Extended Bio

Mohannad Alhanahnah is a software security researcher and entrepreneur. He’s a Co-founder and CTO at FitStack. FitStack is funded by Wisconsin Alumni Research Foundation (WARF). Mohannad was a postdoctoral researcher at the University of Wisconsin-Madison working with Prof. Somesh Jha and Prof. Thomas Reps on software debloating. Mohannad’s research interests revolve around leveraging program analysis techniques for assessing and boosting application security. Mohannad completed his PhD in Computer Engineering at the University of Nebraska-Lincoln under the supervision of Dr. Hamid Bagheri and Dr. Qiben Yan and obtained MSc in Computer Security from the University of Kent. Mohannad worked as a researcher at iTrust lab at the Singapore University of Technology and Design and contributed to the development of Internet of Things Automatic Security Testbed. Mohannad worked also at Eindhoven University of Technology where he contributed to AU2EU. Mohannad received ACM SIGSOFT distinguished paper award and (ISC)2 graduate scholarship.

Research Areas:

IoT Safety and Privacy: [USENIX’22, IEEE TSE’22, ISSTA’20]
Machine Learning Robustness: [NeurIPS’22]
Android Security: [IEEE TIFS’20, NFOCOM’19]
Software and Container Debloating: [EuroSP’22]

Publications:

Alhanahnah, M., Jain, R., Rastogi, V., Jha, S., & Reps, T. (2022). Lightweight, Multi-Stage, Compiler-Assisted Application Specialization. 2022 IEEE 7th European Symposium on Security and Privacy (EuroS&P), 251–269. https://doi.org/10.1109/EuroSP53844.2022.00024

@inproceedings{9797349,
  author = {Alhanahnah, Mohannad and Jain, Rithik and Rastogi, Vaibhav and Jha, Somesh and Reps, Thomas},
  booktitle = {2022 IEEE 7th European Symposium on Security and Privacy (EuroS&P)},
  title = {Lightweight, Multi-Stage, Compiler-Assisted Application Specialization},
  year = {2022},
  volume = {},
  number = {},
  pages = {251-269},
  doi = {10.1109/EuroSP53844.2022.00024}
}

Stevens, C., Alhanahnah, M., Yan, Q., & Bagheri, H. (2020). Comparing formal models of IoT app coordination analysis. Proceedings of the 3rd ACM SIGSOFT International Workshop on Software Security from Design to Deployment, 3–10.

@inproceedings{stevens2020comparing,
  title = {Comparing formal models of IoT app coordination analysis},
  author = {Stevens, Clay and Alhanahnah, Mohannad and Yan, Qiben and Bagheri, Hamid},
  booktitle = {Proceedings of the 3rd ACM SIGSOFT International Workshop on Software Security from Design to Deployment},
  pages = {3--10},
  year = {2020}
}

Alhanahnah, M., Stevens, C., & Bagheri, H. (2020). Scalable Analysis of Interaction Threats in IoT Systems. Proceedings of the 29th ACM SIGSOFT International Symposium on Software Testing and Analysis, 272–285. https://doi.org/10.1145/3395363.3397347
```
@inproceedings{10.1145/3395363.3397347,
  author = {Alhanahnah, Mohannad and Stevens, Clay and Bagheri, Hamid},
  title = {Scalable Analysis of Interaction Threats in IoT Systems},
  year = {2020},
  isbn = {9781450380089},
  publisher = {Association for Computing Machinery},
  address = {New York, NY, USA},
  url = {https://doi.org/10.1145/3395363.3397347},
  doi = {10.1145/3395363.3397347},
  booktitle = {Proceedings of the 29th ACM SIGSOFT International Symposium on Software Testing and Analysis},
  pages = {272–285},
  numpages = {14},
  keywords = {Formal Verification, IoT Safety, Interaction Threats},
  location = {Virtual Event, USA},
  series = {ISSTA 2020}
}
```
The ubiquity of Internet of Things (IoT) and our growing reliance on IoT apps are leaving us more vulnerable to safety and security threats than ever before. Many of these threats are manifested at the interaction level, where undesired or malicious coordinations between apps and physical devices can lead to intricate safety and security issues. This paper presents IoTCOM, an approach to automatically discover such hidden and unsafe interaction threats in a compositional and scalable fashion. It is backed with auto-mated program analysis and formally rigorous violation detection engines. IoTCOM relies on program analysis to automatically infer the relevant app’s behavior. Leveraging a novel strategy to trim the extracted app’s behavior prior to translating them to analyzable formal specifications,IoTCOM mitigates the state explosion associated with formal analysis. Our experiments with numerous bundles of real-world IoT apps have corroborated IoTCOM’s ability to effectively detect a broad spectrum of interaction threats triggered through cyber and physical channels, many of which were previously unknown, and to significantly outperform the existing techniques in terms of scalability.

