Baojun Liu - Publications

2025

Email Cloaking: Deceiving Users and Spam Email Detectors with Invisible HTML Settings
Bingyang Guo, Mingxuan Liu, Yihui Ma, Ruixuan Li, Fan Shi, Min Zhang, Baojun Liu, Chengxi Xu, Haixin Duan, Geng Hong, Min Yang, Qingfeng Pan

European Symposium on Research in Computer Security (ESORICS)

September 2025 • Toulouse, France

Conference BibTeX
Exploring and Analyzing Cross Layer DoS Attack Against UDP-based Services on Linux
Dashuai Wu, Yunyi Zhang Baojun Liu, Xiang Li, Eihal Alowaisheq, Haixin Duan

ACM Conference on Computer and Communications Security (CCS)

October 2025 • Taipei, Taiwan, China

Conference BibTeX
RebirthDay Attack: Reviving DNS Cache Poisoning with the Birthday Paradox
Xiang Li, Mingming Zhang, Zuyao Xu, Fasheng Miao, Yuqi Qiu, Baojun Liu, Jia Zhang, Xiaofeng Zhang, Haixin Duan, Zheli Liu, Yunhai Zhang, Dunqiu Fan

ACM Conference on Computer and Communications Security (CCS)

October 2025 • Taipei, Taiwan, China

Conference BibTeX
Beyond Exploit Scanning: A Functional Change-Driven Approach to Remote Software Version Identification
Jinsong Chen, Mengying Wu, Geng Hong, Baichao An, Mingxuan Liu, Lei Zhang, Baojun Liu, Haixin Duan, Min Yang

USENIX Security Symposium

August 2025 • Seattle, WA, USA

Conference BibTeX
Your Shield is My Sword: A Persistent Denial-of-Service Attack via the Reuse of Unvalidated Caches in DNSSEC Validation
Shuhan Zhang, Shuai Wang, Li Chen, Dan Li, Baojun Liu

USENIX Security Symposium

August 2025 • Seattle, WA, USA

Conference BibTeX
NOKEScam: Understanding and Rectifying Non-Sense Keywords Spear Scam in Search Engines
Mingxuan Liu, Yunyi Zhang, Lijie Wu, Baojun Liu, Geng Hong, Yinming Zhang, Hui Jiang, Jia Zhang, Haixin Duan, Min Zhang, Wei Guan, Fan Shi, Min Yang

USENIX Security Symposium

August 2025 • Seattle, WA, USA

Conference BibTeX
Misty Registry: An Empirical Study of Flawed Domain Registry Operation
Mingming Zhang, Yunyi Zhang, Baojun Liu, Haixin Duan, Min Zhang, Fan Shi, Chengxi Xu

USENIX Security Symposium

August 2025 • Seattle, WA, USA

Conference BibTeX
Chaos in the Chain: Evaluate Deployment and Construction Compliance of Web PKI Certificate Chain
Jia Yao, Yiming Zhang, Baojun Liu, Zhan Liu, Mingming Zhang, Haixin Duan

ACM Internet Measurement Conference (IMC)

October 2025 • Madison, Wisconsin, USA

Conference BibTeX
Dive into the cloud: Unveiling the (Ab)usage of Serverless Cloud Function in the Wild
Yijing Liu, Mingxuan Liu, Yiming Zhang, Baojun Liu, Jia Zhang, Geng Hong, Haixin Duan, Min Yang

ACM Internet Measurement Conference (IMC)

October 2025 • Madison, Wisconsin, USA

Conference BibTeX
HADES Attack: Understanding and Evaluating Manipulation Risks of Email Blocklists
Ruixuan Li, Chaoyi Lu, Baojun Liu, Yunyi Zhang, Geng Hong, Haixin Duan, Yanzhong Lin, Qingfeng Pan, Min Yang, Jun Shao

32nd Annual Network and Distributed System Security Symposium (NDSS)

