Publications

Publications at top-tier venues ( 10 papers ): S&P ( '19), Security ( '18, '20, '21), CCS ( '17, '20), NDSS ( '19, '20, '21)

Conference Papers (18)

2021

---------------- ---------------- ---------------- ---------------- ----------------

[NDSS'21] Chaoyi Lu, Baojun Liu †, Yiming Zhang, Zhou Li, Fenglu Zhang, Haixin Duan †, Ying Liu, Joann Chen, Jinjin Liang, Zaifeng Zhang, Shuang Hao and Min Yang.
From WHOIS to WHOWAS: A Large-Scale Measurement Study of Domain Registration Privacy under the GDPR..
Accepted by the 28th Annual Network and Distributed Security Symposium (NDSS), Virtual, February 2021.
(† Corresponding Author)

[USENIX Security'21] Kaiwen Shen *, Chuhan Wang *, Xiaofeng Zheng †, Minglei Guo, Chaoyi Lu, Baojun Liu †, Yuxuan Zhao, Shuang Hao, Haixin Duan, Qinfeng Pan and Min Yang.
Weak Links in Authentication Chains: A Large-scale Analysis of Email Sender Spoofing Attacks.
Accepted by the 30th USENIX Security Symposium, Vancouver, BC, Canada, August 2021.
(* Co-first Authors)
(† Corresponding Author)

2020

[An Anonymous Paper Got Accepted ! ! ]

[CCS'20 B] Mingming Zhang *, Xiaofeng Zheng *, Kaiwen Shen, Ziqiao Kong, Chaoyi Lu, Yu Wang, Haixin Duan, Shuang Hao, Baojun Liu and Min Yang.
Talking with Familiar Strangers: An Empirical Study on HTTPS Context Confusion Attacks.
Accepted by the 27th ACM Conference on Computer and Communications Security, Orlando, USA. November 2020.
(* Co-first Authors)

[CCS'20 A] Yiming Zhang, Baojun Liu †, Chaoyi Lu, Zhou Li, Haixin Duan †, Shuang Hao, Mingxuan Liu, Ying Liu †, Dong Wang and Qiang Li.
Lies in the Air: Characterizing Fake-base-station Spam Ecosystem in China.
Accepted by the 27th ACM Conference on Computer and Communications Security, Orlando, USA. November 2020.
(† Corresponding Author.)

[USENIX Security'20] Xiaofeng Zheng, Chaoyi Lu, Jian Peng, Qiushi Yang, Dongjie Zhou, Baojun Liu, Keyu Man, Shuang Hao, Haixin Duan and Zhiyun Qian.
Poison over Troubled Forwarders: A Cache Poisoning Attack Targeting DNS Forwarding Devices.
Accepted by the 29th USENIX Security Symposium,,Boston, MA, USA, August 2020.
Online Video [LINK].

[DSN'20] Weizhong Li, Kaiwen Shen, Run Guo, Baojun Liu, Jia Zhang, Haixin Duan, Shuang Hao, Xiarun Chen and Yao Wang.
CDN Backfired: Amplification Attacks Based on HTTP Range Requests.
Accepted by the 50th IEEE/IFIP International Conference on Dependable Systems and Networks, Valencia, Spain, July 2020.
Best Paper Award ! ! !
Online Video [LINK].
Media: ZDNet; IT News; HK GovCERT

[NDSS'20] Ruo Guo *, Weizhong Li *, Baojun Liu, Shuang Hao, Haixin Duan, Jia Zhang, Kaiwen Shen, Jianjun Chen and Ying Liu.
CDN Judo: Breaking the CDN DoS Protection with Itself.
Accepted by the 27th Annual Network and Distributed Security Symposium (NDSS), San Diego, CA, February 2020.
(* Co-first Authors)
Slides Download [PDF Version].
Online Video [LINK].

2019

[IMC'19] Chaoyi Lu, Baojun Liu, Zhou Li, Shuang Hao, Haixin Duan, Mingming Zhang, Chunying Leng, Ying Liu, Zaifeng Zhang and Jianping Wu.
An End-to-End, Large-Scale Measurement of DNS-over-Encryption: How Far Have We Come?
Accepted by the 2019 Internet Measurement Conference (IMC), Amsterdam, Netherlands, October 2019.
(This paper is done mainly under my supervision.)
IRTF Applied Networking Research Prize ! ! !
Best Paper Award Nominee !
Community Contribution Nominee !
Selected by DNS-OARC 31 !
Slides Download [PDF Version].
Source Code and Datasets: https://dnsencryption.info.

[SecureComm'19] Kun Du, Hao Yang, Zhou Li, Haixin Duan, Shuang Hao, Baojun Liu, Yuxiao Ye, Mingxuan Liu, Xiaodong Su, Guang Liu, Zhifeng Geng, Zaifeng Zhang and Jinjin Liang,
TL;DR Hazard: A Comprehensive Study of Levelsquatting Scams.
Accepted by the 15th International Conference on Security and Privacy On Communication Networks, Orlando, USA, October 2019.