Alhanahnah, M., Yan, Q., Bagheri, H., Zhou, H., Tsutano, Y., Srisa-An, W., & Luo, X. (2020). DINA: Detecting Hidden Android Inter-App Communication in Dynamic Loaded Code. IEEE Transactions on Information Forensics and Security, 15, 2782–2797. https://doi.org/10.1109/TIFS.2020.2976556

@article{9017933,
  author = {Alhanahnah, Mohannad and Yan, Qiben and Bagheri, Hamid and Zhou, Hao and Tsutano, Yutaka and Srisa-An, Witawas and Luo, Xiapu},
  journal = {IEEE Transactions on Information Forensics and Security},
  title = {DINA: Detecting Hidden Android Inter-App Communication in Dynamic Loaded Code},
  year = {2020},
  volume = {15},
  number = {},
  pages = {2782-2797},
  doi = {10.1109/TIFS.2020.2976556}
}

Alhanahnah, M., Yan, Q., Bagheri, H., Zhou, H., Tsutano, Y., Srisa-an, W., & Luo, X. (2019). Detecting Vulnerable Android Inter-App Communication in Dynamically Loaded Code. IEEE INFOCOM 2019 - IEEE Conference on Computer Communications, 550–558. https://doi.org/10.1109/INFOCOM.2019.8737637

@inproceedings{8737637,
  author = {Alhanahnah, Mohannad and Yan, Qiben and Bagheri, Hamid and Zhou, Hao and Tsutano, Yutaka and Srisa-an, Witawas and Luo, Xiapu},
  booktitle = {IEEE INFOCOM 2019 - IEEE Conference on Computer Communications},
  title = {Detecting Vulnerable Android Inter-App Communication in Dynamically Loaded Code},
  year = {2019},
  volume = {},
  number = {},
  pages = {550-558},
  doi = {10.1109/INFOCOM.2019.8737637}
}

Alhanahnah, M., Lin, Q., Yan, Q., Zhang, N., & Chen, Z. (2018). Efficient Signature Generation for Classifying Cross-Architecture IoT Malware. 2018 IEEE Conference on Communications and Network Security (CNS), 1–9. https://doi.org/10.1109/CNS.2018.8433203

@inproceedings{8433203,
  author = {Alhanahnah, Mohannad and Lin, Qicheng and Yan, Qiben and Zhang, Ning and Chen, Zhenxiang},
  booktitle = {2018 IEEE Conference on Communications and Network Security (CNS)},
  title = {Efficient Signature Generation for Classifying Cross-Architecture IoT Malware},
  year = {2018},
  volume = {},
  number = {},
  pages = {1-9},
  doi = {10.1109/CNS.2018.8433203}
}

Alhanahnah, M., & Yan, Q. (2018). Towards best secure coding practice for implementing SSL/TLS. IEEE INFOCOM 2018 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), 1–6. https://doi.org/10.1109/INFCOMW.2018.8407011

@inproceedings{8407011,
  author = {Alhanahnah, Mohannad and Yan, Qiben},
  booktitle = {IEEE INFOCOM 2018 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS)},
  title = {Towards best secure coding practice for implementing SSL/TLS},
  year = {2018},
  volume = {},
  number = {},
  pages = {1-6},
  doi = {10.1109/INFCOMW.2018.8407011}
}

