Ziaur Rahman

Sk. Tanzir Mehedi, Adnan Anwar, Ziaur Rahman et al.

Security concerns for IoT applications have been alarming because of their widespread use in different enterprise systems. The potential threats to these applications are constantly emerging and changing, and therefore, sophisticated and dependable defense solutions are necessary against such threats. With the rapid development of IoT networks and evolving threat types, the traditional machine learning-based IDS must update to cope with the security requirements of the current sustainable IoT environment. In recent years, deep learning, and deep transfer learning have progressed and experienced great success in different fields and have emerged as a potential solution for dependable network intrusion detection. However, new and emerging challenges have arisen related to the accuracy, efficiency, scalability, and dependability of the traditional IDS in a heterogeneous IoT setup. This manuscript proposes a deep transfer learning-based dependable IDS model that outperforms several existing approaches. The unique contributions include effective attribute selection, which is best suited to identify normal and attack scenarios for a small amount of labeled data, designing a dependable deep transfer learning-based ResNet model, and evaluating considering real-world data. To this end, a comprehensive experimental performance evaluation has been conducted. Extensive analysis and performance evaluation show that the proposed model is robust, more efficient, and has demonstrated better performance, ensuring dependability.

Mustain Billah, Sk. Tanzir Mehedi, Adnan Anwar et al.

While the convergence of Artificial Intelligence (AI) techniques with improved information technology systems ensured enormous benefits to the Internet of Vehicles (IoVs) systems, it also introduced an increased amount of security and privacy threats. To ensure the security of IoVs data, privacy preservation methodologies have gained significant attention in the literature. However, these strategies also need specific adjustments and modifications to cope with the advances in IoVs design. In the interim, Federated Learning (FL) has been proven as an emerging idea to protect IoVs data privacy and security. On the other hand, Blockchain technology is showing prominent possibilities with secured, dispersed, and auditable data recording and sharing schemes. In this paper, we present a comprehensive survey on the application and implementation of Blockchain-Enabled Federated Learning frameworks for IoVs. Besides, probable issues, challenges, solutions, and future research directions for BC-Enabled FL frameworks for IoVs are also presented. This survey can further be used as the basis for developing modern BC-Enabled FL solutions to resolve different data privacy issues and scenarios of IoVs.

Md. Mehedi Hasan, Rafid Mostafiz, Bikash Kumar Paul et al.

ROS 2 has become a dominant middleware for robotic systems, where perception, estimation, planning, and control pipelines are structured as directed acyclic graphs of callbacks executed under a shared executor. However, default ROS 2 executors use best-effort dispatch without cross-DAG priority enforcement, leading to callback contention, structural priority inversion, and deadline instability under concurrent workloads. These limitations restrict deployment in time-critical and safety-sensitive cyber-physical systems. This paper presents ReDAGRT, a user-space global scheduling framework for deterministic multi-DAG execution in unmodified ROS 2. The framework introduces a Rate-Priority driven global ready queue that orders callbacks by activation rate, enforces per-DAG concurrency bounds, and mitigates cross-graph priority inversion without modifying the ROS 2 API, executor interface, or underlying operating system scheduler. We formalize a multi-DAG task model for ROS 2 callback pipelines and analyze cross-DAG interference under Rate-Priority scheduling. Response-time recurrences and schedulability conditions are derived within classical Rate-Monotonic theory. Experiments in a ROS 2 Humble environment compare ReDAGRT against SingleThreadedExecutor and MultiThreadedExecutor using synthetic multi-DAG workloads. Results show up to 29.7 percent reduction in deadline miss rate, 42.9 percent reduction in 99th percentile response time, and 13.7 percent improvement over MultiThreadedExecutor under comparable utilization. Asymmetric per-DAG concurrency bounds further reduce interference by 40.8 percent. These results demonstrate that deterministic and analyzable multi-DAG scheduling can be achieved entirely in the ROS 2 user-space execution layer, providing a practical foundation for real-time robotic middleware in safety-critical systems.

Md. Mehedi Hasan, Ziaur Rahman, Rafid Mostafiz et al.

