Hanan Hibshi
Research and Teaching Scientist, Information Networking Institute
Hanan Hibshi is a research and teaching faculty at the Information Networking Institute at Carnegie Mellon University, the academic advisor for the Master of Information Security Program (MSIS) at the Information Networking Institute, and one of the research investigators for the CMUS’ picoCTF educational platform. Hibshi’s research area includes usable security and privacy, cybersecurity education, security requirements, mobile and IoT Security, expert’s decision-making, and ML and AI for security and privacy.
Hisbshi received a Ph.D. in societal computing from Carnegie Mellon University and an M.S. in information security technology and management from the Information Networking Institute at Carnegie Mellon University. Prior to her academic career, she had had some experience working in the banking industry.
One example of Hibshi’s research is her early research findings had attracted the attention of an international, multi-institution collaboration with the University of Nottingham. Her work examined the intersection between security requirements risk assessment and empirical data-driven intelligent systems using fuzzy logic.
Hibshi has published in top venues, and she reviews research submissions at top security, privacy, and software engineering venues.
Education
2018 Ph.D., Societal Computing, Carnegie Mellon University
2011 M.S., Information Security Technology and Management, Carnegie Mellon University
2003 B.S., Computer Science, King Abdul-Aziz University
Research Interests
- AI and ML for security
- Applications of security and privacy
- cybersecurity
- Internet of Things (IoT)
- Measurement and analysis
- ML and AI
- mobile and app security and privacy
- privacy enhancing technologies
- privacy policy and regulation
- risk analysis
- security education, awareness, and training
- usability
- usable privacy and security
Media mentions
CyLab Security and Privacy Institute
picoCTF to hold 2020 Mini Competition in October
In celebration of National Cybersecurity Awareness Month, picoCTF will be holding a mini competition during the month of October. The competition will consist of series of cybersecurity challenges of intermediate difficulty in the topics of reverse engineering, forensics, web, and binary exploitation problems.
CyLab Security and Privacy Institute
Three CyLab papers presented at the FTC’s PrivacyCon 2020
Three CyLab papers were presented at this year's PrivacyCon, focusing on privacy and security nutrition labels, making privacy choices easier, and perceptions of advanced video analytics.
CyLab Security and Privacy Institute
picoCTF announces next competition dates
The world's largest hacking competition, hosted by Carnegie Mellon University, has announced the dates of its next competition.
CyLab Security and Privacy Institute
IoT labels will help consumers figure out which devices are spying on them
A team of CyLab researchers have developed a prototype security and privacy “nutrition label” that performed well in user tests. To develop the label, the team consulted with a diverse group of 22 security and privacy experts across industry, government, and academia.
CyLab Security and Privacy Institute
Second round of Secure and Private IoT Initiative funded projects announced
Carnegie Mellon CyLab’s Secure and Private IoT Initiative (IoT@CyLab) has announced its second round of funding, which will support ten IoT-related projects for one year.
CyLab Security and Privacy Institute
Nearly 40,000 compete in picoCTF
The biggest hacking competition keeps getting bigger. Earlier this month, more than 39,000 people from all 50 US states and 160 different countries participated in picoCTF, a free online hacking competition hosted by CMU.
Institute for Software Research
Hibshi quoted on security research
CyLab’s Hanan Hibshi was quoted by CMU’s Institute for Software Research on her cybersecurity research.
Societal Computing
Hibishi interviewed on privacy and security
CyLab’s Hanan Hibshi was interviewed by CMU Societal Computing on usable privacy and security.