Alhanahnah, M., Bertok, P., Tari, Z., & Alouneh, S. (2018). Context-Aware Multifaceted Trust Framework For Evaluating Trustworthiness of Cloud Providers. Future Generation Computer Systems, 79, 488–499. https://doi.org/https://doi.org/10.1016/j.future.2017.09.071
```
@article{ALHANAHNAH2018488,
  title = {Context-Aware Multifaceted Trust Framework For Evaluating Trustworthiness of Cloud Providers},
  journal = {Future Generation Computer Systems},
  volume = {79},
  pages = {488-499},
  year = {2018},
  issn = {0167-739X},
  doi = {https://doi.org/10.1016/j.future.2017.09.071},
  url = {https://www.sciencedirect.com/science/article/pii/S0167739X17300717},
  author = {Alhanahnah, Mohannad and Bertok, Peter and Tari, Zahir and Alouneh, Sahel},
  keywords = {Analytic hierarchy process, Cloud computing, Trust, Fuzzy simple additive weighting, Multifaceted}
}
```
With the rapidly increasing number of cloud-based services, selecting a service provider is becoming more and more difficult. Among the many factors to be considered, trust in a given service and in a service provider is often critical. Appraisal of trust is a complex process, information about the offered service’s quality needs to be collected from a number of sources, while user requirements may place different emphasis on the various quality indicators. Several frameworks have been proposed to facilitate service provider selection, however, only very few of them are built on existing cloud standards, and adaptability to different contexts is still a challenge. This paper proposes a new trust framework, called Context-Aware Multifaceted Trust Framework (CAMFT), to assist in evaluating trust in cloud service providers. CAMTF is flexible and context aware: it considers trust factors, users and services. When making recommendations, CAMFT employs a combination of mathematical methods that depend on the type of trust factors, and it takes both service characteristics and user perspective into account. A case study is also presented to demonstrate CAMFT’s applicability to practical cases.

Alhanahnah, M., Bertok, P., & Tari, Z. (2017). Trusting Cloud Service Providers: Trust Phases and a Taxonomy of Trust Factors. IEEE Cloud Computing, 4(1), 44–54. https://doi.org/10.1109/MCC.2017.20

@article{7879115,
  author = {Alhanahnah, Mohannad and Bertok, Peter and Tari, Zahir},
  journal = {IEEE Cloud Computing},
  title = {Trusting Cloud Service Providers: Trust Phases and a Taxonomy of Trust Factors},
  year = {2017},
  volume = {4},
  number = {1},
  pages = {44-54},
  doi = {10.1109/MCC.2017.20}
}

Al-Hadidi, M. R., Alarabeyyat, A., & Alhanahnah, M. (2016). Breast Cancer Detection Using K-Nearest Neighbor Machine Learning Algorithm. 2016 9th International Conference on Developments in ESystems Engineering (DeSE), 35–39. https://doi.org/10.1109/DeSE.2016.8

@inproceedings{7930620,
  author = {Al-Hadidi, Moh'd Rasoul and Alarabeyyat, Abdulsalam and Alhanahnah, Mohannad},
  booktitle = {2016 9th International Conference on Developments in eSystems Engineering (DeSE)},
  title = {Breast Cancer Detection Using K-Nearest Neighbor Machine Learning Algorithm},
  year = {2016},
  volume = {},
  number = {},
  pages = {35-39},
  doi = {10.1109/DeSE.2016.8}
}

Alhanahnah, M., & Chadwick, D. (2016). Boosting Usability for Protecting Online Banking Applications Against APTs. 2016 Cybersecurity and Cyberforensics Conference (CCC), 70–76. https://doi.org/10.1109/CCC.2016.13

