Hello! I’m Muhammad Shoaib, a Ph.D. candidate in the Department of Computer Science at the University of Virginia, advised by Professor Wajih Ul Hassan. My primary research focuses on attack forensics and threat detection.

Research interests:

My current research interests include Emerging Systems Security, Threat Detection, Program Analysis, SIEM Evasion, and Attack Forensics in general. I am currently exploring how to evade SIEM systems more reliably.

News:

• Jul ‘25: “Rethinking Tamper-Evident Logging: A High-Performance, Co-Designed Auditing System” has been accepted at ACM CCS ‘25.
• Jul ‘25: Talk proposal for “REALITYCHECK: An ATT&CK-Aligned, Principled, and Automated Investigation of AR/VR Attacks” has been accepted at MITRE’s ATT&CKcon 6.0.
• Jul ‘25: Was awarded a travel grant to attend USENIX Security ‘25.
• May ‘25: CCI has recognized my USENIX Security ‘25 paper by accepting it for their Research Paper Showcase 2025 under the Resilience to Cyberattacks track.
• April ‘25: I have won the Best Poster Award for my work on Graph-based CVE Detection using Program Analysis and ML at CCI Symposium 2025, selected from over 40 students representing diverse computer-science disciplines across Virginia.
• Feb ‘25: Passed my qualifying exam defense. Now a Ph.D. candidate!
• Jan ‘25: My first-authored paper “Principled and Automated Approach for Investigating AR/VR Attacks” has been accepted at USENIX Security ‘25.
• August ‘24: Passed my qualifying exam proposal.
• July ‘24: “Accurate and Scalable Detection and Investigation of Cyber Persistence Threats” available on arXiv.
• Jan ‘24: The Computing Research Association has awarded my mentee Alex Suh an honorable mention in their Outstanding Undergraduate Research Awards 2023-24 for our work that was later accepted at USENIX Security ‘25.
• April ‘23: Was awarded a travel grant to attend IEEE S&P ‘23.
• October ‘22: Won best new student poster award at the UVA CS research symposium.
• August ‘22: Joined DART Lab as a Ph.D. Student.

Publications

1. Principled and Automated Approach for Investigating AR/VR Attacks (Slides): Muhammad Shoaib, Alex Suh, and Wajih Ul Hassan. In Proc. of the 34th USENIX Security Symposium (SEC ’25).

2. Rethinking Tamper-Evident Logging: A High-Performance, Co-Designed Auditing System: Rui Zhao, Muhammad Shoaib, Viet Tung Hoang, and Wajih Ul Hassan. In Proc. of the 32nd ACM Conference on Computer and Communications Security (CCS ’25).

3. Accurate and Scalable Detection and Investigation of Cyber Persistence Threats: Qi Liu, Muhammad Shoaib, Mati Ur Rehman, Kaibin Bao, Veit Hagenmeyer, and Wajih Ul Hassan. arXiv preprint arXiv:2407.18832.