[1] Yijing Liu, Yiming Zhang, Baojun Liu, Haixin Duan. "Cracks in the Walled Garden: Dissecting the Gray-Market of Unauthorized iOS App Distribution via Ad Hoc Sideloading." In 35th USENIX Security Symposium (USENIX Security 2026), Seattle, WA, USA, August 12 - 14, 2026. USENIX Association, 2026.
[2] Shibo Cui, Mingxuan Liu, Baojun Liu, Haixin Duan, Ruixuan Li, Chaoyi Lu, Jin Zhang, Zhicheng Wang, Jinghua Bai. "Characterizing Iran's Phased National Internet Shutdown in 2025: A Progressive and Distributed Action." In The ACM Web Conference 2026 (WWW 2026), Dubai, UAE, June 2026. ACM, 2026.
[3] Pei Chen, Geng Hong, Xinyi Wu, Mengying Wu, Zixuan Zhu, Mingxuan Liu, Baojun Liu, Mi Zhang, Min Yang. "Unveiling the Resilience of LLM-Enhanced Search Engines Against Black-Hat SEO Manipulation." In The ACM Web Conference 2026 (WWW 2026), Dubai, UAE, June 2026. ACM, 2026.
[4] Zhifan Jiang, Mingxuan Liu, Yue Qin, Baojun Liu. "Breaking Free from Ivory Tower: Evaluating and Enhancing Real-world Chinese Underground Adversarial Jargon Detection." In IEEE Symposium on Security and Privacy (S&P 2026), San Francisco, CA, USA, May 2026. IEEE, 2026.
[5] Yuxiao Wu, Yunyi Zhang, Chaoyi Lu, Baojun Liu. "Should I Trust You? Rethinking the Principle of Zone-Based Isolation DNS Bailiwick Checking." In 33rd Annual Network and Distributed System Security Symposium (NDSS 2026), San Diego, CA, USA, February 23 - 27, 2026. Internet Society, 2026.
[6] Mengying Wu, Geng Hong, Jiatao Chen, Mingxuan Liu, Baojun Liu, Min Yang. "One Email, Many Faces: A Deep Dive into Identity Confusion in Email Aliases." In 33rd Annual Network and Distributed System Security Symposium (NDSS 2026), San Diego, CA, USA, February 23 - 27, 2026. Internet Society, 2026.
[7] Hanqing Zhao, Yiming Zhang, Lingyun Ying, Mingming Zhang, Baojun Liu, Haixin Duan, Zi-Quan You, Shuhao Zhang. "Understanding the Status and Strategies of the Code Signing Abuse Ecosystem." In 33rd Annual Network and Distributed System Security Symposium (NDSS 2026), San Diego, CA, USA, February 23 - 27, 2026. Internet Society, 2026.
[8] Xiang Li, Baojun Liu, Mingming Zhang, Zuyao Xu, Dunqiu Fan. "RebirthDay Attack: Reviving DNS Cache Poisoning with the Birthday Paradox." In 32nd ACM Conference on Computer and Communications Security (CCS 2025), Taipei, October 2025. ACM, 2025.
[9] Shuhan Zhang, Shuai Wang, Li Chen, Dan Li, Baojun Liu. "Your Shield is My Sword: A Persistent Denial-of-Service Attack via the Reuse of Unvalidated Caches in DNSSEC Validation." In 34th USENIX Security Symposium (USENIX Security 2025), Seattle, WA, USA, August 2025. USENIX Association, 2025.
[10] Ruixuan Li, Chaoyi Lu, Baojun Liu, Jun Shao. "HADES Attack: Understanding and Evaluating Manipulation Risks of Email Blocklists." In 32nd Annual Network and Distributed System Security Symposium (NDSS 2025), San Diego, CA, USA, February 2025. Internet Society, 2025.
[11] Yunpeng Xing, Chaoyi Lu, Baojun Liu, Haixin Duan, Junzhe Sun, Zhou Li. "Yesterday Once More: Global Measurement of Internet Traffic Shadowing Behaviors." In Proceedings of the 2024 ACM Internet Measurement Conference (IMC 2024), Madrid, Spain, October 2024. ACM, 2024.
