Wajih Ul Hassan


4303

Ph.D. Candidate
Dept. of Computer Science
University of Illinois at Urbana-Champaign

Email: whassan3@illinois.edu

I am a Ph.D. candidate in the Department of Computer Science at UIUC . I am currently advised by Prof. Adam Bates. My research interests lie in the broad area of system security with a current focus on audit logging, intrusion detection, forensic analysis, and data provenance.


        Curriculum Vitae    


Selected Awards and Honors

  • Mavis Future Faculty Fellowship, UIUC 2020
  • Heidelberg Laureate Forum Young Researcher 2019
  • Symantec Research Labs Graduate Fellowship 2019
  • RSA Security Scholar 2018
  • Feng Chen Memorial Award, UIUC 2017
  • ACM SIGSOFT Distinguished Paper Award 2016
  • Sohaib and Sara Abbasi Fellowship, UIUC 2015


    Service

  • 2021: USENIX Security (PC)
  • 2020: IEEE S&P (Shadow PC), ACM WPES (PC)
  • 2018: ACM WPES (PC)


    Conference Publications

    1. This is Why We Can’t Cache Nice Things: Lightning-Fast Threat Hunting using Suspicion-Based Hierarchical Storage
      Wajih Ul Hassan, Ding Li, Kangkook Jee, Xiao Yu, Kexuan Zou, Dawei Wang, Zhengzhang Chen, Zhichun Li, Junghwan Rhee, Jiaping Gui, Adam Bates
      Annual Computer Security Applications Conference (ACSAC) 2020
      Acceptance rate=23.2%

    2. On the Forensic Validity of Approximated Audit Logs
      Noor Michael, Jaron Mink, Jason Liu, Sneha Gaur, Wajih Ul Hassan, Adam Bates
      Annual Computer Security Applications Conference (ACSAC) 2020
      Acceptance rate=23.2%

    3. Tactical Provenance Analysis for Endpoint Detection and Response Systems
      Wajih Ul Hassan, Adam Bates, Daniel Marino
      IEEE Symposium on Security and Privacy (S&P) 2020
      Acceptance rate=12.3%

    4. OmegaLog: High-Fidelity Attack Investigation via Transparent Multi-layer Log Analysis
      Wajih Ul Hassan, Mohammad Ali Noureddine, Pubali Datta, Adam Bates
      Network and Distributed System Security Symposium (NDSS) 2020
      Acceptance rate=17.4%

    5. Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution
      Riccardo Paccagnella, Pubali Datta, Wajih Ul Hassan, Adam Bates, Christopher Fletcher, Andrew Miller, Dave Tian
      Network and Distributed System Security Symposium (NDSS) 2020
      Acceptance rate=17.4%

    6. You Are What You Do: Hunting Stealthy Malware via Data Provenance Analysis
      Qi Wang, Wajih Ul Hassan, Ding Li, Kangkook Jee, Xiao Yu, Kexuan Zou, Junghwan Rhee, Zhengzhang Chen, Wei Cheng, Carl A. Gunter, Haifeng Chen.
      Network and Distributed System Security Symposium (NDSS) 2020
      Acceptance rate=17.4%

    7. NoDoze: Combatting Threat Alert Fatigue with Automated Provenance Triage
      Wajih Ul Hassan, Shengjian Guo, Ding Li, Zhengzhang Chen, Kangkook Jee, Zhichun Li, Adam Bates
      Network and Distributed System Security Symposium (NDSS) 2019
      Acceptance rate=17.1%

    8. Analysis of Privacy Protections in Fitness Tracking Social Networks -or- You can run, but can you hide?
      Wajih Ul Hassan*, Saad Hussain*, Adam Bates. (* denotes equal contribution)
      USENIX Security 2018
      Acceptance rate=19.1%
      Media Coverage: News Gazette, Daily Illini, WAND TV, Illinois Engineering, Strava Blog, MapMyTracks Blog

    9. Towards Scalable Cluster Auditing through Grammatical Inference over Provenance Graphs
      Wajih Ul Hassan, Mark Lemay, Nuraini Aguse, Adam Bates, Thomas Moyer
      Network and Distributed System Security Symposium (NDSS) 2018
      Acceptance rate=21.0%

    10. Fear and Logging in the Internet of Things
      Qi Wang, Wajih Ul Hassan, Adam Bates, Carl Gunter
      Network and Distributed System Security Symposium (NDSS) 2018
      Acceptance rate=21.0%

    11. Don't cry over spilled records: Memory elasticity of data-parallel applications and its application to cluster scheduling
      Calin Iorgulescu, Florin Dinu, Aunn Raza, Wajih Ul Hassan, Willy Zwaenepoel
      USENIX Annual Technical Conference (ATC) 2017
      Acceptance rate=21.0%

    12. Transparent Web Service Auditing via Network Provenance Functions
      Adam Bates, Wajih Ul Hassan, Kevin Butler, Alin Dobra, Brad Reaves, Patrick Cable, Thomas Moyer, Nabil Schear
      World Wide Web Conference (WWW) 2017
      Acceptance rate=17.0%

    13. How Good are the Specs? A Study of the Bug-Finding Effectiveness of Existing Java API Specifications
      Owolabi Legunsen, Wajih Ul Hassan, Xinyue Xu, Grigore Rosu, Darko Marinov
      IEEE/ACM Conference on Automated Software Engineering (ASE) 2016
      Acceptance rate=19.1%



    Journal Publications

    1. How Effective are Existing Java API Specifications for Finding Bugs during Runtime Verification?
      Owolabi Legunsen, Nader Al Awar, Xinyue Xu, Wajih Ul Hassan, Grigore Rosu, Darko Marinov
      Automated Software Engineering Journal 2019

    2. Can Data Provenance Put an End to the Data Breach?
      Adam Bates, Wajih Ul Hassan
      IEEE Security & Privacy Magazine. July 1, 2019.

    Workshop Publications

    1. Automated Provenance Analytics: A Regular Grammar Based Approach with Applications in Security
      Mark Lemay, Wajih Ul Hassan, Thomas Moyer, Nabil Schear, Warren Smith
      International Workshop on Theory and Practice of Provenance (TaPP) 2017