Mohannad Alhanahnah

I am a software security researcher and entrepreneur. My research interests primarily revolve around AI and Software Supply Chain Security. I integrate program analysis, large language models (LLMs), and cybersecurity techniques to evaluate and enhance application safety and security across emerging domains, including Android, IoT, AI/LLM ecosystems, and software supply chains.

I am currently a Scientist in the Cybersecurity group at the Qatar Computing Research Institute. Previously, I was an Assistant Professor in the CSE Department at Chalmers University of Technology and the University of Gothenburg. Prior to that, I was a Scientist at the University of Wisconsin–Madison, where I worked with Prof. Somesh Jha and Prof. Thomas Reps on software debloating and machine learning robustness.

I completed my PhD in Computer Engineering at the University of Nebraska-Lincoln, working with Dr. Hamid Bagheri and Dr. Qiben Yan, and obtained an MSc in Computer Security from the University of Kent.

My work extends beyond academic publications to real-world impact. I have secured over $1.5M in research and commercialization funding, co-founded a startup (FitStack), had tools accepted for tech transfer by ONR, hold two issued patents, and contributed to open-source projects such as Langroid. I also found bugs in open-source tools Syft.

---

Research Areas

• Agentic AI & LLMs — LLM agents for software dependency management and program repair: [DIMVA’26, DSN’25 🏆, EMSE’25, NeurIPS’24 OWA]

• Software Debloating — Removing unnecessary code to reduce attack surface: [SIGMETRICS’24, FEAST’24, EuroS&P’22] — Tools: FitStack, LMCAS, SLASH

• AI/ML Robustness — Adversarial attacks and defenses for ML systems: [SIGMETRICS’24, NeurIPS’22]

• Mobile and IoT Security — Automated vulnerability detection in IoT and mobile systems: [USENIX’22, IEEE TSE’22, ISSTA’20 🏆, IEEE TIFS’20, INFOCOM’19]

→ Full research details

→ All publications

---

Impact at a Glance