Loading [MathJax]/extensions/MathMenu.js

Baojun Liu - IEEE Xplore Author Profile

IEEE.org
IEEE Xplore
IEEE SA
IEEE Spectrum
More Sites

- Donate
- Personal Sign In

Institutional Sign In

Institutional Sign In

ADVANCED SEARCH

Author details

Baojun Liu

Publications

10

Citations

106

Publications by Year

20182024

Co-Authors:

Sumayah AlrwaisDeliang ChangLiyuan ChangJianjun ChenXiarun Chen

Show All Co-Authors (47)

Baojun Liu

Affiliation

Tsinghua University

Publication Topics

Domain Name,
Denial Of Service,
Security Issues,
Top-level Domain,
Internet Service Providers,
Security Risks,
Types Of Vulnerabilities,
Unreachable,
Valid Responses,
Vantage Point,
Access Control,
Address Space

Biography

Baojun Liu (Member, IEEE) received the PhD degree from Tsinghua University, in 2020. He is an assistant professor with Tsinghua University. He has been a visiting research scholar with the International Computer Science Institute (ICSI), UC Berkeley. His research covers a range of topics in network security, Internet measurement, and data analysis. He is currently a caucus member of ICANN Root Server System Advisory Committee (RSSAC).(Based on document published on 5 March 2024).

Publications

10

Citations

106

Publications by Year

20182024

Co-Authors:

Sumayah Alrwais
Deliang Chang
Liyuan Chang
Jianjun Chen
Xiarun Chen

Show All Co-Authors (47)

Author's Published Works

Search History

Showing 1-10 of 10 results

Conferences (8)

Journals (2)

Sort

Filter Results

Show

Open Access Only

Range
Single Year
Baojun Liu(10)
Haixin Duan(8)
Zhou Li(5)
Ying Liu(4)
Shuang Hao(4)
Tsinghua University(6)
Beijing National Research Center for Information Science and Technology(3)
University of California, Irvine(2)
QI-ANXIN Technology Research Institute(2)
Zilliqa Research(2)
2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)(1)
2018 IEEE 37th Symposium on Reliable Distributed Systems (SRDS)(1)
2019 IEEE European Symposium on Security and Privacy (EuroS&P)(1)
2019 IEEE Symposium on Security and Privacy (SP)(1)
2020 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)(1)
IEEE(10)
San Francisco, CA, USA(2)
Genoa, Italy(1)
Luxembourg, Luxembourg(1)
Salvador, Brazil(1)
Stockholm, Sweden(1)
Domain Name(8)
Security Issues(4)
Top-level Domain(4)
Caching(3)
Denial Of Service(3)

Select All on Page

Sort By

Results

TuDoor Attack: Systematically Exploring and Exploiting Logic Vulnerabilities in DNS Response Pre-processing with Malformed Packets

Xiang Li;Wei Xu;Baojun Liu;Mingming Zhang;Zhou Li;Jia Zhang;Deliang Chang;Xiaofeng Zheng;Chuhan Wang;Jianjun Chen;Haixin Duan;Qi Li

2024 IEEE Symposium on Security and Privacy (SP)

Year: 2024 | Conference Paper |

Cited by: Papers (2)

HTML

DNS can be compared to a game of chess in that its rules are simple, yet the possibilities it presents are endless. While the fundamental rules of DNS are straightforward, DNS implementations can be extremely complex. In this study, we intend to explore the complexities and vulnerabilities in DNS response pre-processing by systematically analyzing DNS RFCs and DNS software implementations. We pres...Show More

TuDoor Attack: Systematically Exploring and Exploiting Logic Vulnerabilities in DNS Response Pre-processing with Malformed Packets

Xiang Li;Wei Xu;Baojun Liu;Mingming Zhang;Zhou Li;Jia Zhang;Deliang Chang;Xiaofeng Zheng;Chuhan Wang;Jianjun Chen;Haixin Duan;Qi Li

2024 IEEE Symposium on Security and Privacy (SP)

Year: 2024 | Conference Paper |

Investigating Deployment Issues of DNS Root Server Instances From a China-Wide View

Fenglu Zhang;Baojun Liu;Chaoyi Lu;Yunpeng Xing;Haixin Duan;Ying Liu;Liyuan Chang

IEEE Transactions on Dependable and Secure Computing

Year: 2024 | Volume: 21, Issue: 6 | Journal Article |

HTML

DNS root servers are the starting point of most DNS queries. To ensure their security and stability, multiple anycast instances are operated worldwide, and new root instances have been rapidly deployed in recent years. Apart from authorized instances managed by Root Server System, some networks equip unauthorized instances to hijack queries from clients. Despite various root instances handling que...Show More

Investigating Deployment Issues of DNS Root Server Instances From a China-Wide View