This paper presents a real-time modular defense system named Sentra-Guard. The system detects and mitigates jailbreak and prompt injection attacks targeting large language models (LLMs). The framework uses a hybrid architecture with FAISS-indexed SBERT embedding representations that capture the semantic meaning of prompts, combined with fine-tuned transformer classifiers, which are machine learning models specialized for distinguishing between benign and adversarial language inputs. It identifies adversarial prompts in both direct and obfuscated attack vectors. A core innovation is the classifier-retriever fusion module, which dynamically computes context-aware risk scores that estimate how likely a prompt is to be adversarial based on its content and context. The framework ensures multilingual resilience with a language-agnostic preprocessing layer. This component automatically translates non-English prompts into English for semantic evaluation, enabling consistent detection across over 100 languages. The system includes a HITL feedback loop, where decisions made by the automated system are reviewed by human experts for continual learning and rapid adaptation under adversarial pressure. Sentra-Guard maintains an evolving dual-labeled knowledge base of benign and malicious prompts, enhancing detection reliability and reducing false positives. Evaluation results show a 99.96% detection rate (AUC = 1.00, F1 = 1.00) and an attack success rate (ASR) of only 0.004%. This outperforms leading baselines such as LlamaGuard-2 (1.3%) and OpenAI Moderation (3.7%). Unlike black-box approaches, Sentra-Guard is transparent, fine-tunable, and compatible with diverse LLM backends. Its modular design supports scalable deployment in both commercial and open-source environments. The system establishes a new state-of-the-art in adversarial LLM defense.

Ziaur Rahman, Xun Yi Ibrahim Khalil

Industry 4.0 is all about doing things in a concurrent, secure, and fine-grained manner. IoT edge-sensors and their associated data play a predominant role in today's industry ecosystem. Breaching data or forging source devices after injecting advanced persistent threats (APT) damages the industry owners' money and loss of operators' lives. The existing challenges include APT injection attacks targeting vulnerable edge devices, insecure data transportation, trust inconsistencies among stakeholders, incompliant data storing mechanisms, etc. Edge-servers often suffer because of their lightweight computation capacity to stamp out unauthorized data or instructions, which in essence, makes them exposed to attackers. When attackers target edge servers while transporting data using traditional PKI-rendered trusts, consortium blockchain (CBC) offers proven techniques to transfer and maintain those sensitive data securely. With the recent improvement of edge machine learning, edge devices can filter malicious data at their end which largely motivates us to institute a Blockchain and AI aligned APT detection system. The unique contributions of the paper include efficient APT detection at the edge and transparent recording of the detection history in an immutable blockchain ledger. In line with that, the certificateless data transfer mechanism boost trust among collaborators and ensure an economical and sustainable mechanism after eliminating existing certificate authority. Finally, the edge-compliant storage technique facilitates efficient predictive maintenance. The respective experimental outcomes reveal that the proposed technique outperforms the other competing systems and models.

Ziaur Rahman, Xun Yi, Ibrahim Khalil et al.

Several efforts have been seen claiming the lightweight block ciphers as a necessarily suitable substitute in securing the Internet of Things. Currently, it has been able to envisage as a pervasive frame of reference almost all across the privacy preserving of smart and sensor-oriented appliances. Different approaches are likely to be inefficient, bringing desired degree of security considering the easiness and surely the process of simplicity but security. Strengthening the well-known symmetric key and block dependent algorithm using either chaos motivated logistic map or elliptic curve has shown a far-reaching potential to be a discretion in secure real-time communication. The popular feature of logistic maps, such as the un-foreseeability and randomness often expected to be used in dynamic key-propagation in sync with chaos and scheduling technique towards data integrity. As a bit alternation in keys, able to come up with oversize deviation, also would have consequence to leverage data confidentiality. Henceforth it may have proximity to time consumption, which may lead to a challenge to make sure instant data exchange between participating node entities. In consideration of delay latency required to both secure encryption and decryption, the proposed approach suggests a modification on the key-origination matrix along with S-box. It has plausibly been taken us to this point that the time required proportionate to the plain-text sent while the plain-text disproportionate to the probability happening a letter on the message made. In line with that the effort so far sought how apparent chaos escalates the desired key-initiation before message transmission.

Ziaur Rahman, Xun Yi, Ibrahim Khalil et al.

The world has been experiencing a mind-blowing expansion of blockchain technology since it was first introduced as an emerging means of cryptocurrency called bitcoin. Currently, it has been regarded as a pervasive frame of reference across almost all research domains, ranging from virtual cash to agriculture or even supply-chain to the Internet of Things. The ability to have a self-administering register with legitimate immutability makes blockchain appealing for the Internet of Things (IoT). As billions of IoT devices are now online in distributed fashion, the huge challenges and questions require to addressed in pursuit of urgently needed solutions. The present paper has been motivated by the aim of facilitating such efforts. The contribution of this work is to figure out those trade-offs the IoT ecosystem usually encounters because of the wrong choice of blockchain technology. Unlike a survey or review, the critical findings of this paper target sorting out specific security challenges of blockchain-IoT Infrastructure. The contribution includes how to direct developers and researchers in this domain to pick out the unblemished combinations of Blockchain enabled IoT applications. In addition, the paper promises to bring a deep insight on Ethereum, Hyperledger blockchain and IOTA technology to show their limitations and prospects in terms of performance and scalability.

