first year P.hD. student in Computer Science at University of California, Riverside (UCR), advised by Dr. Manu Sridharan and a member of the RIPLE group. My research is at the intersection of Program Analysis and Software Security. I am currently working on resource leaks and their automated repairs solutions.

Before embarking on my Ph.D. journey, I held the role of senior software engineer at OpenRefactory, Inc., a Silicon Valley-based deep-tech software company that focuses on automatically fixing security, reliability, and compliance bugs.

I received my Bachelor of Science degree in Computer Science and Engineering from Bangladesh University of Engineering and Technology. I completed my undergraduate thesis under the supervision of professor Dr. Rifat Shahriyar on addressing atomicity bugs in software. Besides that, I worked with Dr. Gias Uddin and Dr. Anindya Iqbal on an empirical study of low-code software development challenges.

Apart from my academic activities, I like to travel to new places. In my free time, I enjoy solving problems on data structure and algorithms, watching anime, and playing FPS games.

Experience

Senior Software Engineer

OpenRefactory, Inc.

Developed Intelligent Code Repair (iCR), an innovative Static Application Security Testing (SAST) tool that automatically synthesizes fixes for over half of all detected bugs. Contributed remotely from Dhaka, Bangladesh, implementing iCR for Java, Python, and Go. Key responsibilities and contributions:

Contributed to iCR’s core IP by working on static program analysis.
Developed and implemented algorithms for a robust pointer analysis engine for Java, Python, and Go.
Restructured the deployment architecture from monolithic to microservices for scalable enterprise use as a SaaS.
Executed deep performance hacking to resolve memory issues, optimizing iCR’s serialization with ProtoBuf.
Contributed to creating deep learning‐based algorithms to detect logical bugs in Python source code.
Conducted research and development on identifying software weaknesses and vulnerabilities.
Established CI/CD workflows, incorporating UI testing for streamlined deployment.

February 2021 - August 2023

Education

University of California, Riverside

Doctor of Philosophy

Computer Science

CGPA: 4.00/4.00

September 2023 - Present

Bangladesh University of Engineering and Technology

Bachelor of Science

Computer Science and Engineering

CGPA: 3.60/4.00
Major CGPA: 3.81/4.00

February 2016 - February 2021

Notre Dame College

Secondary School Certificate

GPA: 5.00/5.00

July 2013 - June 2015

Research

Developer Discussion Topics on the Adoption and Barriers of Low Code Software Development Platforms

Co-Authors: Md Abdullah Al Alamin, Gias Uddin, Sadia Afroz, Tameem Bin Haider, Anindya Iqbal

The Empirical Software Engineering (EMSE) journal invited us to extend our MSR'21 paper titled, An Empirical Study of Developer Discussions on Low Code Software Development Challenges. We applied topic modeling to 33K relevant Stack Overflow posts of 38 popular low-code platforms and manually annotated statistically significant data samples to reach our conclusions.

Status: Accepted in 2023 Elsevier Empirical Software Engineering Journal (EMSE). [PDF] [CODE]

An Empirical Study of Developer Discussions on Low-Code Software Development Challenges

Co-Authors: Md Abdullah Al Alamin, Gias Uddin, Sadia Afroz, Tameem Bin Haider, Anindya Iqbal

We presented a novel empirical study of around 5K Stack Overflow posts that contain discussions of nine popular low-code development platforms. We presented the low-code platform trends and discussed the difficulties that developers encounter while adopting these platforms. Our findings offered implications for low-code practitioners, platform providers, educators, and researchers.

Status: Accepted in 2021 IEEE/ACM 18th International Conference on Mining Software Repositories (MSR). [PDF] [Code] [Video]

RaceFixer - An Automated Data Race Fixer

Co-Authors: Tameem Bin Haider, Rifat Shahriyar

We developed a Clang-based tool that automates fixing single-variable atomicity violations. We utilized the bug reports of an existing bug-detection tool, ThreadSanitizer. We augmented them with static analysis to construct a suitable patch for each bug report, with the best effort to reuse locks and avoid deadlocks.

