Conference Publications

1. FAuST: Striking a Bargain between Forensic Auditing's Security and Throughput
   Muhammad Adil Inam, Akul Goyal, Jason Liu, Jaron Mink, Noor Michael, Sneha Gaur, Adam Bates, and Wajih Ul Hassan.
   Annual Computer Security Applications Conference (ACSAC) 2022
   
   
2. SoK: History is a Vast Early Warning System: Auditing the Provenance of System Intrusions.
   Muhammad Adil Inam, Yinfang Chen, Akul Goyal, Jason Liu, Jaron Mink, Noor Michael, Sneha Gaur, Adam Bates, and Wajih Ul Hassan.
   IEEE Symposium on Security and Privacy (S&P) 2023
   
   
3. Forensic Analysis of Configuration-based Attacks
   Muhammad Adil Inam*, Wajih Ul Hassan*, Ali Ahad, Adam Bates, Rashid Tahir, Tianyin Xu, and Fareed Zaffar (* denotes equal contribution)
   Network and Distributed System Security Symposium (NDSS) 2022
   
   
4. Validating the Integrity of Audit Logs Against Execution Repartitioning Attacks.
   Carter Yagemann, Mohammad Noureddine, Wajih Ul Hassan, Simon Chung, Adam Bates, and Wenke Lee
   Conference on Computer and Communications Security (CCS) 2021
   
   
5. This is Why We Can’t Cache Nice Things: Lightning-Fast Threat Hunting using Suspicion-Based Hierarchical Storage
   Wajih Ul Hassan, Ding Li, Kangkook Jee, Xiao Yu, Kexuan Zou, Dawei Wang, Zhengzhang Chen, Zhichun Li, Junghwan Rhee, Jiaping Gui, Adam Bates
   Annual Computer Security Applications Conference (ACSAC) 2020
   Acceptance rate=23.2%
   
   
6. On the Forensic Validity of Approximated Audit Logs
   Noor Michael, Jaron Mink, Jason Liu, Sneha Gaur, Wajih Ul Hassan, Adam Bates
   Annual Computer Security Applications Conference (ACSAC) 2020
   Acceptance rate=23.2%
   
   
7. Tactical Provenance Analysis for Endpoint Detection and Response Systems
   Wajih Ul Hassan, Adam Bates, Daniel Marino
   IEEE Symposium on Security and Privacy (S&P) 2020
   Acceptance rate=12.3%
   
   
8. OmegaLog: High-Fidelity Attack Investigation via Transparent Multi-layer Log Analysis
   Wajih Ul Hassan, Mohammad Ali Noureddine, Pubali Datta, Adam Bates
   Network and Distributed System Security Symposium (NDSS) 2020
   Acceptance rate=17.4%
   
   
9. Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution
   Riccardo Paccagnella, Pubali Datta, Wajih Ul Hassan, Adam Bates, Christopher Fletcher, Andrew Miller, Dave Tian
   Network and Distributed System Security Symposium (NDSS) 2020
   Acceptance rate=17.4%
   
   
10. You Are What You Do: Hunting Stealthy Malware via Data Provenance Analysis
    Qi Wang, Wajih Ul Hassan, Ding Li, Kangkook Jee, Xiao Yu, Kexuan Zou, Junghwan Rhee, Zhengzhang Chen, Wei Cheng, Carl A. Gunter, Haifeng Chen.
    Network and Distributed System Security Symposium (NDSS) 2020
    Acceptance rate=17.4%
    
    
11. NoDoze: Combatting Threat Alert Fatigue with Automated Provenance Triage
    Wajih Ul Hassan, Shengjian Guo, Ding Li, Zhengzhang Chen, Kangkook Jee, Zhichun Li, Adam Bates
    Network and Distributed System Security Symposium (NDSS) 2019
    Acceptance rate=17.1%
    
    
12. Analysis of Privacy Protections in Fitness Tracking Social Networks -or- You can run, but can you hide?
    Wajih Ul Hassan*, Saad Hussain*, Adam Bates. (* denotes equal contribution)
    USENIX Security 2018
    Acceptance rate=19.1%
    Media Coverage: News Gazette, Daily Illini, WAND TV, Illinois Engineering, Strava Blog, MapMyTracks Blog
    
    
13. Towards Scalable Cluster Auditing through Grammatical Inference over Provenance Graphs
    Wajih Ul Hassan, Mark Lemay, Nuraini Aguse, Adam Bates, Thomas Moyer
    Network and Distributed System Security Symposium (NDSS) 2018
    Acceptance rate=21.0%
    
    
14. Fear and Logging in the Internet of Things
    Qi Wang, Wajih Ul Hassan, Adam Bates, Carl Gunter
    Network and Distributed System Security Symposium (NDSS) 2018
    Acceptance rate=21.0%
    
    
15. Don't cry over spilled records: Memory elasticity of data-parallel applications and its application to cluster scheduling
    Calin Iorgulescu, Florin Dinu, Aunn Raza, Wajih Ul Hassan, Willy Zwaenepoel
    USENIX Annual Technical Conference (ATC) 2017
    Acceptance rate=21.0%
    
    
16. Transparent Web Service Auditing via Network Provenance Functions
    Adam Bates, Wajih Ul Hassan, Kevin Butler, Alin Dobra, Brad Reaves, Patrick Cable, Thomas Moyer, Nabil Schear
    World Wide Web Conference (WWW) 2017
    Acceptance rate=17.0%
    
    
17. How Good are the Specs? A Study of the Bug-Finding Effectiveness of Existing Java API Specifications
    Owolabi Legunsen, Wajih Ul Hassan, Xinyue Xu, Grigore Rosu, Darko Marinov
    IEEE/ACM Conference on Automated Software Engineering (ASE) 2016
    Acceptance rate=19.1%
    
    ACM SIGSOFT Distinguished Paper Award
    
    
    

Journal Publications

1. How Effective are Existing Java API Specifications for Finding Bugs during Runtime Verification?
   Owolabi Legunsen, Nader Al Awar, Xinyue Xu, Wajih Ul Hassan, Grigore Rosu, Darko Marinov
   Automated Software Engineering Journal 2019
   
   
2. Can Data Provenance Put an End to the Data Breach?
   Adam Bates, Wajih Ul Hassan
   IEEE Security & Privacy Magazine. July 1, 2019.
   

Workshop Publications

1. Automated Provenance Analytics: A Regular Grammar Based Approach with Applications in Security
   Mark Lemay, Wajih Ul Hassan, Thomas Moyer, Nabil Schear, Warren Smith
   International Workshop on Theory and Practice of Provenance (TaPP) 2017