姓名：刘保君
职称：助理教授（特别研究员）
邮箱：lbj@tsinghua.edu.cn
主页地址：https://netsec.ccert.edu.cn/chs/people/baojun

工学博士，清华大学，中国，2015.09-2020.10
访问学者，加州大学伯克利分校，美国，2018.01-2019.01
工学学士，西安电子科技大学，中国，2011.09-2015.07

2022.12 – 今. 清华大学网络研究院助理教授、博士生导师；中关村国家实验室、泉城实验室
2020.11 – 2022.11，清华大学网络研究院博士后（水木学者）

大规模网络流量操控行为检测与分析
互联网域名系统安全与测量
公钥基础设施安全与测量
涉网犯罪与黑灰产业链检测及对抗

清华大学，网络科学与网络空间研究院，助理教授，博士生导师。2020年于清华大学计算机科学与技术系获得工学博士学位，于美国加州大学伯克利分校国际计算机科学研究所访问一年，目前担任清华大学网络科学与网络空间研究院教研系列助理教授。2020年入选清华大学“水木学者”计划，2022年获得ACM中国计算机安全分会“科技新星奖”。近年来作为项目负责人主持十四五装备预研、国家自然科学基金、阿里巴巴创新研究计划等多个科研项目，长期担任网络安全领域多个顶级学术会议与期刊的评阅人，参与出版网络空间安全教材以及学术专著三部。

面向世界科技前沿，紧密结合国家网络安全重大战略需求以及关系国计民生的主战场，开展创新性的学术研究工作，主要研究方向包括网络基础设施安全、网络测量与态势感知、涉网犯罪及黑灰产业链检测与对抗。学术成果得到了国内外同行的高度认可，近五年来累计于国际网络安全领域竞争最为激烈的四大顶级会议发表学术论文近20篇，入选了国际互联网治理领域权威机构ICANN根域名服务器咨询委员会专家组成员。

核心学术贡献包括：1）面向网络关键基础设施以及核心网络协议，发展系统结构性安全风险分析与威胁确证技术，多次于国际上率先发现具有重要影响的未知安全缺陷。相关研究成果涵盖域名系统、公钥基础设施及内容分发网络等多类关键基础设施，获得国内外信息安全漏洞编号近160项，影响了全球几乎所有的域名解析服务商与主流路由器厂商，向国家相关部委提交了域名安全专题研究报告。研究成果推动了域名加密协议的广泛应用，改善了域名解析系统安全性现状，提升了我国关键网络基础设施应对未知风险的能力。2）面向互联网地下黑灰产及新型网络犯罪，发展复杂对抗环境下安全风险识别技术，同知名安全厂商深度协作检测传播源头，取得了积极的现实影响。相关研究成果涉及场景涵盖伪基站虚假短信、鱼叉式定向诈骗短信、非法流量劫持及恶意广告注入等违法犯罪活动，跟踪并刻画黑灰产网络犯罪团伙行为策略，首次在全球范围内证实了大规模域名解析流量劫持现象普遍存在，发现了大规模国内用户加密通信数据正面临着被隐蔽劫持的风险。研究成果对于遏制违法犯罪活动蔓延具有重要现实意义。

学术研究成果取得了一定的国际影响，收录于政府所属安全机构以及国际互联网组织的权威报告，被多位IEEE Fellow等同行评价为相关领域的代表性工作，广泛应用于阿里云、腾讯云、奇安信、360、教育科研网CERNET等主流互联网厂商与网络运营商，多次荣获具有重要影响力的国际学术奖项，包括国际互联网协会颁发的网络研究应用奖（国内仅有两项成果获得该奖项）、网络安全领域顶级会议NDSS的杰出论文奖、网络测量领域顶级会议IMC的最佳论文奖与社区贡献奖提名。研究成果被ACM TechNews等几十家国际知名媒体及政府机构宣传报道。团队成员受邀于世界信息安全领域最高盛会黑帽大会Black Hat、互联网技术标准组织IETF域名安全研讨会等重要会议进行宣讲。国际知名网络安全专家评价：上述研究成果改善了关键网络基础设施的安全性，在学术界和工业界均产生了显著影响。

2022，ACM中国计算机安全分会“科技新星奖”
2020，清华大学“水木学者”
2020，清华大学计算机系优秀博士毕业生
2020，互联网研究任务组网络研究应用奖（ANRP）
2020，IEEE/IFIP DSN 会议最佳论文奖
2019，NDSS 会议杰出论文奖
2019，ACM IMC 会议最佳论文奖提名、社区贡献奖提名

ICANN 根服务器系统安全与稳定咨询委员会成员
组织安全竞赛：DataCon 大数据安全分析竞赛, Coremail 邮件安全竞赛
期刊论文审稿: IEEE Transactions on Dependable and Securing Computing (TDSC), ACM Transactions on Privacy and Security (TOPS), Computer Networks (CN), ACM Digital Threats: Research and Practice (DTRAP)
会议论文审稿：Network and Distributed System Security Symposium (NDSS), ACM Conference on Computer and Communications Security (CCS), European Symposium on Research in Computer Security (ESORICS), International Conference on Distributed Computing Systems (ICDCS), Annual Computer Security Applications Conference (ACSAC), IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)