February 2025 • San Diego, CA, USA

Conference BibTeX
Revealing the Black Box of Device Search Engine: Scanning Assets, Strategies, and Ethical Consideration
Mengying Wu, Geng Hong, Jinsong Chen, Qi Liu, Shujun Tang, Youhao Li, Baojun Liu, Haixin Duan, Min Yang

32nd Annual Network and Distributed System Security Symposium (NDSS)

February 2025 • San Diego, CA, USA

Conference BibTeX
Decoding DNS Centralization: Measuring and Identifying NS Domains Across Hosting Providers
Qihang Peng, Mingming Zhang, Deliang Chang, Jia Zhang, Baojun Liu, Haixin Duan

55th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)

June 2025 • Naples, Italy

Conference BibTeX
You Can't Eat Your Cake and Have It Too: The Performance Degradation of LLMs with Jailbreak Defense
Wuyuao Mai, Geng Hong, Pei Chen, Xudong Pan, Baojun Liu, Yuan Zhang, Haixin Duan, Min Yang

ACM Web Conference (WWW)

May 2025 • Sydney, Australia.

Conference BibTeX

2024

Investigating Deployment Issues of DNS Root Server Instances From a China-Wide View
Fenglu Zhang, Baojun Liu, Chaoyi Lu, Yunpeng Xing, Haixin Duan, Ying Liu, Liyuan Chang

IEEE Transactions on Dependable and Secure Computing

Volume 21, Issue 6 • November 2024

Journal BibTeX
Yesterday Once More: Global Measurement of Internet Traffic Shadowing Behaviors
Yunpeng Xing, Chaoyi Lu, Baojun Liu, Haixin Duan, Junzhe Sun, Zhou Li

ACM Internet Measurement Conference (IMC)

November 2024 • Madrid, Spain

Conference BibTeX
Bounce in the Wild: A Deep Dive into Email Delivery Failures from a Large Email Service Provider
Ruixuan Li, Shaodong Xiao, Baojun Liu, Yanzhong Lin, Haixin Duan, Qingfeng Pan, Jianjun Chen, Jia Zhang, Ximeng Liu, Xiuqi Lu, Jun Shao

ACM Internet Measurement Conference (IMC)

November 2024 • Madrid, Spain

Conference BibTeX
Understanding the Implementation and Security Implications of Protective DNS Services
Mingxuan Liu, Yiming Zhang, Xiang Li, Chaoyi Lu, Baojun Liu, Haixin Duan, Xiaofeng Zheng

31st Annual Network and Distributed System Security Symposium (NDSS)

February 2024 • San Diego, CA

Conference BibTeX
TuDoor Attack: Systematically Exploring and Exploiting Logic Vulnerabilities in DNS Response Pre-processing with Malformed Packets
Xiang Li, Wei Xu, Baojun Liu, Mingming Zhang, Zhou Li, Jia Zhang, Deliang Chang, Xiaofeng Zheng, Chuhan Wang, Jianjun Chen, Haixin Duan, Qi Li

IEEE Symposium on Security and Privacy (SP)

May 2024 • San Francisco, CA

Conference BibTeX
Tickets or Privacy? Understand the Ecosystem of Chinese Ticket Grabbing Apps
Yijing Liu, Yiming Zhang, Baojun Liu, Haixin Duan, Qiang Li, Mingxuan Liu, Ruixuan Li, Jia Yao

USENIX Security Symposium

August 2024 • Philadelphia, PA

Conference BibTeX
Rethinking the Security Threats of Stale DNS Glue Records
Yunyi Zhang, Baojun Liu, Haixin Duan, Min Zhang, Xiang Li, Fan Shi, Chengxi Xu, Eihal Alowaisheq