Status: In preparation for Concurrency and Computation: Practice and Experience.. [PDF]

Skills

Languages: Java, C, C++, Python, JavaScript, Matlab, Shell, Dart

Database: Oracle, MySQL, MongoDB, SQLite, Firebase

Frameworks: Django, React, Flutter, Express.js, JavaFX, Scrapy

Libraries: NumPy, Pandas, TensorFlow, Scikit Learn, Matplotlib

Web Technology: REST API, tRPC, Bootstrap, Tailwind CSS, Nginx

DevOps: Docker, Kubernetes, OpenShift, Jenkins, Ansible

Cloud: Amazon EC2, S3 Bucket, Azure, Linode

Technical Writing: LaTeX, Beamer, Overleaf

Build Tools: CMake, Gradle, Apache Maven

Others: Git, LLVM, Eclipse JDT, IntelliJ Platform SDK

Achievements

Scholarships

Deans Distinguished Fellowship - Awarded at the University of California, Riverside (2023-2024)
University Merit Scholarship - Achieved stipends from BUET in four out of seven terms for excellent result
Talentpool Scholarship - Achieved from Bangladesh Government in Higher Secondary School Certificate Examination (2016-2020), Secondary School Certificate Examination (2014-2015), and Junior School Certificate Examination (2011-2012) for outstanding performance

Awards

Dean's List Award - Got award from BUET in Junior year for an extraordinary result
Shapla Cub Award - Received from the honorable Prime Minister of Bangladesh for extraordinary performance as a Cub Scout

Certification

LinkedIn Assessment: C, C++, Java, Python, JavaScript, React.js, and Machine Learning
Coursera: Deep Learning Specialization, Machine Learning, Python for Everybody Specialization, Version Control with Git
Udemy: Practical OpenShift for Developers - OpenShift 4, React - The Complete Guide (incl Hooks, React Router, Redux)
HackerRank: Problem Solving (Advanced) Certificate

Problem Solving

LeetCode: Ranked with % acceptance rate

Co-organizer

Actively worked as an organizer of BUET CSE FEST 2019, 2020
Freshmen Student Reception Program, CSE, BUET (2017)

Projects

DNS Cache Poisoning

| Tools : Bind9, Virtual Machines

Remote DNS cache poisoning attack exploiting Kaminsky's DNS Cache poisoning flaw. (CVE-2008-1447)

Website developement for flight and hotel room reservation system

| Tools : Django, JavaScript, SQLite

Developed a website as my level-4/term-1 project where customers can book flight tickets and hotel rooms through card payment, and companies can update their page and manage bookings.

DX-Ball

| Tools : Micro-controller, Accelerometer sensor

The popular arcade game DX-Ball with LED Dot Matrix and Atmega32 micro-controller.

Software developement for football club management

| Tools : Java, JavaFX, Oracle Database

An application that stores all information about the club (players, managers, games). Admin of the club can update, add, and delete this information and generate graphs from given data.

Tic-Tac-Toe

| Tools : Game theory, OpenGL

Tic-Tac-Toe game using Minimax algorithm created in C++ using a wrapper for OpenGL in 2D.

MISCELLANEOUS

C Compiler : Using lexical analyzer and parser designing tools.
4-bit Microprocessor: Using Atmel Studio, MIPS architecture.
AI: Simulating the Mancala game by using basic algorithms in Artificial Intelligence.
Machine Learning: Exploring different ML algorithms such as KNN, Decision Tree, Naive Bayes, Neural Networks, etc.
Networking: Modifying some functionalities of the computer network in NS2.
Others: Implementing some functionalities of an OS on XV6, Ray tracing using OpenGL.

Contact

463 Winston Chung Hall, 900 University Ave. Riverside, CA 92521

iamsanjaymalakar@gmail.com
smala009@ucr.edu