Md. Habibur Rahman, Ziaur Rahman, Md. Al - Mustanjid et al.

Nowadays, Software Process Improvement popularly known as SPI has been able to receive an immense concern in the continuous process to purify software quality. Several Agile methodologies previously have worked with Extreme programming (XP). Before improving the process, defect prevention (DP) is inevitable. In addition, DP largely depends on defect detection either found earlier in the design and implementation stages or held in the testing phases. However, testing maturity model integration (TMMI) has a crucial aspect in DP as well as process improvement of the software. In particular, when software gets validated by being tested and fixed the defects up, it achieves the maximum capability maturity model integration (CMMI) aiming the process improvement. Here, the article has proposed an improved defect detection and prevention model to enhance the software process following the approach of XP. Besides, as a unique contribution, we have united the capability and testing model integration to ensure better SPI.

Sk. Tanzir Mehedi, Adnan Anwar, Ziaur Rahman et al.

The Controller Area Network (CAN) bus works as an important protocol in the real-time In-Vehicle Network (IVN) systems for its simple, suitable, and robust architecture. The risk of IVN devices has still been insecure and vulnerable due to the complex data-intensive architectures which greatly increase the accessibility to unauthorized networks and the possibility of various types of cyberattacks. Therefore, the detection of cyberattacks in IVN devices has become a growing interest. With the rapid development of IVNs and evolving threat types, the traditional machine learning-based IDS has to update to cope with the security requirements of the current environment. Nowadays, the progression of deep learning, deep transfer learning, and its impactful outcome in several areas has guided as an effective solution for network intrusion detection. This manuscript proposes a deep transfer learning-based IDS model for IVN along with improved performance in comparison to several other existing models. The unique contributions include effective attribute selection which is best suited to identify malicious CAN messages and accurately detect the normal and abnormal activities, designing a deep transfer learning-based LeNet model, and evaluating considering real-world data. To this end, an extensive experimental performance evaluation has been conducted. The architecture along with empirical analyses shows that the proposed IDS greatly improves the detection accuracy over the mainstream machine learning, deep learning, and benchmark deep transfer learning models and has demonstrated better performance for real-time IVN security.

Mustain Billah, Adnan Anwar, Ziaur Rahman et al.

Accurate building energy prediction is useful in various applications starting from building energy automation and management to optimal storage control. However, vulnerabilities should be considered when designing building energy prediction models, as intelligent attackers can deliberately influence the model performance using sophisticated attack models. These may consequently degrade the prediction accuracy, which may affect the efficiency and performance of the building energy management systems. In this paper, we investigate the impact of bi-level poisoning attacks on regression models of energy usage obtained from household appliances. Furthermore, an effective countermeasure against the poisoning attacks on the prediction model is proposed in this paper. Attacks and defenses are evaluated on a benchmark dataset. Experimental results show that an intelligent cyber-attacker can poison the prediction model to manipulate the decision. However, our proposed solution successfully ensures defense against such poisoning attacks effectively compared to other benchmark techniques.

SK. A. Shezan, S. Rawdah, Shafin Ali et al.

The energy demand is growing daily at an accelerated pace due to the internationalization and development of civilization. Yet proper economic utilization of additional energy generated by the Islanded Hybrid Microgrid System (IHMS) that was not consumed by the load is a major global challenge. To resolve the above-stated summons, this research focuses on a multi-optimal combination of IHMS for the Penang Hill Resort located on Penang Island, Malaysia, with effective use of redundant energy. To avail this excess energy efficiently, an electrical heater along with a storage tank has been designed concerning diversion load having proper energy management. Furthermore, the system design has adopted the HOMER Pro software for profitable and practical analysis. Alongside, MATLAB Simulink had stabilized the whole system by representing the values of 2068 and 19,072 kW that have been determined as the approximated peak and average load per day for the resort. Moreover, the optimized IHMS is comprehended of Photovoltaic (PV) cells, Diesel Generator, Wind Turbine, Battery, and Converter. Adjacent to this, the optimized system ensued in having a Net Present Cost (NPC) of $21.66 million, Renewable Fraction (RF) of 27.8%, Cost of Energy (COE) of $0.165/kWh, CO2 of 1,735,836 kg/year, and excess energy of 517.29MWh per annum. Since the diesel generator lead system was included in the scheme, a COE of $0.217/kWh, CO2 of 5,124,879 kg/year, and NPC of $23.25 million were attained. The amount of excess energy is effectively utilized with an electrical heater as a diversion load.