USENIX Security Symposium

August 2024 • Philadelphia, PA

Conference BibTeX
Into the Dark: Unveiling Internal Site Search Abused for Black Hat SEO
Yunyi Zhang, Mingxuan Liu, Baojun Liu, Yiming Zhang, Haixin Duan, Min Zhang, Hui Jiang, Yanzhe Li, Fan Shi

USENIX Security Symposium

August 2024 • Philadelphia, PA

Conference BibTeX
Cross the Zone: Toward a Covert Domain Hijacking via Shared DNS Infrastructure
Yunyi Zhang, Mingming Zhang, Baojun Liu, Zhan Liu, Jia Zhang, Haixin Duan, Min Zhang, Fan Shi, Chengxi Xu

USENIX Security Symposium

August 2024 • Philadelphia, PA

Conference BibTeX
A Worldwide View on the Reachability of Encrypted DNS Services
Ruixuan Li, Baojun Liu, Chaoyi Lu, Haixin Duan, Jun Shao

ACM Web Conference (WWW)

May 2024 • Singapore

Conference BibTeX

2023

Silence is not Golden: Disrupting the Load Balancing of Authoritative DNS Servers
Fenglu Zhang, Baojun Liu, Eihal Alowaisheq, Jianjun Chen, Chaoyi Lu, Linjian Song, Yong Ma, Ying Liu, Haixin Duan, Min Yang

ACM Conference on Computer and Communications Security (CCS)

November 2023 • Copenhagen, Denmark

Conference BibTeX
Silence is not Golden: Disrupting the Load Balancing of Authoritative DNS Servers
Fenglu Zhang, Baojun Liu, Eihal Alowaisheq, Jianjun Chen, Chaoyi Lu, Linjian Song, Yong Ma, Ying Liu, Haixin Duan, Min Yang

ACM Turing Award Celebration Conference - China (TURC)

July 2023 • Wuhan, China

Conference BibTeX
TsuKing: Coordinating DNS Resolvers and Queries into Potent DoS Amplifiers
Wei Xu, Xiang Li, Chaoyi Lu, Baojun Liu, Haixin Duan, Jia Zhang, Jianjun Chen, Tao Wan

ACM Conference on Computer and Communications Security (CCS)

November 2023 • Copenhagen, Denmark

Conference BibTeX
Under the Dark: A Systematical Study of Stealthy Mining Pools (Ab)use in the Wild
Zhenrui Zhang, Geng Hong, Xiang Li, Zhuoqun Fu, Jia Zhang, Mingxuan Liu, Chuhan Wang, Jianjun Chen, Baojun Liu, Haixin Duan, Chao Zhang, Min Yang

ACM Conference on Computer and Communications Security (CCS)

November 2023 • Copenhagen, Denmark

Conference BibTeX
Wolf in Sheep's Clothing: Evaluating Security Risks of the Undelegated Record on DNS Hosting Services
Fenglu Zhang, Yunyi Zhang, Baojun Liu, Eihal Alowaisheq, Lingyun Ying, Xiang Li, Zaifeng Zhang, Ying Liu, Haixin Duan, Min Zhang

ACM Internet Measurement Conference (IMC)

October 2023 • Montreal, QC, Canada

Conference BibTeX
Ghost Domain Reloaded: Vulnerable Links in Domain Name Delegation and Revocation
Xiang Li, Baojun Liu, Xuesong Bai, Mingming Zhang, Qifan Zhang, Zhou Li, Haixin Duan, Qi Li

30th Annual Network and Distributed System Security Symposium (NDSS)

February 2023 • San Diego, CA

Conference BibTeX
Detecting and Measuring Security Risks of Hosting-Based Dangling Domains
Mingming Zhang, Xiang Li, Baojun Liu, Jianyu Lu, Yiming Zhang, Jianjun Chen, Haixin Duan, Shuang Hao, Xiaofeng Zheng

ACM SIGMETRICS International Conference on Measurement and Modeling of Computer Systems (SIGMETRICS)

