Wajih Ul Hassan


4303

Email: whassan3@illinois.edu

About Me

I'll be joining the University of Virginia as an Assistant Professor in the Department of CS and the School of Data Science in Fall 2022! I have 2-3 openings for Ph.D. students in my research group. Feel free to drop me an email if you like to work with me on the topics related to system security and auditing.

Currently, I am a Research Scientist at Stellar Cyber and a Visiting Assistant Professor at LUMS, Pakistan.

I did my Ph.D. from UIUC under the supervision of Prof. Adam Bates.


Service

  • 2022: USENIX Security (PC)
  • 2021: USENIX Security (PC)
  • 2020: IEEE S&P (Shadow PC), ACM WPES (PC)
  • 2018: ACM WPES (PC)


    Teaching

  • CS370: Operating Systems Fall 2021 (LUMS, Pakistan)


    Conference Publications

    1. Forensic Analysis of Configuration-based Attacks
      Muhammad Adil Inam*, Wajih Ul Hassan*, Ali Ahad, Adam Bates, Rashid Tahir, Tianyin Xu, Fareed Zaffar (* denotes equal contribution)
      Network and Distributed System Security Symposium (NDSS) 2022 [To Appear]
      Acceptance rate=TBD

    2. Validating the Integrity of Audit Logs Against Execution Repartitioning Attacks.
      Carter Yagemann, Mohammad Noureddine, Wajih Ul Hassan, Simon Chung, Adam Bates, and Wenke Lee
      Conference on Computer and Communications Security (CCS) 2021 [To Appear]
      Acceptance rate=TBD

    3. This is Why We Can’t Cache Nice Things: Lightning-Fast Threat Hunting using Suspicion-Based Hierarchical Storage
      Wajih Ul Hassan, Ding Li, Kangkook Jee, Xiao Yu, Kexuan Zou, Dawei Wang, Zhengzhang Chen, Zhichun Li, Junghwan Rhee, Jiaping Gui, Adam Bates
      Annual Computer Security Applications Conference (ACSAC) 2020
      Acceptance rate=23.2%

    4. On the Forensic Validity of Approximated Audit Logs
      Noor Michael, Jaron Mink, Jason Liu, Sneha Gaur, Wajih Ul Hassan, Adam Bates
      Annual Computer Security Applications Conference (ACSAC) 2020
      Acceptance rate=23.2%

    5. Tactical Provenance Analysis for Endpoint Detection and Response Systems
      Wajih Ul Hassan, Adam Bates, Daniel Marino
      IEEE Symposium on Security and Privacy (S&P) 2020
      Acceptance rate=12.3%

    6. OmegaLog: High-Fidelity Attack Investigation via Transparent Multi-layer Log Analysis
      Wajih Ul Hassan, Mohammad Ali Noureddine, Pubali Datta, Adam Bates
      Network and Distributed System Security Symposium (NDSS) 2020
      Acceptance rate=17.4%

    7. Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution
      Riccardo Paccagnella, Pubali Datta, Wajih Ul Hassan, Adam Bates, Christopher Fletcher, Andrew Miller, Dave Tian
      Network and Distributed System Security Symposium (NDSS) 2020
      Acceptance rate=17.4%

    8. You Are What You Do: Hunting Stealthy Malware via Data Provenance Analysis
      Qi Wang, Wajih Ul Hassan, Ding Li, Kangkook Jee, Xiao Yu, Kexuan Zou, Junghwan Rhee, Zhengzhang Chen, Wei Cheng, Carl A. Gunter, Haifeng Chen.
      Network and Distributed System Security Symposium (NDSS) 2020
      Acceptance rate=17.4%

    9. NoDoze: Combatting Threat Alert Fatigue with Automated Provenance Triage
      Wajih Ul Hassan, Shengjian Guo, Ding Li, Zhengzhang Chen, Kangkook Jee, Zhichun Li, Adam Bates
      Network and Distributed System Security Symposium (NDSS) 2019
      Acceptance rate=17.1%

    10. Analysis of Privacy Protections in Fitness Tracking Social Networks -or- You can run, but can you hide?
      Wajih Ul Hassan*, Saad Hussain*, Adam Bates. (* denotes equal contribution)
      USENIX Security 2018
      Acceptance rate=19.1%
      Media Coverage: News Gazette, Daily Illini, WAND TV, Illinois Engineering, Strava Blog, MapMyTracks Blog

    11. Towards Scalable Cluster Auditing through Grammatical Inference over Provenance Graphs
      Wajih Ul Hassan, Mark Lemay, Nuraini Aguse, Adam Bates, Thomas Moyer
      Network and Distributed System Security Symposium (NDSS) 2018
      Acceptance rate=21.0%

    12. Fear and Logging in the Internet of Things
      Qi Wang, Wajih Ul Hassan, Adam Bates, Carl Gunter
      Network and Distributed System Security Symposium (NDSS) 2018
      Acceptance rate=21.0%

    13. Don't cry over spilled records: Memory elasticity of data-parallel applications and its application to cluster scheduling
      Calin Iorgulescu, Florin Dinu, Aunn Raza, Wajih Ul Hassan, Willy Zwaenepoel
      USENIX Annual Technical Conference (ATC) 2017
      Acceptance rate=21.0%

    14. Transparent Web Service Auditing via Network Provenance Functions
      Adam Bates, Wajih Ul Hassan, Kevin Butler, Alin Dobra, Brad Reaves, Patrick Cable, Thomas Moyer, Nabil Schear
      World Wide Web Conference (WWW) 2017
      Acceptance rate=17.0%

    15. How Good are the Specs? A Study of the Bug-Finding Effectiveness of Existing Java API Specifications
      Owolabi Legunsen, Wajih Ul Hassan, Xinyue Xu, Grigore Rosu, Darko Marinov
      IEEE/ACM Conference on Automated Software Engineering (ASE) 2016
      Acceptance rate=19.1%



    Journal Publications

    1. How Effective are Existing Java API Specifications for Finding Bugs during Runtime Verification?
      Owolabi Legunsen, Nader Al Awar, Xinyue Xu, Wajih Ul Hassan, Grigore Rosu, Darko Marinov
      Automated Software Engineering Journal 2019

    2. Can Data Provenance Put an End to the Data Breach?
      Adam Bates, Wajih Ul Hassan
      IEEE Security & Privacy Magazine. July 1, 2019.

    Workshop Publications

    1. Automated Provenance Analytics: A Regular Grammar Based Approach with Applications in Security
      Mark Lemay, Wajih Ul Hassan, Thomas Moyer, Nabil Schear, Warren Smith
      International Workshop on Theory and Practice of Provenance (TaPP) 2017