Ziaur Rahman, Ibrahim Khalil, Xun Yi et al.

There has been an intense concern for security alternatives because of the recent rise of cyber attacks, mainly targeting critical systems such as industry, medical, or energy ecosystem. Though the latest industry infrastructures largely depend on AI-driven maintenance, the prediction based on corrupted data undoubtedly results in loss of life and capital. Admittedly, an inadequate data-protection mechanism can readily challenge the security and reliability of the network. The shortcomings of the conventional cloud or trusted certificate-driven techniques have motivated us to exhibit a unique Blockchain-based framework for a secure and efficient industry 4.0 system. The demonstrated framework obviates the long-established certificate authority after enhancing the consortium Blockchain that reduces the data processing delay, and increases cost-effective throughput. Nonetheless, the distributed industry 4.0 security model entails cooperative trust than depending on a single party, which in essence indulges the costs and threat of the single point of failure. Therefore, multi-signature technique of the proposed framework accomplishes the multi-party authentication, which confirms its applicability for the real-time and collaborative cyber-physical system.

Anichur Rahman, Umme Sara, Dipanjali Kundu et al.

The concept of Industry 4.0 is a newly emerging focus of research throughout the world. However, it has lots of challenges to control data, and it can be addressed with various technologies like Internet of Things (IoT), Big Data, Artificial Intelligence (AI), Software Defined Networking (SDN), and Blockchain (BC) for managing data securely. Further, the complexity of sensors, appliances, sensor networks connecting to the internet and the model of Industry 4.0 has created the challenge of designing systems, infrastructure and smart applications capable of continuously analyzing the data produced. Regarding these, the authors present a distributed Blockchain-based security to industry 4.0 applications with SDN-IoT enabled environment. Where the Blockchain can be capable of leading the robust, privacy and confidentiality to our desired system. In addition, the SDN-IoT incorporates the different services of industry 4.0 with more security as well as flexibility. Furthermore, the authors offer an excellent combination among the technologies like IoT, SDN and Blockchain to improve the security and privacy of Industry 4.0 services properly. Finally , the authors evaluate performance and security in a variety of ways in the presented architecture.

Anichur Rahman, Md. Jahidul Islam, Ziaur Rahman et al.

Condominium network refers to intra-organization networks, where smart buildings or apartments are connected and share resources over the network. Secured communication platform or channel has been highlighted as a key requirement for a reliable condominium which can be ensured by the utilization of the advanced techniques and platforms like Software-Defined Network (SDN), Network Function Virtualization (NFV) and Blockchain (BC). These technologies provide a robust, and secured platform to meet all kinds of challenges, such as safety, confidentiality, flexibility, efficiency, and availability. This work suggests a distributed, scalable IoT-SDN with Blockchain-based NFV framework for a smart condominium (DistB-Condo) that can act as an efficient secured platform for a small community. Moreover, the Blockchain-based IoT-SDN with NFV framework provides the combined benefits of leading technologies. It also presents an optimized Cluster Head Selection (CHS) algorithm for selecting a Cluster Head (CH) among the clusters that efficiently saves energy. Besides, a decentralized and secured Blockchain approach has been introduced that allows more prominent security and privacy to the desired condominium network. Our proposed approach has also the ability to detect attacks in an IoT environment. Eventually, this article evaluates the performance of the proposed architecture using different parameters (e.g., throughput, packet arrival rate, and response time). The proposed approach outperforms the existing OF-Based SDN. DistB-Condo has better throughput on average, and the bandwidth (Mbps) much higher than the OF-Based SDN approach in the presence of attacks. Also, the proposed model has an average response time of 5% less than the core model.

Anjela Diana Corraya, Mousumi Akter Sumi, Sadia Islam Shachi et al.

In today's world, social networking is an important (power full) medium of mass communication. People of almost all classes have been interacting with each other and sharing their views, moments, and ideas by using enormous user-friendly applications in different social networking sites. It's really unbelievable to find a person who never heard about the social network. The available social networking sites usually opportune their users to develop various customized applications through particular templates and embedded sources of codes. The users with average knowledge of development often encounter difficulties to reuse those resources and eventually lack guidelines and necessary API recommendations. In our work, we have proposed a framework and model to help those apps developers through a user assistance plug-in tool that is able to provide identical API usage patterns and sequences in response to a particular user query. We have titled our system as a Social Networking Application Plug-in (SNAP). We search social networking apps repository where multiple storages are bridged and apply respective mining algorithm to find the relevant sequences to fulfill the user needs. It provides similar, most relevant, and functional API usage scenarios as well as gives an option to choose, reuse, and modify the recommended sources. From investigations we have ever made, our SNAP approach is capable to recommend users' error-free, understandable, and minimal API patterns.