June 2023 • Orlando, FL, USA

Conference BibTeX
The Maginot Line: Attacking the Boundary of DNS Caching Protection
Xiang Li, Chaoyi Lu, Baojun Liu, Qifan Zhang, Zhou Li, Haixin Duan, Qi Li

32nd USENIX Security Symposium (USENIX Security)

August 2023 • Anaheim, CA, USA

Conference BibTeX
Temporal CDN-Convex Lens: A CDN-Assisted Practical Pulsing DDoS Attack
Run Guo, Jianjun Chen, Yihang Wang, Keran Mu, Baojun Liu, Xiang Li, Chao Zhang, Haixin Duan, Jianping Wu

32nd USENIX Security Symposium (USENIX Security)

August 2023 • Anaheim, CA, USA

Conference BibTeX

2022

Exploring the Characteristics and Security Risks of Emerging Emoji Domain Names
Mingxuan Liu, Yiming Zhang, Baojun Liu, Haixin Duan

27th European Symposium on Research in Computer Security (ESORICS)

September 2022 • Copenhagen, Denmark

Conference BibTeX
Trampoline Over the Air: Breaking in IoT Devices Through MQTT Brokers
Huikai Xu, Miao Yu, Yanhao Wang, Yue Liu, Qinsheng Hou, Zhenbang Ma, Haixin Duan, Jianwei Zhuge, Baojun Liu

7th IEEE European Symposium on Security and Privacy (EuroS&P)

June 2022 • Genoa, Italy

Conference BibTeX
PMTUD is not Panacea: Revisiting IP Fragmentation Attacks against TCP
Xuewei Feng, Qi Li, Kun Sun, Ke Xu, Baojun Liu, Xiaofeng Zheng, Qiushi Yang, Haixin Duan, Zhiyun Qian

29th Annual Network and Distributed System Security Symposium (NDSS)

April 2022 • San Diego, CA

Conference BibTeX
Measuring the Practical Effect of DNS Root Server Instances: A China-Wide Case Study
Fenglu Zhang, Chaoyi Lu, Baojun Liu, Haixin Duan, Ying Liu

Passive and Active Measurement (PAM) Conference

March 2022 • Virtual Event

Conference BibTeX
Building an Open, Robust, and Stable Voting-Based Domain Top List
Qinge Xie, Shujun Tang, Xiaofeng Zheng, Qingran Lin, Baojun Liu, Haixin Duan, Frank Li

31st USENIX Security Symposium (USENIX Security)

August 2022 • Boston, MA, USA

Conference BibTeX
A Large-scale and Longitudinal Measurement Study of DKIM Deployment
Chuhan Wang, Kaiwen Shen, Minglei Guo, Yuxuan Zhao, Mingming Zhang, Jianjun Chen, Baojun Liu, Xiaofeng Zheng, Haixin Duan, Yanzhong Lin, Qingfeng Pan

31st USENIX Security Symposium (USENIX Security)

August 2022 • Boston, MA, USA

Conference BibTeX

2021

DNSWeight: Quantifying Country-Wise Importance of Domain Name System
Deliang Chang, Shanshan Hao, Zhou Li, Baojun Liu, Xing Li

IEEE Access

Volume 9 • March 2021

Journal BibTeX
Detecting and Characterizing SMS Spearphishing Attacks
Mingxuan Liu, Yiming Zhang, Baojun Liu, Zhou Li, Haixin Duan, Donghong Sun

Annual Computer Security Applications Conference (ACSAC)

December 2021 • Virtual Event, USA

Conference BibTeX
Rusted Anchors: A National Client-Side View of Hidden Root CAs in the Web PKI Ecosystem
Yiming Zhang, Baojun Liu, Chaoyi Lu, Zhou Li, Haixin Duan, Jiachen Li, Zaifeng Zhang

ACM Conference on Computer and Communications Security (CCS)