[12] Yunyi Zhang, Mingxuan Liu, Baojun Liu, Yiming Zhang, Haixin Duan, Min Zhang, Hui Jiang, Yanzhe Li, Fan Shi. "Into the Dark: Unveiling Internal Site Search Abused for BlackHat SEO." In 33rd USENIX Security Symposium (USENIX Security 2024), Philadelphia, PA, USA, August 2024. USENIX Association, 2024.
[13] Yunyi Zhang, Mingming Zhang, Baojun Liu, Zhan Liu, Jia Zhang, Haixin Duan, Min Zhang, Fan Shi, Chengxi Xu. "Cross the Zone: Toward a Covert Domain Hijacking via Shared DNS Infrastructure." In 33rd USENIX Security Symposium (USENIX Security 2024), Philadelphia, PA, USA, August 14 - 16, 2024. USENIX Association, 2024.
[14] Yijing Liu, Yiming Zhang, Baojun Liu, Haixin Duan, Qiang Li, Mingxuan Liu, Ruixuan Li, Jia Yao. "Tickets or Privacy? Understand the Ecosystem of Mobile Ticket Grabbing Apps." In 33rd USENIX Security Symposium (USENIX Security 2024), Philadelphia, PA, USA, August 14 - 16, 2024. USENIX Association, 2024.
[15] Mingxuan Liu, Zhenglong Jin, Jiahai Yang, Baojun Liu, Haixin Duan, Ying Liu, Ximeng Liu, Shujun Tang. "ChatScam: Unveiling the Rising Impact of ChatGPT on Domain Name Abuse." In 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2024), Brisbane, Australia, June 24 - 27, 2024. IEEE/IFIP, 2024.
[16] Xiang Li, Wei Xu, Baojun Liu, Mingming Zhang, Zhou Li, Jia Zhang, Deliang Chang, Xiaofeng Zheng, Chuhan Wang, Jianjun Chen. "TuDoor Attack: Systematically Exploring and Exploiting Logic Vulnerabilities in DNS Response Pre-processing with Malformed Packets." In IEEE Symposium on Security and Privacy (S&P 2024), San Francisco, CA, USA, May 20 - 23, 2024. IEEE, 2024.
[17] Ruixuan Li, Baojun Liu, Chaoyi Lu, Haixin Duan, Jun Shao. "A Worldwide View on the Reachability of Encrypted DNS Services." In Proceedings of the ACM Web Conference 2024 (WWW 2024), Singapore, May 13 - 17, 2024. ACM, 2024.
[18] Mingxuan Liu, Yiming Zhang, Xiang Li, Chaoyi Lu, Baojun Liu, Haixin Duan, Xiaofeng Zheng. "Understanding the implementation and security implications of protective DNS services." In 31st Annual Network and Distributed System Security Symposium (NDSS 2024), San Diego, CA, USA, February 26 - March 1, 2024. Internet Society, 2024.
[19] Fenglu Zhang, Baojun Liu, Eihal Alowaisheq, Jianjun Chen, Chaoyi Lu, Linjian Song, Yong Ma, Ying Liu, Haixin Duan, Min Yang. "Silence is not Golden: Disrupting the Load Balancing of Authoritative DNS Servers." In Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security (CCS 2023), Copenhagen, Denmark, November 26 - 30, 2023. ACM, 2023.
[20] Wei Xu, Xiang Li, Chaoyi Lu, Baojun Liu, Haixin Duan, Jia Zhang, Jianjun Chen, Tao Wan. "TsuKing: Coordinating DNS Resolvers and Queries into Potent DoS Amplifiers." In Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security (CCS 2023), Copenhagen, Denmark, November 26 - 30, 2023. ACM, 2023.
[21] Zhenrui Zhang, Geng Hong, Xiang Li, Zhuoqun Fu, Jia Zhang, Mingxuan Liu, Chuhan Wang, Jianjun Chen, Baojun Liu, Haixin Duan, Chao Zhang, Min Yang. "Under the Dark: A Systematical Study of Stealthy Mining Pools (Ab)use in the Wild." In Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security (CCS 2023), Copenhagen, Denmark, November 26 - 30, 2023. ACM, 2023.
