Recent Projects

PromSec: Prompt Optimization for Secure Generation of Functional Source Code with Large Language Models (LLMs)

Problem: LLMs tend to generate functional but insecure code.

Objective: Optimize prompts to generate secure functional code with LLMs.

Key Contributions:

• Graph generative adversarial network (gGAN) + LLM loop to reduce vulnerabilities and maintain functionality.
• Contrastive learning for dual-objective optimization.
• Transferable prompts across LLMs and vulnerabilities.

Methodology: gGAN fixes code vulnerabilities, LLM improves prompts, and iterative loop for optimizing code security.

Key Results: Enhances security while maintaining functionality, reduces operational time and costs significantly, prompts work across languages and LLMs, reduces vulnerabilities in generated code.

Publications:

• [1] M. Nazzal, I. Khalil, A. Khreishah, and N.H. Phan, “PromSec: Prompt Optimization for Secure Generation of Functional Source Code with Large Language Models (LLMs),” in 31st ACM Conference on Computer and Communications Security (CCS 2024), Salt Lake City, UT, USA, Oct. 2024. Arxiv Preprint | Artifacts
• [2] T.K. Ton, N. Nguyen, M. Nazzal, A. Khreishah, C. Borcea, N.H. Phan, R. Jin, I. Khalil, and Y. Shen, “Demo: SGCode: A Flexible Prompt-Optimizing System for Secure Generation of Code,” 31st ACM Conference on Computer and Communications Security (CCS 2024), Salt Lake City, UT, USA, Oct. 2024. Preprint | Demo Website
• [3] M. Nazzal, I. Khalil, A. Khreishah, and N.H. Phan, “Method and System for Prompt Optimization for Secure Generation of Functional Source Code with Large Language Models,” US Patent, Application No.: US63/561,573, Washington, D.C., USA, Filing date: Mar. 5, 2024.

Multi-Instance Adversarial Attack on GNN-Based Malicious Domain Detection

Problem: Need for a new adversarial attack on multiple instances to evade malicious domain detection.

Objective: Develop MintA, an attack that evades GNN-based malicious domain detection by optimizing multiple domain manipulations.

Key Contributions:

• MintA: A multi-instance evasion attack optimizing node perturbations for evasiveness.
• Black-box attack requiring no knowledge of model parameters.

Methodology: Construct a surrogate model using black-box access, optimize node and edge perturbations to maximize evasiveness, and implement perturbations through domain and IP modifications.

Key Results: Achieves over 80% success rate in evading detection, bypasses outlier detection and graph purification defenses.

Papers:

• [4] M. Nazzal, I. Khalil, A. Khreishah, N. Phan, & Y. Ma, “Multi-Instance Adversarial Attack on GNN-Based Malicious Domain Detection,” in 2024 IEEE Symposium on Security and Privacy (SP), May 2024. Paper | Arxiv Preprint | Artifacts | Presentation Video

SA-DS: A Dataset for Large Language Model-Driven AI Accelerator Design Generation

Problem: Lack of specialized datasets for AI-driven accelerator design.

Objective: Introduce SA-DS for LLM-based DNN hardware design.

Key Contributions:

• SA-DS: Diverse array designs using Gemmini.
• An envisioned framework for optimizing hardware design generation.

Methodology: Data from Gemmini in Chisel, supports LLM fine-tuning and multi-shot learning, quality check using Verilator.

Results: 100% pass rate with multi-shot learning, fewer revisions, better workflow.

Papers:

• [5] D. Vungarala*, M. Nazzal*, M. Morsali, C. Zhang, A. Ghosh, A. Khreishah, and S. Angizi, “SA-DS: A Dataset for Large Language Model-Driven AI Accelerator Design Generation,” IEEE International Symposium on Circuits and Systems (ISCAS) 2025. [Accepted]. DOI Link | Artifacts

Work 4: Deepfake Detection with Vision-Language Model Explanations and GNN Integration

Problem: Growing challenge of realistic deepfakes that threaten media authenticity. Existing methods struggle with robustness and generalization.

Objective: Combines visual and AI-generated textual analysis for improved detection.

Key Contributions:

• Visual-Textual Integration: Fuses image analysis with AI-generated text insights.
• Robust to Adversarial Attacks: Withstands customized deepfake techniques.
• Strong Generalization: Adapts to diverse deepfake sources and models.

Methodology:

• Divides images into components and generates detailed text explanations.
• Uses a dual-layer analysis with graph techniques to merge visual and textual data.

Main Results: Enhanced Accuracy: Achieves higher recall, reducing false negatives. Stability Under Attack: Lowers performance drop from 13.3% to 1.5%. Scalable Solution: Effective across varied deepfake scenarios.

Note: Summary presented with care for privacy, as the paper is under double-blind review.

Work 5: Semi-decentralized Inference in hetGNNs for Traffic Demand Prediction: An Edge-Computing Approach

Problem: Scalability issues in GNN-based traffic forecasting due to high message passing overhead.

Objective: Create a scalable, efficient traffic forecasting method using semi-decentralized hetGNN-LSTM.

Key Contributions:

• HetGNN-LSTM: Uses multiple relationships for accurate predictions.
• Semi-decentralized: Uses cloudlets to reduce overhead.
• Adaptive Assignment: Minimizes inter-cloudlet communication.

Methodology:

• HetGNN-LSTM: Learns from heterogeneous data and time dependencies.
• Semi-Decentralized: Cloudlets manage subgraphs to reduce load.
• Adaptive Assignment: Uses clustering to reduce inter-cloudlet communication.

Main Results: High accuracy compared to existing models. Inference time reduced by an order of magnitude. Improved scalability and reduced costs.

Papers:

• [7] M. Nazzal, A. Khreishah, J. Lee, S. Angizi, A. Al-Fuqaha, and M. Guizani, “Semi-decentralized Inference in Heterogeneous Graph Neural Networks for Traffic Demand Forecasting: An Edge-Computing Approach,” IEEE Transactions on Vehicular Technology, Jan. 2024. Paper | Arxiv Preprint | Artifacts