Research

I am conducting research on software engineering as a member of the Purdue Duality Lab.

Nowadays, my research primarily investigates regular expressions (regexes) and their role in software engineering and web security. Regexes are powerful yet notoriously difficult to master, often leading to software defects and vulnerabilities, such as Regex Denial of Service (ReDoS). My work explores regex usability, reliability, and security implications.

Additionally, I am exploring the incorporation of Software Engineering for AI/ML (SE4AI/SE4ML) into my broader research agenda. This line of work focuses on the open-source pre-trained model (PTM) supply chain regarding trustworthiness, reusability, and security.

Technical Reports

  1. B. Çakar, C. M. Sale, S. Chen, E. H. Burmane, D. Lee, and J. C. Davis, “Is Reuse All You Need? A Systematic Comparison of Regular Expression Composition Strategies,” Mar. 2025. [Online]. Available at: https://arxiv.org/abs/2503.20579.
  2. W. Jiang, B. Çakar, M. Lysenko, and J. C. Davis, “ConfuGuard: Using Metadata to Detect Active and Stealthy Package Confusion Attacks Accurately and at Scale,” Feb. 2025. [Online]. Available at: https://arxiv.org/abs/2502.20528.
  3. M. H. M. Bhuiyan, B. Çakar, E. H. Burmane, J. C. Davis, and C. A. Staicu, “SoK: A Literature and Engineering Review of Regular Expression Denial of Service,” Jan. 2025. [Online]. Available at: https://arxiv.org/abs/2406.11618.