Baojun Liu (刘保君)

Network and Information Security Lab (NISL)
Postdoctoral Researcher, Tsinghua University
ICANN RSSAC Cause Member
FIT 4-204, Tsinghua University, Beijing 100084, P.R.China
Email: lbj [AT] tsinghua [dot] edu [dot] cn

Education

  • November 2020 - Present: Postdoctoral researcher
  • January 2018 - January 2019: Visiting Scholar, ICSI, University of California, Berkeley
  • September 2015 - October 2020: Dept. of Computer Science and Technology, Tsinghua University
  • September 2011 - July 2015: B.E., Information Countermeasure Technology, Xidian University

Research Interests

  • DNS Security
  • Internet Measurement

Publications

Conference Papers

  1. [EuroS&P’ 22] H. Xu, M. Yu, Y. Wang, Y. Liu, Q. Hou, Z. Ma, H. Duan, J. Zhuge, and Baojun Liu. Trampoline Over the Air: Breaking in IoT Devices Through MQTT Brokers. In Proceedings of 7th IEEE European Symposium on Security and Privacy (EuroS&P’22), June 2022.

  2. [PAM’ 22] F. Zhang, C. Lu, Baojun Liu †, H. Duan, and Y. Liu †. Measuring the Practical Effect of DNS Root Server Instances: A China-Wide Case Study. In Proceedings of 23rd Passive and Active Measurement Conference (PAM’22), March 2022.

  3. [USENIX Security’ 22] Q. Xie, S. Tang, X. Zheng, Q. Lin, Baojun Liu, H. Duan, and F. Li. Building an Open, Robust, and Stable Voting-Based Internet Domain Top List. In Proceedings of 31th USENIX Security Symposium (USENIX Security’22), August 2022.

  4. [USENIX Security’ 22] C. Wang, K. Shen, M. Guo, Y. Zhao, M. Zhang, J. Chen †, Baojun Liu †, X. Zheng, H. Duan, Y. Lin and Q. Pan. A Large-scale and Longitudinal Measurement Study of DKIM Deployment. In Proceedings of 31th USENIX Security Symposium (USENIX Security’22), August 2022.

  5. [NDSS’ 22] X. Feng, Q. Li, K. Sun, K. Xu, Baojun Liu, X. Zheng, Q. Yang, H. Duan, and Z. Qian. PMTUD is not Panacea: Revisiting IP Fragmentation Attacks against TCP. In Proceedings of 29th Annual Network and Distributed Security Symposium (NDSS’22), April 2022.

  6. [ACSAC’ 21] M. Liu, Y. Zhang, Baojun Liu, Z. Li, H. Duan, and D. Sun. Detecting and Characterizing SMS Spearphising Attacks. In Proceedings of the 37th Annual Computer Security Applications Conference (ACSAC’21), December 2021.

  7. [CCS’ 21] Y. Zhang, Baojun Liu †, C. Lu, Z. Li, H. Duan †, J. Li, and Z. Zhang. Rusted Anchors: A National Client-Side View of Hidden Root CAs in the Web PKI Ecosystem. In Proceedings of the 28th ACM Conference on Computer and Communications Security (CCS’21), November 2021.

  8. [DSN’ 21] X. Li, Baojun Liu †, X. Zheng, H. Duan, Q. Li †, and Y. Huang. Fast IPv6 Network Periphery Discovery and Security Implications. In Proceedings of the 51st IEEE/IFIP International Conference on Dependable Systems and Networks (DSN’21), June 2021.

  9. [NDSS’ 21] C. Lu, Baojun Liu †, Y. Zhang, Z. Li, F. Zhang, H. Duan †, Y. Liu, J. Chen, J. Liang, Z. Zhang, S. Hao, and M. Yang. From WHOIS to WHOWAS: A Large-Scale Measurement Study of Domain Registration Privacy under the GDPR. In Proceedings of the 28th Annual Network and Distributed Security Symposium (NDSS’21), February 2021.

  10. [USENIX Security’ 21] K. Shen, C. Wang, X. Zheng †, M. Guo, C. Lu, Baojun Liu †, Y. Zhao, S. Hao, H. Duan, Q. Pan, and M. Yang. Weak Links in Authentication Chains: A Large-scale Analysis of Email Sender Spoofing Attacks. In Proceedings of the 30th USENIX Security Symposium (USENIX Security’21), August 2021.

  11. [CCS’ 20 B] M. Zhang, X. Zheng, K. Shen, Z. Kong, C. Lu, Y. Wang, H. Duan, S. Hao, Baojun Liu, and M. Yang. Talking with Familiar Strangers: An Empirical Study on HTTPS Context Confusion Attacks. In Proceedings of the 27th ACM Conference on Computer and Communications Security (CCS’20), November 2020.

  12. [CCS’ 20 A] Y. Zhang, Baojun Liu †, C. Lu, Z. Li, H. Duan†, S. Hao, M. Liu, Y. Liu, D. Wang, and Q. Li. Lies in the Air: Characterizing Fake-Base-Station Spam Ecosystem in China. In Proceedings of the 27th ACM Conference on Computer and Communications Security (CCS’20), November 2020.

