Xiangmin Shen

3410 Mudd Hall

2233 Tech Dr, 3rd Floor

Evanston, IL 60208

I’m a 6th year PhD candidate advised by Prof. Yan Chen at Northwestern University Computer Science Department. As cyber-attacks become increasingly sophisticated and stealthy, it becomes more imperative and challenging to detect intrusion from normal behaviors. Defending against Advanced Persistent Threats (APTs) requires a nuanced understanding of both offensive and defensive strategies. Defense techniques are developed to guard against offensive techniques, while offensive techniques are developed to explore defense weaknesses and evaluate defense effectiveness. My research explores the interplay between these aspects, aiming to fortify cybersecurity defenses by continually pushing the boundaries of both offensive and defensive techniques.

selected publications

NDSS

Incorporating Gradients to Rules: Towards Lightweight, Adaptive Provenance-based Intrusion Detection

Lingzhi Wang*, Xiangmin Shen* , Weijian Li , and 4 more authors

Proceedings of the 32nd Annual Network and Distributed System Security Symposium (NDSS), 2025

arXiv Bib HTML PDF

@article{wang2024incorporating,
  title = {Incorporating Gradients to Rules: Towards Lightweight, Adaptive Provenance-based Intrusion Detection},
  author = {Wang*, Lingzhi and Shen*, Xiangmin and Li, Weijian and Li, Zhenyuan and Sekar, R and Liu, Han and Chen, Yan},
  journal = {Proceedings of the 32nd Annual Network and Distributed System Security Symposium (NDSS)},
  year = {2025},
  annotation = {The first two authors made equal contribution},
}

AsiaCCS

Decoding the MITRE Engenuity ATT&CK Enterprise Evaluation: An Analysis of EDR Performance in Real-World Environments

Xiangmin Shen, Zhenyuan Li, Graham Burleigh , and 2 more authors

Proceedings of the 19th ACM Asia Conference on Computer and Communications Security, 2024

arXiv Bib HTML PDF

@article{shen2024decoding,
  title = {Decoding the MITRE Engenuity ATT\&CK Enterprise Evaluation: An Analysis of EDR Performance in Real-World Environments},
  author = {Shen, Xiangmin and Li, Zhenyuan and Burleigh, Graham and Wang, Lingzhi and Chen, Yan},
  journal = {Proceedings of the 19th ACM Asia Conference on Computer and Communications Security},
  year = {2024},
}