Hello! I’m Muhammad Shoaib, a Ph.D. candidate in the Department of Computer Science at the University of Virginia, advised by Professor Wajih Ul Hassan. My primary research focuses on attack forensics and threat detection.

Research interests:

My current research interests include Emerging Systems Security, Intent-Based Threat Detection, Program Analysis, and Attack Forensics. I am particularly interested in building resilient detections that capture adversarial intent at a higher semantic level rather than relying only on brittle pattern matching.

News:

• Mar ‘26: My first-authored paper “Catch Me If You Can: Detector-Resistant Evasion via Semantics-Preserving Command Re-Realization” was accepted at IEEE Symposium on Security and Privacy (S&P) 2026 (acceptance rate ~12.6%).
• Oct ‘25: Won Distinguished Paper Award 🏆 for our CCS’25 paper.
• Oct ’25: Invited to give a talk at MITRE ATT&CKcon 6.0.
• Oct ’25: Attended MITRE’s Threat-Informed Defense training by the CTID Council.
• Oct ‘25: Invited to serve as a reviewer for IEEE Transactions on Information Forensics & Security (TIFS).
• Aug ‘25: Workshop paper accepted to the 1st XR Security Workshop, co-located with ACM MobiHoc 2025.
• Jul ‘25: “Rethinking Tamper-Evident Logging: A High-Performance, Co-Designed Auditing System” has been accepted at ACM CCS ‘25.
• Jul ‘25: Talk proposal for “REALITYCHECK: An ATT&CK-Aligned, Principled, and Automated Investigation of AR/VR Attacks” has been accepted at MITRE’s ATT&CKcon 6.0.
• Jul ‘25: Was awarded a travel grant to attend USENIX Security ‘25.
• May ‘25: CCI has recognized my USENIX Security ‘25 paper by accepting it for their Research Paper Showcase 2025 under the Resilience to Cyberattacks track.
• April ‘25: I have won the Best Poster Award for my work on Graph-based CVE Detection using Program Analysis and ML at CCI Symposium 2025, selected from over 40 students representing diverse computer-science disciplines across Virginia.
• Feb ‘25: Passed my qualifying exam defense. Now a Ph.D. candidate!
• Jan ‘25: My first-authored paper “Principled and Automated Approach for Investigating AR/VR Attacks” has been accepted at USENIX Security ‘25.
• August ‘24: Passed my qualifying exam proposal.
• July ‘24: “Accurate and Scalable Detection and Investigation of Cyber Persistence Threats” available on arXiv.
• Jan ‘24: The Computing Research Association has awarded my mentee Alex Suh an honorable mention in their Outstanding Undergraduate Research Awards 2023-24 for our work that was later accepted at USENIX Security ‘25.
• April ‘23: Was awarded a travel grant to attend IEEE S&P ‘23.
• October ‘22: Won best new student poster award at the UVA CS research symposium.
• August ‘22: Joined DART Lab as a Ph.D. Student.

Selected Publications

1. Catch Me If You Can: Detector-Resistant Evasion via Semantics-Preserving Command Re-Realization: Muhammad Shoaib, Hare Sudhan Muthusamy, Tareq Alkhatib, and Wajih Ul Hassan. In IEEE Symposium on Security and Privacy (S&P 2026).

2. Principled and Automated Approach for Investigating AR/VR Attacks (Slides): Muhammad Shoaib, Alex Suh, and Wajih Ul Hassan. In Proc. of the 34th USENIX Security Symposium (SEC ’25).

3. Rethinking Tamper-Evident Logging: A High-Performance, Co-Designed Auditing System: Rui Zhao, Muhammad Shoaib, Viet Tung Hoang, and Wajih Ul Hassan. In Proc. of the 32nd ACM Conference on Computer and Communications Security (CCS ’25) 🏆 Distinguished Paper Award.

4. Investigating Immersive Attacks with REALITYCHECK: Muhammad Shoaib, et al. Demonstrated paper at the 1st XR Security Workshop (co-located with MobiHoc ’25).

5. Accurate and Scalable Detection and Investigation of Cyber Persistence Threats: Qi Liu, Muhammad Shoaib, Mati Ur Rehman, Kaibin Bao, Veit Hagenmeyer, and Wajih Ul Hassan. arXiv preprint arXiv:2407.18832.

Industry Conferences & Talks

1. REALITYCHECK: An ATT&CK-Aligned, Principled, and Automated Investigation of AR/VR Attacks. Invited talk at MITRE ATT&CKcon 6.0 (Oct 15, 2025).