Fenglu Zhang;Baojun Liu;Chaoyi Lu;Yunpeng Xing;Haixin Duan;Ying Liu;Liyuan Chang

IEEE Transactions on Dependable and Secure Computing

Year: 2024 | Volume: 21, Issue: 6 | Journal Article |

Trampoline Over the Air: Breaking in IoT Devices Through MQTT Brokers

Huikai Xu;Miao Yu;Yanhao Wang;Yue Liu;Qinsheng Hou;Zhenbang Ma;Haixin Duan;Jianwei Zhuge;Baojun Liu

2022 IEEE 7th European Symposium on Security and Privacy (EuroS&P)

Year: 2022 | Conference Paper |

Cited by: Papers (4)

HTML

MQTT is widely adopted by IoT devices because it allows for the most efficient data transfer over a variety of communication lines. The security of MQTT has received increasing attention in recent years, and several studies have demonstrated the configurations of many MQTT brokers are insecure. Adversaries are allowed to exploit vulnerable brokers and publish malicious messages to subscribers. How...Show More

Trampoline Over the Air: Breaking in IoT Devices Through MQTT Brokers

Huikai Xu;Miao Yu;Yanhao Wang;Yue Liu;Qinsheng Hou;Zhenbang Ma;Haixin Duan;Jianwei Zhuge;Baojun Liu

2022 IEEE 7th European Symposium on Security and Privacy (EuroS&P)

Year: 2022 | Conference Paper |

DNSWeight: Quantifying Country-Wise Importance of Domain Name System

Deliang Chang;Shanshan Hao;Zhou Li;Baojun Liu;Xing Li

Year: 2021 | Volume: 9 | Journal Article |

Cited by: Papers (2)

HTML

DNS (Domain Name System) is one fundamental Internet infrastructure related to most network activities. As a feasible tool to govern the Internet, DNS’s stability and interoperability will be impacted by the countries’ policies or actions along the path. Especially now that many countries have stricter control over the Internet and even sometimes “unplug” it. But there was no study to quantify the...Show More

DNSWeight: Quantifying Country-Wise Importance of Domain Name System

Deliang Chang;Shanshan Hao;Zhou Li;Baojun Liu;Xing Li

Year: 2021 | Volume: 9 | Journal Article |

Fast IPv6 Network Periphery Discovery and Security Implications

Xiang Li;Baojun Liu;Xiaofeng Zheng;Haixin Duan;Qi Li;Youjun Huang

2021 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)

Year: 2021 | Conference Paper |

Cited by: Papers (14)

HTML

Numerous measurement researches have been performed to discover the IPv4 network security issues by leveraging the fast Internet-wide scanning techniques. However, IPv6 brings the 128-bit address space and renders brute-force network scanning impractical. Although significant efforts have been dedicated to enumerating active IPv6 hosts, limited by technique efficiency and probing accuracy, large-s...Show More

Fast IPv6 Network Periphery Discovery and Security Implications

Xiang Li;Baojun Liu;Xiaofeng Zheng;Haixin Duan;Qi Li;Youjun Huang

2021 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)

Year: 2021 | Conference Paper |

CDN Backfired: Amplification Attacks Based on HTTP Range Requests

Weizhong Li;Kaiwen Shen;Run Guo;Baojun Liu;Jia Zhang;Haixin Duan;Shuang Hao;Xiarun Chen;Yao Wang

2020 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)

Year: 2020 | Conference Paper |

Cited by: Papers (6)

HTML

Content Delivery Networks (CDNs) aim to improve network performance and protect against web attack traffic for their hosting websites. And the HTTP range request mechanism is majorly designed to reduce unnecessary network transmission. However, we find the specifications failed to consider the security risks introduced when CDNs meet range requests. In this study, we present a novel class of HTTP ...Show More

CDN Backfired: Amplification Attacks Based on HTTP Range Requests

Weizhong Li;Kaiwen Shen;Run Guo;Baojun Liu;Jia Zhang;Haixin Duan;Shuang Hao;Xiarun Chen;Yao Wang

2020 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)

Year: 2020 | Conference Paper |

Resident Evil: Understanding Residential IP Proxy as a Dark Service

Xianghang Mi;Xuan Feng;Xiaojing Liao;Baojun Liu;XiaoFeng Wang;Feng Qian;Zhou Li;Sumayah Alrwais;Limin Sun;Ying Liu

2019 IEEE Symposium on Security and Privacy (SP)

Year: 2019 | Conference Paper |

Cited by: Papers (31)

HTML

An emerging Internet business is residential proxy (RESIP) as a service, in which a provider utilizes the hosts within residential networks (in contrast to those running in a datacenter) to relay their customers' traffic, in an attempt to avoid server- side blocking and detection. With the prominent roles the services could play in the underground business world, little has been done to understand...Show More

Resident Evil: Understanding Residential IP Proxy as a Dark Service

Xianghang Mi;Xuan Feng;Xiaojing Liao;Baojun Liu;XiaoFeng Wang;Feng Qian;Zhou Li;Sumayah Alrwais;Limin Sun;Ying Liu

