I am a software security researcher and entrepreneur. My research interests primarily revolve around the confluence of program analysis and cybersecurity. To assess the safety and security of applications in emerging fields such as Internet of Things (IoT) and Android, I utilize a mix of static and dynamic analysis, symbolic execution, and formal verification methods.

I am a research Associate at the University of Wisconsin-Madison, and was fortunate to work with Prof. Somesh Jha and Prof. Thomas Reps on software debloating and Adversarial Machine Learning.

I completed my PhD in Computer Engineering at the University of Nebraska-Lincoln, where I was fortunate to work with Dr. Hamid Bagheri and Dr. Qiben Yan and obtained MSc in Computer Security from the University of Kent. I received ACM SIGSOFT distinguished paper award and (ISC)2 graduate scholarship


 

Research Areas:

Entrepreneurship & Industry:

Academic Service:

  • I serverd as a reviewer and external reviewer in the following conferences and journals: Euro S&P’22, USENIX’21, CSF’21, IEEE BigData’20, TIFS’20, TrustCOMM’20, INFOCOMM’17/18, IEEE Cloud Computing 2017, IEEE WCNC 2017.
  • Graduate Students’ representative in the faculty committee (Academic Year 2016-2017)
  • Graduate students’ representative in the Computer Engineering Committee (Academic Year 2017-2018)

Recent news:

  • [Oct 2024] 🔥 Our paper "DepsRAG: Towards Agentic Reasoning and Planning for Software Dependency Management" has been accepted to (NeurIPS'24 Workshop on Open-World Agents)
  • [Sept 2024] 🔥 Our patent application "Computer Implemented Program Specialization" has issued.
  • [Aug 2024] 🔥 Our papers "SoK: Software Debloating Landscape and Future Directions" and "Software Debloating from Exception-Handler Lenses" have been accepted to (FEAST'24)
  • [Jan 2024] 🔥 Mohannad implemented and released Python Dependency Chatbot. This chatbot is a RAG application over Knowledge Graph. Check out my blog for more info
  • [Jan 2024] 🔥 Our patent application "Method and Apparatus for Improved Security in Trigger Action Platforms" has issued.
  • [Dec 2023] 🔥 Mohannad was invited to serve on the CCS'24 TPC Software Security Track
  • [Dec 2023] 🔥 Our paper "Machine Learning Systems are Bloated and Vulnerable" has been accepted to (SIGMETRICS'24)
  • [Nov 2023] 🔥 Our ONR grant to `Holistic Debloating in the Age of LLM Technology`, is funded. Thank you, ONR!!!
  • [July 2023] 🔥 We released Langroid, a framework to support developers to build Multi-agent LLM applications.
  • [June 2023] 🔥🔥 ONR decided to open source the Tech Transferred version of our debloating tools LMCAS and SLASH.
  • [June 2023] 🔥 Mohannad serves on the Artifact Evaluation Committees for NDSS'24 and CGO'24
  • [Dec 2022] 🔥 Our paper "autoMPI: Automated Multiple Perspective Attack Investigation with Semantics Aware Execution Partitioning" has been accepted to (TSE).
  • [Sept 2022] 🔥 Our paper "Robust Learning against Relational Adversaries" has been accepted to (NeurIPS'22)
  • [June 2022] 🔥 Our paper "IoTCOM: Dissecting Interaction Threats in IoT Systems" has been accepted to (TSE)
  • [Feb 2022] 🔥 Our paper "Lightweight, Multi-Stage, Compiler-Assisted Application Specialization" has been accepted to (Euro S&P'22)
  • [July 2021] 🔥 Our tool "Lightweight, Multi-Stage, Compiler-Assisted Application Specialization" has been accepted for Tech Transfer by ONR.
  • [July 2021] 🔥 Our paper "Practical Data Access Minimization in Trigger-Action Platforms" has been accepted to (USENIX'22)
  • [May 2021] 🔥 Patent filed COMPUTER IMPLEMENTED PROGRAM SIMPLIFICATION
  • [Feb 2021] 🔥 Patent filed A METHOD AND APPARATUS FOR IMPROVED SECURITY IN TRIGGER ACTION PLATFORMS
  • [Aug 2020] 🔥 Our paper "Comparing formal models of IoT app coordination analysis" has been accepted to (SEAD'20).
  • [June 2020] 🔥 Our (ISSTA'20) paper received ACM SIGSOFT Distinguished Paper Award
  • [April 2020] 🔥 Our paper "Scalable Analysis of Interaction Threats in IoT Systems" (ISSTA'20) paper received ACM SIGSOFT Distinguished Paper Award
  • [Dec 2018] 🔥 Our paper Detecting Vulnerable Android Inter-App Communication in Dynamically Loaded Code" has been accepted to (INFOCOM'19)
  • [Mar 2018] 🔥 Our paper "Efficient Signature Generation for Classifying Cross-Architecture IoT Malware" accepted to IEEE Conference on Communications and Network Security 2018.
  • [Feb 2018] 🔥 Our paper "Towards Best Secure Coding Practice for Implementing SSL/TLS" has been accepted to MobiSec 2018 (INFOCOM)

Updating time: 01/17/2023