Hanan Hibshi is a Research and Teaching Scientist at the Information Networking Institute at Carnegie Mellon University. Hanan’s research area includes: usable security, security requirements and expert’s decision-making. Her role at the INI includes advising students who are interested in pursuing a thesis or a project as their curriculum option. 

Hanan is an INI alumna. She graduated in 2011 witha Master's in Information Security Technology and Management (MSISTM, equivalent to the MSIS now). Hanan’s INI journey inspired her to get involved in research and she obtained her PhD in Societal Computing from the School of Computer Science in 2018.

Hanan is interested in studying expert decision-making in the design and post-deployment phases of software development, and in modeling human expertise to create human-centric technical solutions that conform to the real-world reasoning. Hanan’s research involves using grounded theory and mixed-methods user experiments to extract rules for use in intelligent systems in security. Hanan has studied the intersection between security requirements risk assessment and empirical data-driven intelligent systems using fuzzy logic. Her early findings attracted the attention of an international, multi-institution collaboration with the University of Nottingham.

Hanan has published in top venues, such as the IEEE Requirements Engineering Conference (RE), and the Journal of Cybersecurity. Hanan has also been invited to present her work at multiple venues, such as the 2017 Annual Acquisition Research Symposium at the Naval Postgraduate Institute, the 2016 C3E workshop at Georgia Tech, and the National Institute of Standards and Technology (NIST).

123 4616 Henry Street


2018 Ph.D., Societal Computing, Carnegie Mellon University

2011 M.S., Information Security Technology and Management, Carnegie Mellon University

2003 B.S., Computer Science, King Abdul-Aziz University

Media mentions

CMU Engineering

IoT labels will help consumers figure out which devices are spying on them

A team of CyLab researchers have developed a prototype security and privacy “nutrition label” that performed well in user tests. To develop the label, the team consulted with a diverse group of 22 security and privacy experts across industry, government, and academia.

CMU Engineering

Second round of Secure and Private IoT Initiative funded projects announced

Carnegie Mellon CyLab’s Secure and Private IoT Initiative (IoT@CyLab) has announced its second round of funding, which will support ten IoT-related projects for one year.

CMU Engineering

Nearly 40,000 compete in picoCTF

The biggest hacking competition keeps getting bigger. Earlier this month, more than 39,000 people from all 50 US states and 160 different countries participated in picoCTF, a free online hacking competition hosted by CMU.