Baojun Liu - Publications

• Exploring and Analyzing Cross Layer DoS Attack Against UDP-based Services on Linux
  Dashuai Wu, Yunyi Zhang Baojun Liu, Xiang Li, Eihal Alowaisheq, Haixin Duan
  ACM Conference on Computer and Communications Security (CCS)
  October 2025 • Taipei, Taiwan, China
  Conference BibTeX
• RebirthDay Attack: Reviving DNS Cache Poisoning with the Birthday Paradox
  Xiang Li, Mingming Zhang, Zuyao Xu, Fasheng Miao, Yuqi Qiu, Baojun Liu, Jia Zhang, Xiaofeng Zhang, Haixin Duan, Zheli Liu, Yunhai Zhang, Dunqiu Fan
  ACM Conference on Computer and Communications Security (CCS)
  October 2025 • Taipei, Taiwan, China
  Conference BibTeX
• Beyond Exploit Scanning: A Functional Change-Driven Approach to Remote Software Version Identification
  Jinsong Chen, Mengying Wu, Geng Hong, Baichao An, Mingxuan Liu, Lei Zhang, Baojun Liu, Haixin Duan, Min Yang
  USENIX Security Symposium
  August 2025 • Seattle, WA, USA
  Conference BibTeX
• Your Shield is My Sword: A Persistent Denial-of-Service Attack via the Reuse of Unvalidated Caches in DNSSEC Validation
  Shuhan Zhang, Shuai Wang, Li Chen, Dan Li, Baojun Liu
  USENIX Security Symposium
  August 2025 • Seattle, WA, USA
  Conference BibTeX
• NOKEScam: Understanding and Rectifying Non-Sense Keywords Spear Scam in Search Engines
  Mingxuan Liu, Yunyi Zhang, Lijie Wu, Baojun Liu, Geng Hong, Yinming Zhang, Hui Jiang, Jia Zhang, Haixin Duan, Min Zhang, Wei Guan, Fan Shi, Min Yang
  USENIX Security Symposium
  August 2025 • Seattle, WA, USA
  Conference BibTeX
• Misty Registry: An Empirical Study of Flawed Domain Registry Operation
  Mingming Zhang, Yunyi Zhang, Baojun Liu, Haixin Duan, Min Zhang, Fan Shi, Chengxi Xu
  USENIX Security Symposium
  August 2025 • Seattle, WA, USA
  Conference BibTeX
• Chaos in the Chain: Evaluate Deployment and Construction Compliance of Web PKI Certificate Chain
  Jia Yao, Yiming Zhang, Baojun Liu, Zhan Liu, Mingming Zhang, Haixin Duan
  ACM Internet Measurement Conference (IMC)
  October 2025 • Madison, Wisconsin, USA
  Conference BibTeX
• Dive into the cloud: Unveiling the (Ab)usage of Serverless Cloud Function in the Wild
  Yijing Liu, Mingxuan Liu, Yiming Zhang, Baojun Liu, Jia Zhang, Geng Hong, Haixin Duan, Min Yang
  ACM Internet Measurement Conference (IMC)
  October 2025 • Madison, Wisconsin, USA
  Conference BibTeX
• HADES Attack: Understanding and Evaluating Manipulation Risks of Email Blocklists
  Ruixuan Li, Chaoyi Lu, Baojun Liu, Yunyi Zhang, Geng Hong, Haixin Duan, Yanzhong Lin, Qingfeng Pan, Min Yang, Jun Shao
  32nd Annual Network and Distributed System Security Symposium (NDSS)
  February 2025 • San Diego, CA, USA
  Conference BibTeX
• Revealing the Black Box of Device Search Engine: Scanning Assets, Strategies, and Ethical Consideration
  Mengying Wu, Geng Hong, Jinsong Chen, Qi Liu, Shujun Tang, Youhao Li, Baojun Liu, Haixin Duan, Min Yang
  32nd Annual Network and Distributed System Security Symposium (NDSS)
  February 2025 • San Diego, CA, USA
  Conference BibTeX
• Decoding DNS Centralization: Measuring and Identifying NS Domains Across Hosting Providers
  Qihang Peng, Mingming Zhang, Deliang Chang, Jia Zhang, Baojun Liu, Haixin Duan
  55th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)
  June 2025 • Naples, Italy
  Conference BibTeX
• You Can't Eat Your Cake and Have It Too: The Performance Degradation of LLMs with Jailbreak Defense
  Wuyuao Mai, Geng Hong, Pei Chen, Xudong Pan, Baojun Liu, Yuan Zhang, Haixin Duan, Min Yang
  ACM Web Conference (WWW)
  May 2025 • Sydney, Australia.