@inproceedings{7600213,
  author = {Alhanahnah, Mohannad and Chadwick, David},
  booktitle = {2016 Cybersecurity and Cyberforensics Conference (CCC)},
  title = {Boosting Usability for Protecting Online Banking Applications Against APTs},
  year = {2016},
  volume = {},
  number = {},
  pages = {70-76},
  doi = {10.1109/CCC.2016.13}
}

Alhanahnah, M. J., Jhumka, A., & Alouneh, S. (2016). A Multidimension Taxonomy of Insider Threats in Cloud Computing. The Computer Journal, 59(11), 1612–1622. https://doi.org/10.1093/comjnl/bxw020
```
@article{10.1093/comjnl/bxw020,
  author = {Alhanahnah, Mohannad J. and Jhumka, Arshad and Alouneh, Sahel},
  title = {{A Multidimension Taxonomy of Insider Threats in Cloud Computing}},
  journal = {The Computer Journal},
  volume = {59},
  number = {11},
  pages = {1612-1622},
  year = {2016},
  month = nov,
  issn = {0010-4620},
  doi = {10.1093/comjnl/bxw020},
  url = {https://doi.org/10.1093/comjnl/bxw020},
  eprint = {https://academic.oup.com/comjnl/article-pdf/59/11/1612/7300451/bxw020.pdf}
}
```
Security is considered a significant deficiency in cloud computing, and insider threats problem exacerbate security concerns in the cloud. In addition to that, cloud computing is very complex by itself, because it encompasses numerous technologies and concepts. Apparently, overcoming these challenges requires substantial efforts from information security researchers to develop powerful mitigation solutions for this emerging problem. This entails developing a taxonomy of insider threats in cloud environments encompassing all potential abnormal activities in the cloud and can be useful for conducting security assessment. This article describes the first phase of an ongoing research to develop a framework for mitigating insider threats in cloud computing environments. Primarily, it presents a multidimensional taxonomy of insider threats in cloud computing and demonstrates its viability. The taxonomy provides a fundamental understanding for this complicated problem by identifying five dimensions; it also supports security engineers in identifying hidden paths, thus determining proper countermeasures, and presents a guidance that covers all bounders of insiders’ threats issue in clouds; hence, it facilitates researchers’ endeavours in tackling this problem. For instance, according to the hierarchical taxonomy, clearly many significant issues exist in public cloud, while conventional insider mitigation solutions can be used in private clouds. Finally, the taxonomy assists in identifying future research directions in this emerging area.

Wang, Y., Alhanahnah, M., Meng, X., Wang, K., Christodorescu, M., & Jha, S. (2022). Robust Learning against Relational Adversaries. In A. H. Oh, A. Agarwal, D. Belgrave, & K. Cho (Eds.), Advances in Neural Information Processing Systems. https://openreview.net/forum?id=WBp4dli3No6

@inproceedings{wang2022robust,
  title = {Robust Learning against Relational Adversaries},
  author = {Wang, Yizhen and Alhanahnah, Mohannad and Meng, Xiaozhu and Wang, Ke and Christodorescu, Mihai and Jha, Somesh},
  booktitle = {Advances in Neural Information Processing Systems},
  editor = {Oh, Alice H. and Agarwal, Alekh and Belgrave, Danielle and Cho, Kyunghyun},
  year = {2022},
  url = {https://openreview.net/forum?id=WBp4dli3No6}
}

Chen, Y., Alhanahnah, M., Sabelfeld, A., Chatterjee, R., & Fernandes, E. (2022). Practical Data Access Minimization in Trigger-Action Platforms. 31st USENIX Security Symposium (USENIX Security 22), 2929–2945. https://www.usenix.org/conference/usenixsecurity22/presentation/chen-yunang-practical

@inproceedings{277182,
  author = {Chen, Yunang and Alhanahnah, Mohannad and Sabelfeld, Andrei and Chatterjee, Rahul and Fernandes, Earlence},
  title = {Practical Data Access Minimization in {Trigger-Action} Platforms},
  booktitle = {31st USENIX Security Symposium (USENIX Security 22)},
  year = {2022},
  isbn = {978-1-939133-31-1},
  address = {Boston, MA},
  pages = {2929--2945},
  url = {https://www.usenix.org/conference/usenixsecurity22/presentation/chen-yunang-practical},
  publisher = {USENIX Association},
  month = aug
}