Ratul Uddin Ashraf, Anujoy Das, Ziaur Rahman et al.

Software development is getting changed so rapidly. It will be highly benefited if we can accelerate software development process by guiding developers. Appropriate guidelines and accurate recommendations to developers during development process can reduce software development expenses, as well as can save valuable times of developers. There are a number of approaches to speed up the software development process. It can be done through code assistance tools that help developers by recommending relevant items from searching particular repository of Application Programming Interface (API). Some approaches are based on online searching that have some drawbacks due to request and response latency as it has to deal with the extra-large files in a server. Developers generally uses previously completed resources as well as libraries or frameworks to generate relevant snippets which are supplied by the referral repository of APIs. Developers find it hard to choose the appropriate methods as there are thousands of methods in which some are not properly documented. In this paper we have proposed a concept and its respective framework to guide developers that suggests relevant API methods from an offline mined repository. From the investigation we made, we can say that our approach works much better than some of the existing approaches.

Ziaur Rahman, Md. Kamrul Hasan

Reusing previously completed software repository to enhance the development process is a common phenomenon. If developers get suggestions from the existing projects they might be benefited a lot what they eventually expect while coding. The strategies available in this field have been rapidly changing day by day. There are a number of efforts that have been focusing on mining process and constructing repository. Some of them have emphasized on the web based code searching while others have integrated web based code searching in their customized tool. But web based approaches have inefficiency especially in building repository on which they apply mining technologies. To search the code snippets in response to the user query we need an enriched repository with better representation and abstraction. To ensure that repository before mining process we have developed a concept based on Enhancing Software Development Process (ESDP). In ESDP approach multiple sources of codes from both online and offline storages are considered to construct the central repository with XML representation and applied mining techniques in the client side. The respective evaluation shows that ESDP approach works much better in response time and performance than many other existing approaches available today.

Md. Emran, Humaun Kabir, Ziaur Rahman et al.

Software development has been changing rapidly. This development process can be influenced through changing developer friendly approaches. We can save time consumption and accelerate the development process if we can automatically guide programmer during software development. There are some approaches that recommended relevant code snippets and APIitems to the developer. Some approaches apply general code, searching techniques and some approaches use an online based repository mining strategies. But it gets quite difficult to help programmers when they need particular type conversion problems. More specifically when they want to adapt existing interfaces according to their expectation. One of the familiar triumph to guide developers in such situation is adapting collections and arrays through automated adaptation of object ensembles. But how does it help to a novice developer in real time software development that is not explicitly specified? In this paper, we have developed a system that works as a plugin-tool integrated with a particular Data Mining Integrated environment (DMIE) to recommend relevant interface while they seek for a type conversion situation. We have a mined repository of respective adapter classes and related APIs from where developer, search their query and get their result using the relevant transformer classes. The system that recommends developers titled automated objective ensembles (AOE plugin).From the investigation as we have ever made, we can see that our approach much better than some of the existing approaches.

Ziaur Rahman

Nowadays, it has become a basic need to reuse existing Application Programming Interface (API), Class Libraries, and frameworks for rapid software development. Software developers often reuse this by calling the respective APIs or libraries. But in doing so, developers usually encounter different problems in searching for appropriate code snippets. In most cases, API and Libraries are complex and not well structured or well documented. Online search engine consumes time in searching, yet match is not that relevant and representation is not good. To get a suggestion according to the query we can find that snippet online using search engines or code search engines. In some cases database dependent searching and remote web server based mined repository searching bring a problem to the developers. Finding an API recommendation on code search engine often deal with extra-large files that eventually slow down the software development process. We have searched for a solution throughout our work and tried to bring a better outcome. As an alternative action, we have implemented a system what we call Enhancing Software Development Process (ESDP) tool that is able to provide an efficient and working integrated environment to the developers with a better abstraction and representation of the search results and programmers need to be derived from the source codes. We also have built and applied an XML based enriched repository to get a recommendation from the mined repository on the client-side without interacting with the internet-dependent server to save complications and times. We provide the most relevant code skeletons or mapping to programmers or developers using graph-based representation.