  Conference BibTeX

• Investigating Deployment Issues of DNS Root Server Instances From a China-Wide View
  Fenglu Zhang, Baojun Liu, Chaoyi Lu, Yunpeng Xing, Haixin Duan, Ying Liu, Liyuan Chang
  IEEE Transactions on Dependable and Secure Computing
  Volume 21, Issue 6 • November 2024
  Journal BibTeX
• Yesterday Once More: Global Measurement of Internet Traffic Shadowing Behaviors
  Yunpeng Xing, Chaoyi Lu, Baojun Liu, Haixin Duan, Junzhe Sun, Zhou Li
  ACM Internet Measurement Conference (IMC)
  November 2024 • Madrid, Spain
  Conference BibTeX
• Bounce in the Wild: A Deep Dive into Email Delivery Failures from a Large Email Service Provider
  Ruixuan Li, Shaodong Xiao, Baojun Liu, Yanzhong Lin, Haixin Duan, Qingfeng Pan, Jianjun Chen, Jia Zhang, Ximeng Liu, Xiuqi Lu, Jun Shao
  ACM Internet Measurement Conference (IMC)
  November 2024 • Madrid, Spain
  Conference BibTeX
• Understanding the Implementation and Security Implications of Protective DNS Services
  Mingxuan Liu, Yiming Zhang, Xiang Li, Chaoyi Lu, Baojun Liu, Haixin Duan, Xiaofeng Zheng
  31st Annual Network and Distributed System Security Symposium (NDSS)
  February 2024 • San Diego, CA
  Conference BibTeX
• TuDoor Attack: Systematically Exploring and Exploiting Logic Vulnerabilities in DNS Response Pre-processing with Malformed Packets
  Xiang Li, Wei Xu, Baojun Liu, Mingming Zhang, Zhou Li, Jia Zhang, Deliang Chang, Xiaofeng Zheng, Chuhan Wang, Jianjun Chen, Haixin Duan, Qi Li
  IEEE Symposium on Security and Privacy (SP)
  May 2024 • San Francisco, CA
  Conference BibTeX
• Tickets or Privacy? Understand the Ecosystem of Chinese Ticket Grabbing Apps
  Yijing Liu, Yiming Zhang, Baojun Liu, Haixin Duan, Qiang Li, Mingxuan Liu, Ruixuan Li, Jia Yao
  USENIX Security Symposium
  August 2024 • Philadelphia, PA
  Conference BibTeX
• Rethinking the Security Threats of Stale DNS Glue Records
  Yunyi Zhang, Baojun Liu, Haixin Duan, Min Zhang, Xiang Li, Fan Shi, Chengxi Xu, Eihal Alowaisheq
  USENIX Security Symposium
  August 2024 • Philadelphia, PA
  Conference BibTeX
• Into the Dark: Unveiling Internal Site Search Abused for Black Hat SEO
  Yunyi Zhang, Mingxuan Liu, Baojun Liu, Yiming Zhang, Haixin Duan, Min Zhang, Hui Jiang, Yanzhe Li, Fan Shi
  USENIX Security Symposium
  August 2024 • Philadelphia, PA
  Conference BibTeX
• Cross the Zone: Toward a Covert Domain Hijacking via Shared DNS Infrastructure
  Yunyi Zhang, Mingming Zhang, Baojun Liu, Zhan Liu, Jia Zhang, Haixin Duan, Min Zhang, Fan Shi, Chengxi Xu
  USENIX Security Symposium
  August 2024 • Philadelphia, PA
  Conference BibTeX
• A Worldwide View on the Reachability of Encrypted DNS Services
  Ruixuan Li, Baojun Liu, Chaoyi Lu, Haixin Duan, Jun Shao
  ACM Web Conference (WWW)
  May 2024 • Singapore
  Conference BibTeX

