Md Basim Uddin Ahmed

Software Engineer & AI Researcher

I build exceptional digital products that drive reliable, innovative solutions, powered by 3 years of development and 2 years of AI/SE research experience.

About Me

Md Basim Uddin Ahmed

I'm a software engineer and applied-AI researcher focused on large-language-model tooling for software-security analysis. My expertise blends modern web app development skills with hands-on experimentation in state-of-the-art LLMs.

Currently, I am completing my M.Sc. at York University, where my thesis investigates LLM-assisted vulnerability detection. Previously, I worked for 3 years as a software engineer at Dynamic Solution Innovators Ltd. and Synopsys Inc., contributing to large-scale and high-quality Java and Spring systems.

When I'm not working, you can find me traveling🌴, doing music🎸, or experimenting with new technologies🧑‍💻.

Experience

💼Professional Experience

Associate Software Engineer

Jul 2021 - Jul 2024

Here I worked on the HEMS project which is a nation-wide examination management system.

  • Contributed to the initial database design of the application.
  • Implemented the module that processes the grades of around 30,000 students per year.
  • Integrated 2 payment gateways managing transactions of around 4 million BDT per year.
  • Implemented REST APIs for mobile apps including JWT authentication.
Java logoJavaSpringBoot logoSpringBootPostgreSQL logoPostgreSQLRedis logoRedis

Software Engineer (External)

Aug 2023 - Jul 2024

Remotely worked with Synopsys Inc. as an offshore employee from DSi. Worked on Synopsys-Detect project (now renamed to BlackDuck-Detect) which is a software compositional analysis tool. It scans a software repository to find component, security, and license vulnerabilities resulting from project dependencies.

  • Worked on migrating the Detect project CI/CD pipeline from Jenkins to GitHub Actions.
  • Found and fixed 2 hidden bugs in the current CI/CD that fixed cron jobs and artifact versioning.
  • Fixed the broken analytics dashboard by migrating project analytics from Google UA to G44 protocol.
Java logoJavaGradle logoGradleJenkins logoJenkinsGitHub Actions logoGitHub ActionsGoogle Analytics logoGoogle Analytics

💡Research Experience

LLM-based C/C++ Vulnerability Detection Benchmark

York UniversityToronto, Canada
Dec 2024 - May 2025

In this project, I constructed a benchmark dataset of C/C++ vulnerabilities called SecVulEval. It solves the lack of statement-level granularity and contextual information in previous datasets.

  • Collected 5,867 real-world C/C++ vulnerabilities.
  • Curated 25,440 functions, including vulnerable statements and contextual information, related to the vulnerabilities.
  • Designed and implemented an agentic vulnerability detection framework to evaluate various LLMs on C/C++ vulnerability detection.
  • Made the dataset publicly available at HuggingFace - SecVulEval for community use.
  • Published the details of the work in the paper SecVulEval: Benchmarking LLMs for Real-World C/C++ Vulnerability Detection.
Python logoPythonTransformers logoTransformersOpenAI SDK logoOpenAI SDK

Bug Detection Framework for Java Static Analysis Tools with LLMs

York UniversityToronto, Canada
Mar 2025 - Jul 2025

Static analysis tools are widely adopted in the industry to detect bugs in software systems. However, it is important that the tools themselves are reliable, i.e., do not miss bugs or produce false positives. In this project, I created an LLM-based metamorphic testing framework to detect inconsistencies in Java static analysis tools.

  • Analyzed 3 popular Java static analysis tools: SpotBugs, ErrorProne, and PMD.
  • Designed and implemented an LLM-based metamorphic testing framework to uncover faulty rule implementations in Java static analysis tools.
  • Evaluated 5 widely used coding LLMs—GPT-4o, CodeLlama-34B, Codestral-22B, DeepSeek-Coder-33B, and Qwen2.5-Coder-32B.—on their ability to uncover bugs in the static analysis tools.
  • Uncovered total 42 faulty rule implementations in all 3 tools. All the bugs have been reported to the respective developers.
Python logoPythonJava logoJavaTransformers logoTransformersOpenAI SDK logoOpenAI SDKSpotBugs logoSpotBugsErrorProne logoErrorPronePMD logoPMD
Full Resume

Skills & Technologies

Languages icon

Languages

Java iconJavaPython iconPythonJavaScript iconJavaScript
Frameworks icon

Frameworks

SpringBoot iconSpringBootNode.js iconNode.jsPyTorch iconPyTorch
Database & ORMs icon

Database & ORMs

PostgreSQL iconPostgreSQLRedis iconRedisHibernate iconHibernate
DevOps icon

DevOps

Docker iconDockerGitHub Actions iconGitHub ActionsJenkins iconJenkins
Tools icon

Tools

Bash iconBashGit iconGitGoogle Analytics iconGoogle Analytics

Projects

SaliencyMix

SaliencyMix

This project is a replication of the experiments from the paper SaliencyMix from ICLR 2021.

PyTorchOpenCV
HF ML App Analysis

HF ML App Analysis

Simple data analysis project to analyze the ease and maintainability of Text Classification and Text Generation applications/models in HuggingFace.

NumPyPandasMatplotlibLizard

Education

York UniversityToronto, Canada

🎓Master of Science in Computer Science2024 - Present

Shahjalal University of Science & TechnologySylhet, Bangladesh

🎓Bachelor of Science in Computer Science & Engineering2017 - 2021

Get In Touch

Have a project in mind or just want to connect? Feel free to reach out to me using the form or through any of the channels below.

Social

Location

Toronto, Canada

© 2025 Md Basim Uddin Ahmed. All rights reserved.