[22] Fenglu Zhang, Yunyi Zhang, Baojun Liu, Eihal Alowaisheq, Lingyun Ying, Xiang Li, Zaifeng Zhang, Ying Liu, Haixin Duan, Min Zhang. "Wolf in Sheep's Clothing: Evaluating Security Risks of the Undelegated Record on DNS Hosting Services." In Proceedings of the 2023 ACM on Internet Measurement Conference (IMC 2023), Montréal, Canada, October 24 - 26, 2023. ACM, 2023.
[23] Xiang Li, Chaoyi Lu, Baojun Liu, Qifan Zhang, Zhou Li, Haixin Duan, Qi Li. "The Maginot Line: Attacking the Boundary of DNS Caching Protection." In 32nd USENIX Security Symposium (USENIX Security 2023), Anaheim, CA, USA, August 9 - 11, 2023. USENIX Association, 2023.
[24] Mingming Zhang, Xiang Li, Baojun Liu, Jianyu Lu, Yiming Zhang, Jianjun Chen, Haixin Duan, Shuang Hao, Xiaofeng Zheng. "Detecting and Measuring Security Risks of Hosting-Based Dangling Domains." In ACM on Measurement and Analysis of Computing Systems (POMACS 2023), June 2023. ACM, 2023.
[25] Xiang Li, Baojun Liu, Xuesong Bai, Mingming Zhang, Qifan Zhang, Zhou Li, Haixin Duan, Qi Li. "Ghost domain reloaded: Vulnerable links in domain name delegation and revocation." In 30th Annual Network and Distributed System Security Symposium (NDSS 2023), San Diego, CA, USA, February 27 - March 3, 2023. Internet Society, 2023.
[26] Mingxuan Liu, Yiming Zhang, Baojun Liu, Haixin Duan. "Exploring the Characteristics and Security Risks of Emerging Emoji Domain Names." In 27th European Symposium on Research in Computer Security (ESORICS 2022), Copenhagen, Denmark, September 26 - 30, 2022. Springer, 2022.
[27] Qinge Xie, Shujun Tang, Xiaofeng Zheng, Qingran Lin, Baojun Liu, Haixin Duan, Frank Li. "Building an Open, Robust, and Stable Voting-Based Domain Top List." In 31st USENIX Security Symposium (USENIX Security 2022), Boston, MA, USA, August 10 - 12, 2022. USENIX Association, 2022.
[28] Chuhan Wang, Kaiwen Shen, Minglei Guo, Yuxuan Zhao, Mingming Zhang, Jianjun Chen, Baojun Liu, Xiaofeng Zheng, Haixin Duan, Yanzhong Lin, Qingfeng Pan. "A Large-scale and Longitudinal Measurement Study of DKIM Deployment." In 31st USENIX Security Symposium (USENIX Security 2022), Boston, MA, USA, August 10 - 12, 2022. USENIX Association, 2022.
[29] Fenglu Zhang, Chaoyi Lu, Baojun Liu, Haixin Duan, Ying Liu. "Measuring the practical effect of dns root server instances: A china-wide case study." In Passive and Active Network Measurement (PAM 2022), Virtual Event, March 28 - 30, 2022. Springer, 2022.
[30] Xuewei Feng, Qi Li, Kun Sun, Ke Xu, Baojun Liu, Xiaofeng Zheng, Qi Yang, Haixin Duan, Zhiyun Qian. "PMTUD is not Panacea: Revisiting IP Fragmentation Attacks against TCP." In 29th Annual Network and Distributed System Security Symposium (NDSS 2022), San Diego, CA, USA, February 2022. Internet Society, 2022.
[31] Kaiwen Shen, Chuhan Wang, Minglei Guo, Xiaofeng Zheng, Chaoyi Lu, Baojun Liu, Yuxuan Zhao, Shuang Hao, Haixin Duan. "Weak links in authentication chains: A large-scale analysis of email sender spoofing attacks." In 30th USENIX Security Symposium (USENIX Security 2021), August 11 - 13, 2021. USENIX Association, 2021.
[32] Yunyi Zhang, Baojun Liu, Chaoyi Lu, Zhou Li, Haixin Duan, Shuang Hao, Mingxuan Liu, Ying Liu, Dong Wang, Qi Li. "Lies in the Air: Characterizing Fake-base-station Spam Ecosystem in China." In 30th USENIX Security Symposium (USENIX Security 2021), August 11 - 13, 2021. USENIX Association, 2021.