• Silence is not Golden: Disrupting the Load Balancing of Authoritative DNS Servers
  Fenglu Zhang, Baojun Liu, Eihal Alowaisheq, Jianjun Chen, Chaoyi Lu, Linjian Song, Yong Ma, Ying Liu, Haixin Duan, Min Yang
  ACM Conference on Computer and Communications Security (CCS)
  November 2023 • Copenhagen, Denmark
  Conference BibTeX
• Silence is not Golden: Disrupting the Load Balancing of Authoritative DNS Servers
  Fenglu Zhang, Baojun Liu, Eihal Alowaisheq, Jianjun Chen, Chaoyi Lu, Linjian Song, Yong Ma, Ying Liu, Haixin Duan, Min Yang
  ACM Turing Award Celebration Conference - China (TURC)
  July 2023 • Wuhan, China
  Conference BibTeX
• TsuKing: Coordinating DNS Resolvers and Queries into Potent DoS Amplifiers
  Wei Xu, Xiang Li, Chaoyi Lu, Baojun Liu, Haixin Duan, Jia Zhang, Jianjun Chen, Tao Wan
  ACM Conference on Computer and Communications Security (CCS)
  November 2023 • Copenhagen, Denmark
  Conference BibTeX
• Under the Dark: A Systematical Study of Stealthy Mining Pools (Ab)use in the Wild
  Zhenrui Zhang, Geng Hong, Xiang Li, Zhuoqun Fu, Jia Zhang, Mingxuan Liu, Chuhan Wang, Jianjun Chen, Baojun Liu, Haixin Duan, Chao Zhang, Min Yang
  ACM Conference on Computer and Communications Security (CCS)
  November 2023 • Copenhagen, Denmark
  Conference BibTeX
• Wolf in Sheep's Clothing: Evaluating Security Risks of the Undelegated Record on DNS Hosting Services
  Fenglu Zhang, Yunyi Zhang, Baojun Liu, Eihal Alowaisheq, Lingyun Ying, Xiang Li, Zaifeng Zhang, Ying Liu, Haixin Duan, Min Zhang
  ACM Internet Measurement Conference (IMC)
  October 2023 • Montreal, QC, Canada
  Conference BibTeX
• Ghost Domain Reloaded: Vulnerable Links in Domain Name Delegation and Revocation
  Xiang Li, Baojun Liu, Xuesong Bai, Mingming Zhang, Qifan Zhang, Zhou Li, Haixin Duan, Qi Li
  30th Annual Network and Distributed System Security Symposium (NDSS)
  February 2023 • San Diego, CA
  Conference BibTeX
• Detecting and Measuring Security Risks of Hosting-Based Dangling Domains
  Mingming Zhang, Xiang Li, Baojun Liu, Jianyu Lu, Yiming Zhang, Jianjun Chen, Haixin Duan, Shuang Hao, Xiaofeng Zheng
  ACM SIGMETRICS International Conference on Measurement and Modeling of Computer Systems (SIGMETRICS)
  June 2023 • Orlando, FL, USA
  Conference BibTeX
• The Maginot Line: Attacking the Boundary of DNS Caching Protection
  Xiang Li, Chaoyi Lu, Baojun Liu, Qifan Zhang, Zhou Li, Haixin Duan, Qi Li
  32nd USENIX Security Symposium (USENIX Security)
  August 2023 • Anaheim, CA, USA
  Conference BibTeX
• Temporal CDN-Convex Lens: A CDN-Assisted Practical Pulsing DDoS Attack
  Run Guo, Jianjun Chen, Yihang Wang, Keran Mu, Baojun Liu, Xiang Li, Chao Zhang, Haixin Duan, Jianping Wu
  32nd USENIX Security Symposium (USENIX Security)
  August 2023 • Anaheim, CA, USA
  Conference BibTeX

• Exploring the Characteristics and Security Risks of Emerging Emoji Domain Names
