Biography 

Najla’a A. M. Draib is a dedicated academic and researcher with extensive expertise in computer science and software engineering. She earned her Master’s degree in Computer Science from Universiti Putra Malaysia in 2015 and completed her Ph.D. in Software Engineering at the same esteemed institution in 2023. 
In addition to her academic achievements, she pursued a postgraduate diploma in education from Al-Madinah International University, Malaysia, in 2021, broadening her skill set to encompass educational practices alongside her technological prowess. 
She specializes in software security testing, advanced software analysis, and the development of innovative methods for vulnerability detection and mitigation. Her work is supported by a strong academic foundation and practical experience.

Research Interest

Her research focuses on software security testing, advanced software analysis, and the development of innovative approaches for vulnerability detection and mitigation. She is particularly interested in leveraging Artificial Intelligence (AI) and Machine Learning (ML) to strengthen cybersecurity, with emphasis on automated vulnerability prediction, intelligent threat modeling, and proactive risk mitigation aimed at enhancing and automating modern defense strategies.

Educational Background

• PhD, University Putra Malaysia (2023)

• MSc, University Putra Malaysia (2015) 

• BSc, Thamar University, Yemen (2002)

• Postgraduate Diploma in Education, Al-Madinah International University, Malaysia (2021)

Working Experience

• Lecturer, Xiamen University Malaysia (March 2024 - present) 

• A-Level CS Teacher, International Modern Arabic School (2021 – March 2024)

• Teaching Assistant, Thamar University, Yemen      (2003 – 2011)

Research Experience

• 2013-2014: Enhancing information sharing during university course timetable planning.  
  Objective: Designed and developed an autonomous tool to improve information sharing among university departments during course timetabling. 
  Skills: WEB languages (XHTML, CSS, JSP, JavaScript), Databases (SQL), Development environment (NetBeans IDE)  
  Nature of project: MSc Research in Computer Science at The Universiti of Putra Malaysia   
  Outcome: Published findings in international journals and conferences. 

• 2015-2022: Security Testing of Web Applications for Detecting and Removing Second-order SQL Injection Vulnerabilities  
  Objective: Developed a novel automated static analysis technique for detecting and removing second-order SQL injection vulnerabilities in web application source code. 
  Skills: Web Language (Java, PHP), Databases (SQL), Development environment (Eclipse), 
  Tools (ANTLR)  
  Nature of project: PhD Research in Software Engineering (Web application Security) at The Universiti Putra Malaysia (UPM)  
  Objective: To develop a new automated static analysis technique for detecting and removing second-order SQL injection vulnerabilities in web applications' source code. 

• Research Project (Funded) – Developing a Standardized Benchmark   Dataset for Detecting Second-Order SQL Injection Vulnerabilities 
  Funding: XMUM Research Fund (XMUMRF), 2025–2027 
  Objective: Create a comprehensive benchmark dataset to facilitate accurate evaluation and comparison of tools designed for detecting second-order SQL injection vulnerabilities.

Representative Publications

• Journals:

1. Draib, Najla’a, Md Sultan Abu Bakar, Abdu Gani Abdul Azim, Z. H. (2018). Security testing of web applications for detecting and exploiting second-order SQL injection vulnerabilities. Journal of Engineering and Applied Sciences, 13(20),8426–8431.  http://medwelljournals.com/abstract/?doi=jeasci.2018.8426.8431  

2. Draib, N., Sultan, A. B., Ghani, A. A., & Zulzalil, H. (2022). SQL Injection vulnerabilitie : Understanding Eliminating Approaches in Web Applications. International Journal of Mechanical Engineering,  7(1),  6290–6296. https://kalaharijournals.com/resources/IJME_Vol7.1_639.pdf 

3. Draib, N., Sultan, A. B. M., Ghani, A. A. B. A., & Zulzalil, H. (2018). Comparison of Security Testing Approaches for Detection of SQL Injection Vulnerabilities. International  Journal of Engineering  &  Technology,  7(4.1),  1417. https://doi.org/10.14419/ijet.v7i4.1.19483 

4. Draib, N., Sultan, A. B. M., Ghani, A. A. B. A., & Zulzalil, H. (2019). Evaluation of SQL injection vulnerability detection tools. International Journal of Engineering and Advanced Technology,  9(1),  1747–1751. https://doi.org/10.35940/ijeat.A2648.109119  

5. Draib, N., Sultan, A. B., Ghani, A. A., & Zulzalil, H. (2022). SQL Injection Vulnerabilities: Understanding Eliminating Approaches in Web Applications. International Journal of  Mechanical Engineering,  7(1),  6290–6296. https://kalaharijournals.com/resources/IJME_Vol7.1_639.pdf

• Conferences:  

1. Applied Informatics International Conference (AiIC2019), Pulau Pinang, Malaysia 2-4 July 2019. The 3rd International Conference on Innovation in Computer Science and Engineering (ICiCSE2019), Miri, Sarawak, Malaysia 26-2 June 2019  

2. The 6th International Conference on Computer Science and Computational Mathematics (ICCSCM), Langkawi, Malaysia, 4th-5th May 2017. 

3. The 2nd International Conference on Advancing Knowledge from Multidisciplinary Perspectives in Engineering & Technology (ICAKMPET), Istanbul, Turkey, 22nd - 23rd December 2021.  

4. The 16th International IEEE Conference on Computing, Communication and Networking Technologies (ICCCNT 2025), Indore, Madhya Pradesh, India, July 6 - 11, 2025.

• Ongoing Publication:  

1. SoSQLiP: Automated detection and removal of second-order SQL injection vulnerabilities in web applications using static analysis. The manuscript has been submitted to the PeerJ journal  

2. Systematic Literature Review on SQL injection detection and prevention techniques.

Honors / Awards

• Scholarship for postgraduate studies:  

  • Master, Dhamar University, 2012  

  • PhD, Dhamar University, 2016