Alhanahnah, M., Ma, S., Gehani, A., Ciocarlie, G. F., Yegneswaran, V., Jha, S., & Zhang, X. (2022). autoMPI: Automated Multiple Perspective Attack Investigation with Semantics Aware Execution Partitioning. IEEE Transactions on Software Engineering, 1–14. https://doi.org/10.1109/TSE.2022.3231242

@article{9996963,
  author = {Alhanahnah, Mohannad and Ma, Shiqing and Gehani, Ashish and Ciocarlie, Gabriela F. and Yegneswaran, Vinod and Jha, Somesh and Zhang, Xiangyu},
  journal = {IEEE Transactions on Software Engineering},
  title = {autoMPI: Automated Multiple Perspective Attack Investigation with Semantics Aware Execution Partitioning},
  year = {2022},
  volume = {},
  number = {},
  pages = {1-14},
  doi = {10.1109/TSE.2022.3231242}
}

Alhanahnah, M., Stevens, C., Chen, B., Yan, Q., & Bagheri, H. (2022). IoTCOM: Dissecting Interaction Threats in IoT Systems. IEEE Transactions on Software Engineering, 1–1. https://doi.org/10.1109/TSE.2022.3179294

@article{9785922,
  author = {Alhanahnah, Mohannad and Stevens, Clay and Chen, Bocheng and Yan, Qiben and Bagheri, Hamid},
  journal = {IEEE Transactions on Software Engineering},
  title = {IoTCOM: Dissecting Interaction Threats in IoT Systems},
  year = {2022},
  volume = {},
  number = {},
  pages = {1-1},
  doi = {10.1109/TSE.2022.3179294}
}

Updates

[Dec 2022] Our paper "autoMPI: Automated Multiple Perspective Attack Investigation with Semantics Aware Execution Partitioning" has been accepted to (TSE).
[Sept 2022] Our paper "Robust Learning against Relational Adversaries" has been accepted to (NeurIPS'22)
[June 2022] Our paper "IoTCOM: Dissecting Interaction Threats in IoT Systems" has been accepted to (TSE)
[Feb 2022] Our paper "Lightweight, Multi-Stage, Compiler-Assisted Application Specialization" has been accepted to (Euro S&P'22)
[July 2021] Our tool "Lightweight, Multi-Stage, Compiler-Assisted Application Specialization" has been accepted for Tech Transfer by ONR.
[July 2021] Our paper "Practical Data Access Minimization in Trigger-Action Platforms" has been accepted to (USENIX'22)
[May 2021] Patent filed ["COMPUTER IMPLEMENTED PROGRAM SIMPLIFICATION"](https://www.warf.org/technologies/summary/P210211US02/)
[Feb 2021] Patent filed ["A METHOD AND APPARATUS FOR IMPROVED SECURITY IN TRIGGER ACTION PLATFORMS"](https://www.warf.org/technologies/summary/P210227US01/)
[Aug 2020] Our paper "Comparing formal models of IoT app coordination analysis" has been accepted to (SEAD'20).
[June 2020] Our (ISSTA'20) paper received ACM SIGSOFT Distinguished Paper Award
[April 2020] Our paper "Scalable Analysis of Interaction Threats in IoT Systems" (ISSTA'20) paper received ACM SIGSOFT Distinguished Paper Award
[Dec 2018] Our paper Detecting Vulnerable Android Inter-App Communication in Dynamically Loaded Code" has been accepted to (INFOCOM'19)
[Mar 2018] Our paper "Efficient Signature Generation for Classifying Cross-Architecture IoT Malware" accepted to IEEE Conference on Communications and Network Security 2018.
[Feb 2018] Our paper "Towards Best Secure Coding Practice for Implementing SSL/TLS" has been accepted to MobiSec 2018 (INFOCOM)