  Mingxuan Liu, Yiming Zhang, Baojun Liu, Haixin Duan
  27th European Symposium on Research in Computer Security (ESORICS)
  September 2022 • Copenhagen, Denmark
  Conference BibTeX
• Trampoline Over the Air: Breaking in IoT Devices Through MQTT Brokers
  Huikai Xu, Miao Yu, Yanhao Wang, Yue Liu, Qinsheng Hou, Zhenbang Ma, Haixin Duan, Jianwei Zhuge, Baojun Liu
  7th IEEE European Symposium on Security and Privacy (EuroS&P)
  June 2022 • Genoa, Italy
  Conference BibTeX
• PMTUD is not Panacea: Revisiting IP Fragmentation Attacks against TCP
  Xuewei Feng, Qi Li, Kun Sun, Ke Xu, Baojun Liu, Xiaofeng Zheng, Qiushi Yang, Haixin Duan, Zhiyun Qian
  29th Annual Network and Distributed System Security Symposium (NDSS)
  April 2022 • San Diego, CA
  Conference BibTeX
• Measuring the Practical Effect of DNS Root Server Instances: A China-Wide Case Study
  Fenglu Zhang, Chaoyi Lu, Baojun Liu, Haixin Duan, Ying Liu
  Passive and Active Measurement (PAM) Conference
  March 2022 • Virtual Event
  Conference BibTeX
• Building an Open, Robust, and Stable Voting-Based Domain Top List
  Qinge Xie, Shujun Tang, Xiaofeng Zheng, Qingran Lin, Baojun Liu, Haixin Duan, Frank Li
  31st USENIX Security Symposium (USENIX Security)
  August 2022 • Boston, MA, USA
  Conference BibTeX
• A Large-scale and Longitudinal Measurement Study of DKIM Deployment
  Chuhan Wang, Kaiwen Shen, Minglei Guo, Yuxuan Zhao, Mingming Zhang, Jianjun Chen, Baojun Liu, Xiaofeng Zheng, Haixin Duan, Yanzhong Lin, Qingfeng Pan
  31st USENIX Security Symposium (USENIX Security)
  August 2022 • Boston, MA, USA
  Conference BibTeX

• DNSWeight: Quantifying Country-Wise Importance of Domain Name System
  Deliang Chang, Shanshan Hao, Zhou Li, Baojun Liu, Xing Li
  IEEE Access
  Volume 9 • March 2021
  Journal BibTeX
• Detecting and Characterizing SMS Spearphishing Attacks
  Mingxuan Liu, Yiming Zhang, Baojun Liu, Zhou Li, Haixin Duan, Donghong Sun
  Annual Computer Security Applications Conference (ACSAC)
  December 2021 • Virtual Event, USA
  Conference BibTeX
• Rusted Anchors: A National Client-Side View of Hidden Root CAs in the Web PKI Ecosystem
  Yiming Zhang, Baojun Liu, Chaoyi Lu, Zhou Li, Haixin Duan, Jiachen Li, Zaifeng Zhang
  ACM Conference on Computer and Communications Security (CCS)
  November 2021 • Virtual Event, Republic of Korea
  Conference BibTeX
• Fast IPv6 Network Periphery Discovery and Security Implications
  Xiang Li, Baojun Liu, Xiaofeng Zheng, Haixin Duan, Qi Li, Youjun Huang
  51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)
  June 2021 • Taipei, Taiwan
  Conference BibTeX
• From WHOIS to WHOWAS: A Large-Scale Measurement Study of Domain Registration Privacy under the GDPR
  Chaoyi Lu, Baojun Liu, Yiming Zhang, Zhou Li, Fenglu Zhang, Haixin Duan, Ying Liu, Joann Qiongna Chen, Jinjin Liang, Zaifeng Zhang, Shuang Hao, Min Yang