November 2021 • Virtual Event, Republic of Korea

Conference BibTeX
Fast IPv6 Network Periphery Discovery and Security Implications
Xiang Li, Baojun Liu, Xiaofeng Zheng, Haixin Duan, Qi Li, Youjun Huang

51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)

June 2021 • Taipei, Taiwan

Conference BibTeX
From WHOIS to WHOWAS: A Large-Scale Measurement Study of Domain Registration Privacy under the GDPR
Chaoyi Lu, Baojun Liu, Yiming Zhang, Zhou Li, Fenglu Zhang, Haixin Duan, Ying Liu, Joann Qiongna Chen, Jinjin Liang, Zaifeng Zhang, Shuang Hao, Min Yang

28th Annual Network and Distributed System Security Symposium (NDSS)

February 2021 • Virtual Event

Conference BibTeX
Weak Links in Authentication Chains: A Large-scale Analysis of Email Sender Spoofing Attacks
Kaiwen Shen, Chuhan Wang, Minglei Guo, Xiaofeng Zheng, Chaoyi Lu, Baojun Liu, Yuxuan Zhao, Shuang Hao, Haixin Duan, Qingfeng Pan, Min Yang

30th USENIX Security Symposium (USENIX Security)

August 2021 • Virtual Event

Conference BibTeX

2020

Lies in the Air: Characterizing Fake-base-station Spam Ecosystem in China
Yiming Zhang, Baojun Liu, Chaoyi Lu, Zhou Li, Haixin Duan, Shuang Hao, Mingxuan Liu, Ying Liu, Dong Wang, Qiang Li

ACM Conference on Computer and Communications Security (CCS)

November 2020 • Virtual Event, USA

Conference BibTeX
Talking with Familiar Strangers: An Empirical Study on HTTPS Context Confusion Attacks
Mingming Zhang, Xiaofeng Zheng, Kaiwen Shen, Ziqiao Kong, Chaoyi Lu, Yu Wang, Haixin Duan, Shuang Hao, Baojun Liu, Min Yang

ACM Conference on Computer and Communications Security (CCS)

November 2020 • Virtual Event, USA

Conference BibTeX
CDN Backfired: Amplification Attacks Based on HTTP Range Requests
Weizhong Li, Kaiwen Shen, Run Guo, Baojun Liu, Jia Zhang, Haixin Duan, Shuang Hao, Xiarun Chen, Yao Wang

50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)

June 2020 • Valencia, Spain

Conference BibTeX
CDN Judo: Breaking the CDN DoS Protection with Itself
Run Guo, Weizhong Li, Baojun Liu, Shuang Hao, Jia Zhang, Haixin Duan, Kaiwen Sheng, Jianjun Chen, Ying Liu

27th Annual Network and Distributed System Security Symposium (NDSS)

February 2020 • San Diego, CA

Conference BibTeX
Poison Over Troubled Forwarders: A Cache Poisoning Attack Targeting DNS Forwarding Devices
Xiaofeng Zheng, Chaoyi Lu, Jian Peng, Qiushi Yang, Dongjie Zhou, Baojun Liu, Keyu Man, Shuang Hao, Haixin Duan, Zhiyun Qian

29th USENIX Security Symposium (USENIX Security)

August 2020 • Virtual Event

Conference BibTeX

2019

Who is answering my queries: Understanding and Characterizing Interception of the DNS Resolution Path
Baojun Liu, Chaoyi Lu, Hai-Xin Duan, Ying Liu, Zhou Li, Shuang Hao, Min Yang

Applied Networking Research Workshop (ANRW)

July 2019 • Montreal, Quebec, Canada

Conference BibTeX
TraffickStop: Detecting and Measuring Illicit Traffic Monetization Through Large-Scale DNS Analysis
Baojun Liu, Zhou Li, Peiyuan Zong, Chaoyi Lu, Hai-Xin Duan, Ying Liu, Sumayah A. Alrwais, XiaoFeng Wang, Shuang Hao, Yaoqi Jia, Yiming Zhang, Kai Chen, Zaifeng Zhang

