Professor in Tsinghua University,
Visiting Scholar in International Computer Science Institute(ICSI) at UC Berkeley
Email: duanhx [AT] tsinghua dot edu dot cn
Office: FIT 3-211

Haixin Duan started his research on network security in 1994, when he was a master student. After he got his Ph.D degree in Computer Science in Tsinghua University, 2000, he became a faculty in Network Research Center of Tsinghua University. Professor Duan has two classes on network security for both graduate and undergraduate students, and is the leader of CCERT( CERNET(Chinese Education and Research Network) Computer Emergency Response Team). During 2011~2013, professor Duan was a visiting researcher in UC Berkeley and worked in ICSI(International Computer Science Institute) as a senior scientist. His research interests include security Internet infrastructure( such as DNS, BGP, Web and PKI), IDS and etc..

Research Areas: Network security Research Interests: DNS Security, Web Security, Intrusion Detection, Anonymous communication


  • Network security fundamental, for undergraduates in Tsinghua University, 2003-2010
  • Network and system Security, for graduate in Tsinghua University, 2005-2011


  • Visiting Scholar, International Computer Science Institute(ICSI) at UC Berkeley, CA, 2011–.
  • Professor, Network Research Center of Tsinghua University, Beijing, China, 2009–.
  • Associate Professor, Tsinghua University, 2003–2009.
  • Assistant Professor, Tsinghua University, 2001–2003.
  • Part time Research Assistant in CERNET NOC, Beijing. 1996–2000.


  • Harbin Institute of Technology, Heilongjiang, China. Computer Science, B.S., 1994
  • Harbin Institute of Technology, Heilongjiang, China. Computer Science, M.S., 1996
  • Tsinghua University, Beijing, China Computer Science, Ph.D., 2000

Selected Projects

  1. PI, The spread model and response of malicious mobile code in the Internet, sponsored by National Science Foundation of China(NSFC), 2003-2006
  2. PI, Collaborative response service for large scale network security incidents, sponsored by Hi-Tech program(863) of Ministry of Science and Technology 2005-2007
  3. PI, Trustworthy Internet architecture, sponsored by basic research program (973) of Ministry of Science and Technology 2005-2009
  4. PI, Automatic analysis system of malware, sponsored by 242 program from Ministry of Industry and Information Technology(MIIT), 2007-2008


  1. Xiaofeng Wang, Jian Jiang, Jinjin Liang, Haixin Duan, Shuo Chen, Tao Wan, Nicholas Weaver, Cookies lack integrity: real world implications, USENIX Security, 2015.
  2. Hongyu Gao, Vinod Yegneswaran, Jian Jiang, Yan Chen, Member, IEEE, Phillip Porras, Shalini Ghosh, Haixin Duan, Reexamining DNS from a Global Recursive Resolver Perspective, to appear in IEEE/ACM TRANSACTIONS ON NETWORKING
  3. Jinjin Liang, Jian Jiang, Haixin Duan, Kang Li, Tao Wan, Jianping Wu. “When HTTPS Meets CDN: A Case of Authentication in Delegated Service” Accepted by IEEE Symposium on Security & Privacy, 2014.
  4. Kun Yang, Lujue Zhou, Yongke Wang, Jianwei Zhuge and Haixin Duan. “IntentFuzzer: Detecting Capability Leaks of Android Applications”, Accepted by ASIACCS 2014
  5. H. Gao, V. Yegneswaran, Y. Chen, P. Porras, S. Ghosh, J. Jiang, and H. Duan, “An empirical reexamination of global DNS behavior,” SIGCOMM, 2013. PDF
  6. Man Hou, Haixin Duan,Jian Jiang, Jinjin Liang,Yan Ma, 中美银行网站HTTPS部署的测量与对比分析(Measurement and comparison of HTTPS deployment of Banking Websites in China and America), VARA 2013
  7. Jinjin Liang, Jian Jiang, Haixin Duan, Kang Li and Jianping Wu, Measuring Query Latency of Top Level DNS Servers, 14th Passive and Active Measurement conference, Mar. 2013, Hongkong
  8. J. Zhuge*, L. Gu, H. Duan, Investigating China’s Online Underground Economy. Conference on the Political Economy of Information Security in China, San Diego, US, Apr, 2012.
  9. Haixin Duan, Nicholas Weaver, Zongxu Zhao, Meng Hu, Jinjin Liang, Jian Jiang, Kang Li and Vern Paxson, Hold-On: Protecting Against On-Path DNS Poisoning, Securing and Trusting Internet Names, SATIN 2012.
  10. J. Jian, L. Jinjin, L. Kang, L. Jun, D. Haixin, W. Jianping, Ghost Domain Names: Revoked Yet Still Resolvable, 19th Annual Network & Distributed System Security Symposium (NDSS), 5-8 February 2012.
  11. Z. Jia, D. Haixin, L. Wu, W. Jianping WindTalker: A P2P-Based Low-Latency Anonymous Communication Network, IEICE Transactions on Communications, VOL. E92-B, NO.10, pp. 3183–3194, 2009.
  12. L. Wu, D. Haixin, L. Tao, L. Xing, W. Jianping. H6Proxy: ICMPv6 Weakness Analysis and Implementation of IPv6 Attacking Test Proxy, Cybercrime and Trustworthy Computing (CTC), Brisbane, Australia, 2009.
  13. L. Wu, D. Haixin, R. Ping, W. Jianping, Intrusion Detection Using SVM, Proc. IEEE 7th International Confer- ence on Wireless Communications (WiCOM), Wuhan, China, 2011.
  14. W. Lanjia, D. Haixin, L. Xing, Port scan behavior diagnosis by clustering, Proc. Information and communica- tion security, vol. 3783, pp. 243–255, 2005.
  15. Z. Jia, G. Yuntao, J. Xiaoxin, D. Haixin, W. Jianping, AMCAS: An Automatic Malicious Code Analysis System, Proc. 9th International Conference on Web-Age Information Management (WAIM) IEEE Computer Society Washington, DC, USA, 2008.
  16. Z.Jia,D.Haixin,W.Lanjia,AFastMethodofSignatureGenerationforPolymorphicWorms,Proc.International Conference on Computer and Electrical Engineering (ICCEE), Phuket, Thailand, 2009.
  17. L. Xing, D. Haixin, L. Xing, Identification of P2P traffic based on the content redistribution characteristic, Proc. International Symposium on Communications and Information Technologies (ISCIT), 2007.
  18. Y. Feng, D. Haixin, L. Xing. Modeling and analyzing of the interaction between worms and antiworms during network worm propagation, Science in China, Series F (Information Sciences), vol. 48, pp. 91–106, 2005.
  19. L. Xuefeng, D. Haixin, L., Wu, W. Jianping. Understanding the Construction Mechanism of Botnets, Proc. IEEE Symposia and Workshops on Ubiquitous, Autonomic and Trusted Computing (UIC/ATC), 2009.