  28th Annual Network and Distributed System Security Symposium (NDSS)
  February 2021 • Virtual Event
  Conference BibTeX
• Weak Links in Authentication Chains: A Large-scale Analysis of Email Sender Spoofing Attacks
  Kaiwen Shen, Chuhan Wang, Minglei Guo, Xiaofeng Zheng, Chaoyi Lu, Baojun Liu, Yuxuan Zhao, Shuang Hao, Haixin Duan, Qingfeng Pan, Min Yang
  30th USENIX Security Symposium (USENIX Security)
  August 2021 • Virtual Event
  Conference BibTeX

• Lies in the Air: Characterizing Fake-base-station Spam Ecosystem in China
  Yiming Zhang, Baojun Liu, Chaoyi Lu, Zhou Li, Haixin Duan, Shuang Hao, Mingxuan Liu, Ying Liu, Dong Wang, Qiang Li
  ACM Conference on Computer and Communications Security (CCS)
  November 2020 • Virtual Event, USA
  Conference BibTeX
• Talking with Familiar Strangers: An Empirical Study on HTTPS Context Confusion Attacks
  Mingming Zhang, Xiaofeng Zheng, Kaiwen Shen, Ziqiao Kong, Chaoyi Lu, Yu Wang, Haixin Duan, Shuang Hao, Baojun Liu, Min Yang
  ACM Conference on Computer and Communications Security (CCS)
  November 2020 • Virtual Event, USA
  Conference BibTeX
• CDN Backfired: Amplification Attacks Based on HTTP Range Requests
  Weizhong Li, Kaiwen Shen, Run Guo, Baojun Liu, Jia Zhang, Haixin Duan, Shuang Hao, Xiarun Chen, Yao Wang
  50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)
  June 2020 • Valencia, Spain
  Conference BibTeX
• CDN Judo: Breaking the CDN DoS Protection with Itself
  Run Guo, Weizhong Li, Baojun Liu, Shuang Hao, Jia Zhang, Haixin Duan, Kaiwen Sheng, Jianjun Chen, Ying Liu
  27th Annual Network and Distributed System Security Symposium (NDSS)
  February 2020 • San Diego, CA
  Conference BibTeX
• Poison Over Troubled Forwarders: A Cache Poisoning Attack Targeting DNS Forwarding Devices
  Xiaofeng Zheng, Chaoyi Lu, Jian Peng, Qiushi Yang, Dongjie Zhou, Baojun Liu, Keyu Man, Shuang Hao, Haixin Duan, Zhiyun Qian
  29th USENIX Security Symposium (USENIX Security)
  August 2020 • Virtual Event
  Conference BibTeX

• Who is answering my queries: Understanding and Characterizing Interception of the DNS Resolution Path
  Baojun Liu, Chaoyi Lu, Hai-Xin Duan, Ying Liu, Zhou Li, Shuang Hao, Min Yang
  Applied Networking Research Workshop (ANRW)
  July 2019 • Montreal, Quebec, Canada
  Conference BibTeX
• TraffickStop: Detecting and Measuring Illicit Traffic Monetization Through Large-Scale DNS Analysis
  Baojun Liu, Zhou Li, Peiyuan Zong, Chaoyi Lu, Hai-Xin Duan, Ying Liu, Sumayah A. Alrwais, XiaoFeng Wang, Shuang Hao, Yaoqi Jia, Yiming Zhang, Kai Chen, Zaifeng Zhang
  IEEE European Symposium on Security and Privacy (EuroS&P)
  June 2019 • Stockholm, Sweden
  Conference BibTeX
• An End-to-End, Large-Scale Measurement of DNS-over-Encryption: How Far Have We Come?