[EuroSP'19]  Baojun Liu, Zhou Li, Peiyuan Zong, Chaoyi Lu, Haixin Duan, Ying Liu, Sumayah Alrwais, XaioFeng Wang, Shuang Hao, Yaoqi Jia, Yiming Zhang, Kai Chen and Zaifeng Zhang.
TraffickStop: Detecting and Measuring Illicit Traffic Monetization Through Large-scale DNS Analysis.
Accepted by the 4th IEEE European Symposium on Security and Privacy (EuroS&P 2019), Stockholm, Sweden, June 2019.
Slides Download [PDF Version].

[NDSS'19]  Eihal Alowaisheq, Peng Wang, Sumayah Alrwais, Xiaojing Liao, XaioFeng Wang, Tasneem Alowaisheq, XiangHang Mi,  Siyuan Tang and Baojun Liu.
Cracking Wall of Confinement: Understanding and Analyzing Malicious Domain Takedowns.
Accepted by the 26th Annual Network and Distributed Security Symposium (NDSS), San Diego, CA, USA, February 2019.
Best Paper Award ! ! !
Slides Download [PDF Version].
Online Video [LINK].

[S&P'19] Xianghang Mi, Xuan Feng, Xiaojing Liao, Baojun Liu, Xiaofeng Wang, Feng Qian, Zhou Li, Sumayah Alrwais, Limin Sun and Ying Liu.
Resident Evil: Understanding Residential IP Proxy as a Dark Service.
Accepted by the 40th IEEE Symposium on Security and Privacy, San Francisco, USA, May 2019.
Slides Download [PDF Version].
Online Video [LINK].

2018

[SRDS'18]  Run Guo, Jianjun Chen, Baojun Liu, Jia Zhang, Chao Zhang, Haixin Duan, Tao Wan, Jian Jiang, Shuang Hao and Yaoqi Jia.
Abusing CDNs for Fun and Profit: Security Issues in CDNs' Origin Validation.
Accepted by the 37th IEEE International Symposium on Reliable Distributed Systems, Bahia, Brazil, October 2018.

[FOCI'18] Mingming Zhang, Baojun Liu, Chaoyi Lu, Jia Zhang, Shuang Hao and Haixin Duan.
Measuring Privacy Threats in China-Wide Mobile Networks.
Accepted by the 8th USENIX Workshop on Free and Open Communications on the Internet, Baltimore, USA, August 2018.
(This paper is done mainly under my supervision.)

[USENIX Security'18]  Baojun Liu, Chaoyi Lu, Haixin Duan, Ying Liu, Zhou Li, Shuang Hao and Min Yang.
Who Is Answering My Queries: Understanding and Characterizing Interception of the DNS Resolution Path.
Accepted by the 27th USENIX Security Symposium,,Baltimore, USA, August 2018.
Selected by the DNS-OARC 30 !
Selected by the Applied Networking Research Workshop (ANRW) 2019 !
Slides Download [PDF Version] [PPT Version].
ISC Conference [PDF Version].
Online Video [Link].
Media: ACM TechNews; APNIC; The Register; Hackread; HelpNet Security; CircleID; Mozilla; Aqniu; HackWareNews; Rambler .....

[DSN'18]  Baojun Liu, Chaoyi Lu, Zhou Li, Ying Liu, Haixin Duan, Shuang Hao and Zaifeng Zhang.
A Reexamination of Internationalized Domain Names: the Good, the Bad and the Ugly.
Accepted by the 48th IEEE/IFIP International Conference on Dependable Systems and Networks, Luxembourg City, Luxembourg, June 2018.
Slides Download [PDF Version].

2017

[CCS'17] Daiping Liu, Zhou Li, Kun Du, Haining Wang, Baojun Liu and Haixin Duan.
Don't Let One Rotten Apple Spoil the Whole Barrel: Towards Automated Detection of Shadowed Domains.
Accepted by the 24th ACM Conference on Computer and Communications Security, Dallas, TX, October 2017.

Journal Paper (1)

2017

[Journal of Tsinghua University '17] Shenglin Zhang, Ying Liu, Dan Pei and Baojun Liu †.
Measuring the BGP AS Path Looping (BAPL) and Private AS Number Leaking (PANL).
Journal of Tsinghua University (Science and Technology), 2017.
(† Corresponding Author.)

Rejection History (11)

-- [IMC '20]
-- [IMC '19] [NDSS '20] (Accepted by CCS '20)
-- [SRDS '19] (Accepted by NDSS '20)
-- [Security '19] [CCS '19] (Accepted by IMC '19)
-- [Security '17] [NDSS '18] [Security '18] [NDSS '19] (Accepted by EuroS&P '19)

Useful Materials

The Big Picture of DNS Security Ecosystem.