Xiangmin Shen

3410 Mudd Hall

2233 Tech Dr, 3rd Floor

Evanston, IL 60208

I’m a final year PhD candidate working with Prof. Yan Chen at Northwestern University Computer Science Department. I am broadly interested in system security and security measurement. My current research focuses on enhancing system security by applying AI techniques in defense and offense.

I’m excited to share that I will be joining the Department of Computer Science at Hofstra University as a tenure-track Assistant Professor starting Fall 2025. I look forward to continuing my research at the intersection of AI and system security, mentoring students, and contributing to the growth of Hofstra’s cybersecurity programs!

news

Mar 19, 2025	Our paper “PentestAgent: Incorporating LLM Agents to Automated Penetration Testing” is accepted by AsiaCCS’25.
Feb 16, 2025	We are pleased to announce the release of PentestAgent, an LLM-driven automated penetration testing framework. Feel free to try out the tool, share your thoughts, and let us know if you run into any issues. If you find PentestAgent useful, do give it a star on GitHub.
Feb 04, 2025	Our poster “LLM-Driven Automated Exploit Assessment for Penetration Testing” is accepted to appear in NDSS’25.
Aug 30, 2024	Our paper “Incorporating Gradients to Rules: Towards Lightweight, Adaptive Provenance-based Intrusion Detection” is accepted by NDSS’25.
Dec 19, 2023	Our paper “Decoding the MITRE Engenuity ATT&CK Enterprise Evaluation: An Analysis of EDR Performance in Real-World Environments” is accepted by AsiaCCS’24.

selected publications

AsiaCCS

PentestAgent: Incorporating LLM Agents to Automated Penetration Testing

Xiangmin Shen, Lingzhi Wang, Zhenyuan Li, Yan Chen, Wencheng Zhao, and 3 more authors

Proceedings of the 20th ACM Asia Conference on Computer and Communications Security (AsiaCCS). Code release can be found here , 2025

arXiv Bib HTML PDF

@article{shen2024pentestagent,
  title = {PentestAgent: Incorporating LLM Agents to Automated Penetration Testing},
  author = {Shen, Xiangmin and Wang, Lingzhi and Li, Zhenyuan and Chen, Yan and Zhao, Wencheng and Sun, Dawei and Wang, Jiashui and Ruan, Wei},
  journal = {Proceedings of the 20th ACM Asia Conference on Computer and Communications Security (AsiaCCS)},
  year = {2025},
}

NDSS

Incorporating Gradients to Rules: Towards Lightweight, Adaptive Provenance-based Intrusion Detection

Xiangmin Shen^*, Lingzhi Wang^*, Weijian Li, Zhenyuan Li, R Sekar, and 2 more authors

Proceedings of the 32nd Annual Network and Distributed System Security Symposium (NDSS). Code release can be found here , 2025

arXiv Bib HTML PDF

@article{wang2024incorporating,
  title = {Incorporating Gradients to Rules: Towards Lightweight, Adaptive Provenance-based Intrusion Detection},
  author = {Shen*, Xiangmin and Wang*, Lingzhi and Li, Weijian and Li, Zhenyuan and Sekar, R and Liu, Han and Chen, Yan},
  journal = {Proceedings of the 32nd Annual Network and Distributed System Security Symposium (NDSS)},
  year = {2025},
}

AsiaCCS

Decoding the MITRE Engenuity ATT&CK Enterprise Evaluation: An Analysis of EDR Performance in Real-World Environments

Xiangmin Shen, Zhenyuan Li, Graham Burleigh, Lingzhi Wang, and Yan Chen

Proceedings of the 19th ACM Asia Conference on Computer and Communications Security (AsiaCCS). Data release can be found here , 2024

arXiv Bib HTML PDF

@article{shen2024decoding,
  title = {Decoding the MITRE Engenuity ATT\&CK Enterprise Evaluation: An Analysis of EDR Performance in Real-World Environments},
  author = {Shen, Xiangmin and Li, Zhenyuan and Burleigh, Graham and Wang, Lingzhi and Chen, Yan},
  journal = {Proceedings of the 19th ACM Asia Conference on Computer and Communications Security (AsiaCCS)},
  year = {2024},
}