  Chaoyi Lu, Baojun Liu, Zhou Li, Shuang Hao, Hai-Xin Duan, Mingming Zhang, Chunying Leng, Ying Liu, Zaifeng Zhang, Jianping Wu
  ACM Internet Measurement Conference (IMC)
  October 2019 • Amsterdam, Netherlands
  Conference BibTeX
• Cracking the Wall of Confinement: Understanding and Analyzing Malicious Domain Take-downs
  Eihal Alowaisheq, Peng Wang, Sumayah A. Alrwais, Xiaojing Liao, XiaoFeng Wang, Tasneem Alowaisheq, Xianghang Mi, Siyuan Tang, Baojun Liu
  26th Annual Network and Distributed System Security Symposium (NDSS)
  February 2019 • San Diego, CA, USA
  Conference BibTeX
• TL;DR Hazard: A Comprehensive Study of Levelsquatting Scams
  Kun Du, Hao Yang, Zhou Li, Hai-Xin Duan, Shuang Hao, Baojun Liu, Yuxiao Ye, Mingxuan Liu, XiaoDong Su, Guang Liu, Zhifeng Geng, Zaifeng Zhang, Jinjin Liang
  15th EAI International Conference on Security and Privacy in Communication Networks (SecureComm)
  October 2019 • Orlando, FL, USA
  Conference BibTeX
• Resident Evil: Understanding Residential IP Proxy as a Dark Service
  Xianghang Mi, Xuan Feng, Xiaojing Liao, Baojun Liu, XiaoFeng Wang, Feng Qian, Zhou Li, Sumayah A. Alrwais, Limin Sun, Ying Liu
  IEEE Symposium on Security and Privacy (SP)
  May 2019 • San Francisco, CA, USA
  Conference BibTeX

• A Reexamination of Internationalized Domain Names: The Good, the Bad and the Ugly
  Baojun Liu, Chaoyi Lu, Zhou Li, Ying Liu, Hai-Xin Duan, Shuang Hao, Zaifeng Zhang
  48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)
  June 2018 • Luxembourg City, Luxembourg
  Conference BibTeX
• Abusing CDNs for Fun and Profit: Security Issues in CDNs' Origin Validation
  Run Guo, Jianjun Chen, Baojun Liu, Jia Zhang, Chao Zhang, Hai-Xin Duan, Tao Wan, Jian Jiang, Shuang Hao, Yaoqi Jia
  37th IEEE Symposium on Reliable Distributed Systems (SRDS)
  October 2018 • Salvador, Brazil
  Conference BibTeX
• Who Is Answering My Queries: Understanding and Characterizing Interception of the DNS Resolution Path
  Baojun Liu, Chaoyi Lu, Hai-Xin Duan, Ying Liu, Zhou Li, Shuang Hao, Min Yang
  27th USENIX Security Symposium (USENIX Security)
  August 2018 • Baltimore, MD, USA
  Conference BibTeX
• Measuring Privacy Threats in China-Wide Mobile Networks
  Mingming Zhang, Baojun Liu, Chaoyi Lu, Jia Zhang, Shuang Hao, Hai-Xin Duan
  8th USENIX Workshop on Free and Open Communications on the Internet (FOCI)
  August 2018 • Baltimore, MD, USA
  Conference BibTeX

• Don't Let One Rotten Apple Spoil the Whole Barrel: Towards Automated Detection of Shadowed Domains
  Daiping Liu, Zhou Li, Kun Du, Haining Wang, Baojun Liu, Hai-Xin Duan
  ACM Conference on Computer and Communications Security (CCS)
  October 2017 • Dallas, TX, USA
  Conference BibTeX