  13. [USENIX Security’ 20] X. Zheng, C. Lu, J. Peng, Q. Yang, D. Zhou, Baojun Liu, K. Man, S. Hao, H. Duan, and Z. Qian. Poison Over Troubled Forwarders: A Cache Poisoning Attack Targeting DNS Forwarding Devices. In Proceedings of the 29th USENIX Security Symposium (USENIX Security’20), August 2020.

  14. [DSN’ 20] W. Li, K. Shen, R. Guo, Baojun Liu, J. Zhang, H. Duan, S. Hao, X. Chen, and Y. Wang. CDN Backfired: Amplification Attacks Based on HTTP Range Requests. In Proceedings of the 50th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN’20), June 2020. Best Paper Award !!!

  15. [NDSS’ 20] R. Guo, W. Li, Baojun Liu, S. Hao, H. Duan, J. Zhang, K. Shen, J. Chen, and Y. Liu. CDN Judo: Breaking the CDN DoS Protection with Itself. In Proceedings of the 27th ISOC Network and Distributed System Security Symposium (NDSS’20), February 2020.

  16. [IMC’ 19] C. Lu, Baojun Liu, Z. Li, S. Hao, H. Duan, M. Zhang, C. Leng, Y. Liu, Z. Zhang, and J. Wu. An End-to-End, Large-Scale Measurement of DNS-over-Encryption: How Far Have We Come? In Proceedings of the 2019 Internet Measurement Conference (IMC’19), October 2019. IETF/IRTF Applied Networking Research Prize!!!

  17. [EuroS&P’ 19] Baojun Liu, Z. Li, P. Zong, C. Lu, H. Duan, Y. Liu, S. Alrwais, X. Wang, S. Hao, Y. Jia, Y. Zhang, K. Chen, and Z. Zhang. TraffickStop: Detecting and Measuring Illicit Traffic Monetization Through Large-scale DNS Analysis. In Proceedings of the 4th IEEE European Symposium on Security and Privacy (IEEE EuroS&P’19), June 2019.

  18. [NDSS’ 19] E. Alowaisheq, P. Wang, S. Alrwais, X. Liao, X. Wang, T. Alowaisheq, X. Mi, S. Tang, and Baojun Liu. Cracking the Wall of Confinement: Understanding and Analyzing Malicious Domain Take-downs. In Proceedings of the 26th ISOC Network and Distributed System Security Symposium (NDSS’19), February 2019. Distinguished Paper Award !!!

  19. [Oakland’ 19] X. Mi, X. Feng, X. Liao, Baojun Liu, X. Wang, F. Qian, Z. Li, S. Alrwais, L. Sun, and Y. Liu. Resident Evil: Understanding Residential IP Proxy as a Dark Service. In Proceedings of the 40th IEEE Symposium on Security and Privacy (IEEE S&P’19), May 2019.

  20. [SRDS’ 18] R. Guo, J. Chen, Baojun Liu, J. Zhang, C. Zhang, H. Duan, T. Wan, J. Jiang, S. Hao, and Y. Jia. Abusing CDNs for Fun and Profit: Security Issues in CDNs’ Origin Validation. In Proceedings of the 37th IEEE International Symposium on Reliable Distributed Systems (SRDS’18), October 2018.

  21. [FOCI’ 18] M. Zhang, Baojun Liu, C. Lu, J. Zhang, S. Hao, and H. Duan. Measuring Privacy Threats in China-Wide Mobile Networks. In Proceedings of the 8th USENIX Workshop on Free and Open Communications on the Internet (FOCI’18), August 2018.

  22. [USENIX Security’ 18] Baojun Liu, C. Lu, H. Duan, Y. Liu, Z. Li, S. Hao, and M. Yang. Who Is Answering My Queries: Understanding and Characterizing Interception of the DNS Resolution Path. In Proceedings of the 27th USENIX Security Symposium (USENIX Security’18), August 2018.

  23. [DSN’ 18] Baojun Liu, C. Lu, Z. Li, Y. Liu, H. Duan, S. Hao, and Z. Zhang. A Reexamination of Internationalized Domain Names: the Good, the Bad and the Ugly. In Proceedings of the 48th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN’18), June 2018.

  24. [CCS’ 17] D. Liu, Z. Li, K. Du, H. Wang, Baojun Liu, and H. Duan. Don’t Let One Rotten Apple Spoil the Whole Barrel: Towards Automated Detection of Shadowed Domains. In Proceedings of the 24th ACM Conference on Computer and Communications Security (CCS’17), October 2017.

Academic Awards

  • DSN Best Paper Award. (July 2020)
  • IRTF Applied Networking Research Prize. (December 2019)
  • NDSS Distinguished Paper Award. (February 2019)
  • Outstanding Graduates in the Dept. of Computer Science and Technology, Tsinghua University

Media Coverage