2019 IEEE Symposium on Security and Privacy (SP)

Year: 2019 | Conference Paper |

TraffickStop: Detecting and Measuring Illicit Traffic Monetization Through Large-Scale DNS Analysis

Baojun Liu;Zhou Li;Peiyuan Zong;Chaoyi Lu;Haixin Duan;Ying Liu;Sumayah Alrwais;Xiaofeng Wang;Shuang Hao;Yaoqi Jia;Yiming Zhang;Kai Chen;Zaifeng Zhang

2019 IEEE European Symposium on Security and Privacy (EuroS&P)

Year: 2019 | Conference Paper |

Cited by: Papers (3) | Patents (1)

HTML

Illicit traffic monetization is a type of Internet fraud that hijacks users' web requests and reroutes them to a traffic network (e.g., advertising network), in order to unethically gain monetary rewards. Despite its popularity among Internet fraudsters, our understanding of the problem is still limited. Since the behavior is highly dynamic (can happen at any place including client-side, transport...Show More

TraffickStop: Detecting and Measuring Illicit Traffic Monetization Through Large-Scale DNS Analysis

Baojun Liu;Zhou Li;Peiyuan Zong;Chaoyi Lu;Haixin Duan;Ying Liu;Sumayah Alrwais;Xiaofeng Wang;Shuang Hao;Yaoqi Jia;Yiming Zhang;Kai Chen;Zaifeng Zhang

2019 IEEE European Symposium on Security and Privacy (EuroS&P)

Year: 2019 | Conference Paper |

Abusing CDNs for Fun and Profit: Security Issues in CDNs' Origin Validation

Run Guo;Jianjun Chen;Baojun Liu;Jia Zhang;Chao Zhang;Haixin Duan;Tao Wan;Jian Jiang;Shuang Hao;Yaoqi Jia

2018 IEEE 37th Symposium on Reliable Distributed Systems (SRDS)

Year: 2018 | Conference Paper |

Cited by: Papers (11)

HTML

Content Delivery Networks (CDNs) are critical Internet infrastructure. Besides high availability and high performance, CDNs also provide security services such as anti-DoS and Web Application Firewalls to CDN-powered websites. However, the massive resources of CDNs may also be leveraged by attackers exploiting their architectural, implementation, or operational weaknesses. In this paper, we show t...Show More

Abusing CDNs for Fun and Profit: Security Issues in CDNs' Origin Validation

Run Guo;Jianjun Chen;Baojun Liu;Jia Zhang;Chao Zhang;Haixin Duan;Tao Wan;Jian Jiang;Shuang Hao;Yaoqi Jia

2018 IEEE 37th Symposium on Reliable Distributed Systems (SRDS)

Year: 2018 | Conference Paper |

A Reexamination of Internationalized Domain Names: The Good, the Bad and the Ugly

Baojun Liu;Chaoyi Lu;Zhou Li;Ying Liu;Haixin Duan;Shuang Hao;Zaifeng Zhang

2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)

Year: 2018 | Conference Paper |

Cited by: Papers (33)

HTML

Internationalized Domain Names (IDNs) are domain names containing non-ASCII characters. Despite its installation in DNS for more than 15 years, little has been done to understand how this initiative was developed and its security implications. In this work, we aim to fill this gap by studying the IDN ecosystem and cyber-attacks abusing IDN. In particular, we performed by far the most comprehensive...Show More

A Reexamination of Internationalized Domain Names: The Good, the Bad and the Ugly

Baojun Liu;Chaoyi Lu;Zhou Li;Ying Liu;Haixin Duan;Shuang Hao;Zaifeng Zhang

2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)

Year: 2018 | Conference Paper |

IEEE Personal Account

Change username/password

Purchase Details

Payment Options
View Purchased Documents

Profile Information

Communications Preferences
Profession and Education
Technical interests

Need Help?

US & Canada: +1 800 678 4333
Worldwide: +1 732 981 0060
Contact & Support

Follow

About IEEE Xplore | Contact Us | Help | Accessibility | Terms of Use | Nondiscrimination Policy | IEEE Ethics Reporting | Sitemap | IEEE Privacy Policy

A public charity, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity.

© Copyright 2025 IEEE - All rights reserved, including rights for text and data mining and training of artificial intelligence and similar technologies.

IEEE Account

Change Username/Password
Update Address

Purchase Details

Payment Options
Order History
View Purchased Documents

Profile Information

Communications Preferences
Profession and Education
Technical Interests

Need Help?

US & Canada: +1 800 678 4333
Worldwide: +1 732 981 0060
Contact & Support

About IEEE Xplore
Contact Us
Help
Accessibility
Terms of Use
Nondiscrimination Policy
Sitemap
Privacy & Opting Out of Cookies

A not-for-profit organization, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity.
© Copyright 2025 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.