IEEE European Symposium on Security and Privacy (EuroS&P)

June 2019 • Stockholm, Sweden

Conference BibTeX
An End-to-End, Large-Scale Measurement of DNS-over-Encryption: How Far Have We Come?
Chaoyi Lu, Baojun Liu, Zhou Li, Shuang Hao, Hai-Xin Duan, Mingming Zhang, Chunying Leng, Ying Liu, Zaifeng Zhang, Jianping Wu

ACM Internet Measurement Conference (IMC)

October 2019 • Amsterdam, Netherlands

Conference BibTeX
Cracking the Wall of Confinement: Understanding and Analyzing Malicious Domain Take-downs
Eihal Alowaisheq, Peng Wang, Sumayah A. Alrwais, Xiaojing Liao, XiaoFeng Wang, Tasneem Alowaisheq, Xianghang Mi, Siyuan Tang, Baojun Liu

26th Annual Network and Distributed System Security Symposium (NDSS)

February 2019 • San Diego, CA, USA

Conference BibTeX
TL;DR Hazard: A Comprehensive Study of Levelsquatting Scams
Kun Du, Hao Yang, Zhou Li, Hai-Xin Duan, Shuang Hao, Baojun Liu, Yuxiao Ye, Mingxuan Liu, XiaoDong Su, Guang Liu, Zhifeng Geng, Zaifeng Zhang, Jinjin Liang

15th EAI International Conference on Security and Privacy in Communication Networks (SecureComm)

October 2019 • Orlando, FL, USA

Conference BibTeX
Resident Evil: Understanding Residential IP Proxy as a Dark Service
Xianghang Mi, Xuan Feng, Xiaojing Liao, Baojun Liu, XiaoFeng Wang, Feng Qian, Zhou Li, Sumayah A. Alrwais, Limin Sun, Ying Liu

IEEE Symposium on Security and Privacy (SP)

May 2019 • San Francisco, CA, USA

Conference BibTeX

2018

A Reexamination of Internationalized Domain Names: The Good, the Bad and the Ugly
Baojun Liu, Chaoyi Lu, Zhou Li, Ying Liu, Hai-Xin Duan, Shuang Hao, Zaifeng Zhang

48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)

June 2018 • Luxembourg City, Luxembourg

Conference BibTeX
Abusing CDNs for Fun and Profit: Security Issues in CDNs' Origin Validation
Run Guo, Jianjun Chen, Baojun Liu, Jia Zhang, Chao Zhang, Hai-Xin Duan, Tao Wan, Jian Jiang, Shuang Hao, Yaoqi Jia

37th IEEE Symposium on Reliable Distributed Systems (SRDS)

October 2018 • Salvador, Brazil

Conference BibTeX
Who Is Answering My Queries: Understanding and Characterizing Interception of the DNS Resolution Path
Baojun Liu, Chaoyi Lu, Hai-Xin Duan, Ying Liu, Zhou Li, Shuang Hao, Min Yang

27th USENIX Security Symposium (USENIX Security)

August 2018 • Baltimore, MD, USA

Conference BibTeX
Measuring Privacy Threats in China-Wide Mobile Networks
Mingming Zhang, Baojun Liu, Chaoyi Lu, Jia Zhang, Shuang Hao, Hai-Xin Duan

8th USENIX Workshop on Free and Open Communications on the Internet (FOCI)

August 2018 • Baltimore, MD, USA

Conference BibTeX

2017

Don't Let One Rotten Apple Spoil the Whole Barrel: Towards Automated Detection of Shadowed Domains
Daiping Liu, Zhou Li, Kun Du, Haining Wang, Baojun Liu, Hai-Xin Duan

ACM Conference on Computer and Communications Security (CCS)

October 2017 • Dallas, TX, USA

Conference BibTeX