[33] Chaoyi Lu, Baojun Liu, Yiming Zhang, Zhou Li, Fenglu Zhang, Haixin Duan, Ying Liu, Joann Qiongna Chen, Jinjin Liang, Zaifeng Zhang, Shuang Hao, Min Yang. "From WHOIS to WHOWAS: A Large-Scale Measurement Study of Domain Registration Privacy under the GDPR." In 28th Annual Network and Distributed System Security Symposium (NDSS 2021), February 21 - 25, 2021. Internet Society, 2021.
[34] Mingxuan Liu, Yiming Zhang, Baojun Liu, Zhou Li, Haixin Duan, Dong Sun. "Detecting and characterizing SMS spearphishing attacks." In 37th Annual Computer Security Applications Conference (ACSAC 2021), December 6 - 10, 2021. ACM, 2021.
[35] Run Guo, Weizhong Li, Baojun Liu, Shuang Hao, Jia Zhang, Haixin Duan, Kaiwen Shen, Jianjun Chen, Ying Liu. "IP Fragmentation Attacks against DNS." In 27th Annual Network and Distributed System Security Symposium (NDSS 2020), San Diego, CA, USA, February 23 - 26, 2020. Internet Society, 2020.
[36] Xiaofeng Zheng, Chaoyi Lu, Jian Peng, Qiushi Yang, Dong Zhou, Baojun Liu, Keyu Man, Shuang Hao, Haixin Duan. "Poison over troubled forwarders: A cache poisoning attack targeting DNS forwarding devices." In 29th USENIX Security Symposium (USENIX Security 2020), August 12 - 14, 2020. USENIX Association, 2020.
[37] Weizhong Li, Kaiwen Shen, Run Guo, Baojun Liu, Jia Zhang, Haixin Duan, Shuang Hao. "CDN Backfired: Amplification Attacks Based on HTTP Range Requests." In 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2020), Virtual, June 29 - July 2, 2020. IEEE/IFIP, 2020.
[38] Chaoyi Lu, Baojun Liu, Zhou Li, Shuang Hao, Hai-Xin Duan, Mingming Zhang, Chunying Leng, Ying Liu, Zaifeng Zhang, Jianping Wu. "An End-to-End, Large-Scale Measurement of DNS-over-Encryption: How Far Have We Come?" In Proceedings of the Internet Measurement Conference (IMC 2019), Amsterdam, Netherlands, October 21 - 23, 2019. ACM, 2019.
[39] Eihal Alowaisheq, Peng Wang, Sumayah A. Alrwais, Xiaojing Liao, XiaoFeng Wang, Tasneem Alowaisheq, Xianghang Mi, Siyuan Tang, Baojun Liu. "Cracking the Wall of Confinement: Understanding and Analyzing Malicious Domain Take-downs." In 26th Annual Network and Distributed System Security Symposium (NDSS 2019), San Diego, CA, USA, February 24 - 27, 2019. Internet Society, 2019.
[40] Baojun Liu, Chaoyi Lu, Haixin Duan, Ying Liu, Zhou Li, Shuang Hao, Min Yang. "Who Is Answering My Queries: Understanding and Characterizing Interception of the DNS Resolution Path." In 27th USENIX Security Symposium (USENIX Security 2018), Baltimore, MD, USA, August 15 - 17, 2018. USENIX Association, 2018.
[41] Baojun Liu, Chaoyi Lu, Zhou Li, Ying Liu, Haixin Duan, Shuang Hao, Zaifeng Zhang. "A Reexamination of Internationalized Domain Names: The Good, the Bad and the Ugly." In 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2018), Luxembourg, June 25 - 28, 2018. IEEE/IFIP, 2018.
[42] Daiping Liu, Zhou Li, Kun Du, Haining Wang, Baojun Liu, Haixin Duan. "Don’t Let One Rotten Apple Spoil the Whole Barrel: Towards Automated Detection of Shadowed Domains." In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (CCS 2017), Dallas, TX, USA, October 30 - November 3, 2017. ACM, 2017.