[30] Xiang Li, Chaoyi Lu, Baojun Liu, Qifan Zhang, Zhou Li, Haixin Duan and Qi Li. The Maginot Line: Attacking the Boundary of DNS Caching Protection, Proceedings of The 32nd USENIX Security Symposium (USENIX Security), Anaheim, California, USA, August 9-11, 2023.
[29] Run Guo, Jianjun Chen, Yihang Wang, Keran Mu, Baojun Liu, Xiang Li, Chao Zhang, Haixin Duan and Jianping Wu. Temporal CDN-Convex Lens: A CDN-Assisted Practical Pulsing DDoS Attack, Proceedings of The 32nd USENIX Security Symposium (USENIX Security), Anaheim, California, USA, August 9-11, 2023.
[28] Mingming Zhang, Xiang Li, Baojun Liu, Jianju Lu, Yiming Zhang, Jianjun Chen, Haixin Duan, Shuang Hao and Xiaofeng Zheng. Detecting and Measuring Security Risks of Hosting-Based Dangling Domains, Proceedings of The 2023 ACM SIGMETRICS (ACM SIGMETRICS), Orlando, Florida, USA, June 19-23, 2023.
[27] Xiang Li, Baojun Liu, Xuesong Bai, Mingming Zhang, Qifan Zhang, Zhou Li, Haixin Duan and Qi Li. Ghost Domain Reloaded: Vulnerable Links in the Domain Name Delegation and Revocation, Proceedings of The 30th Annual Network and Distributed Security Symposium (NDSS), San Diego, California, USA, 27 February – 3 March, 2023.
[26] Mingxuan Liu, Yiming Zhang, Baojun Liu and Haixin Duan. Exploring the Characteristics and Security Risks of Emerging Emoji Domain Names, Proceedings of The 27th European Symposium on Research in Computer Security (ESORICS), Copenhagen, Denmark, September 26-30, 2022.
[25] Huikai Xu, Miao Yu, Yanhao Wang, Yue Liu, Qinsheng Hou, Zhenbang Ma, Haixin Duan, Jianwei Zhuge and Baojun Liu. Trampoline Over the Air: Breaking in IoT Devices Through MQTT Brokers, Proceedings of The 7th IEEE European Symposium on Security and Privacy (EuroS&P), Genoa, June 6-10, 2022.
[24] Fenglu Zhang, Chaoyi Lu, Baojun Liu, Haixin Duan and Ying Liu. Measuring the Practical Effect of DNS Root Server Instances: A China-Wide Case Study, Proceedings of Passive and Active Measurement Conference (PAM), Virtual event, March 28-30, 2022.
[23] Qinge Xie, Shujun Tang, Xiaofeng Zheng, Qingran Lin, Baojun Liu, Haixin Duan and Frank Li. Building an Open, Robust, and Stable Voting-Based Internet Domain Top List, Proceedings of The 31th USENIX Security Symposium (USENIX Security), Boston, MA, USA, August 10-12, 2022.
[22] Chuhan Wang, Kaiwen Shen, Minglei Guo, Yuxuan Zhao, Mingming Zhang, Jianjun Chen, Baojun Liu, Xiaofeng Zheng, Haixin Duan, Yanzhong Lin and Qingfeng Pan. A Large-scale and Longitudinal Measurement Study of DKIM Deployment, Proceedings of The 31th USENIX Security Symposium (USENIX Security), Boston, MA, USA, August 10-12, 2022.
[21] Xuewei Feng, Qi Li, Kun Sun, Ke Xu, Baojun Liu, Xiaofeng Zheng, Qiushi Yang, Haixin Duan and Zhiyun Qian. PMTUD is not Panacea: Revisiting IP Fragmentation Attacks against TCP, Proceedings of The 29th Annual Network and Distributed Security Symposium (NDSS), San Diego, California, 27 Feruary - 3 March, 2022.
[20] Mingxuan Liu, Yiming Zhang, Baojun Liu, Zhou Li, Haixin Duan and Donghong Sun. Detecting and Characterizing SMS Spearphising Attacks, Proceedings of The 37th Annual Computer Security Applications Conference (ACSAC), Austin, Texas, USA, December 6-10, 2021.
[19] Yiming Zhang, Baojun Liu, Chaoyi Lu, Zhou Li, Haixin Duan, Jiachen Li and Zaifeng Zhang. Rusted Anchors: A National Client-Side View of Hidden Root CAs in the Web PKI Ecosystem, Proceedings of The 28th ACM Conference on Computer and Communications Security (CCS), Seoul, South Korea, November 15-19, 2021.
[18] Xiang Li, Baojun Liu, Xiaofeng Zheng, Haixin Duan, Qi Li and Youjun Huang. Fast IPv6 Network Periphery Discovery and Security Implications, Proceedings of The 51th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), Virtual, June 21-24, 2021.
[17] Chaoyi Lu, Baojun Liu, Yiming Zhang, Zhou Li, Fenglu Zhang, Haixin Duan, Ying Liu, Joann Chen, Jinjin Liang, Zaifeng Zhang, Shuang Hao and Min Yang. From WHOIS to WHOWAS: A Large-Scale Measurement Study of Domain Registration Privacy under the GDPR, Proceedings of The 28th Annual Network and Distributed Security Symposium (NDSS), Virtual, February 21-25, 2021.
[16] Kaiwen Shen, Chuhan Wang, Xiaofeng Zheng, Minglei Guo, Chaoyi Lu, Baojun Liu, Yuxuan Zhao, Shuang Hao, Haixin Duan, Qinfeng Pan and Min Yang. Weak Links in Authentication Chains: A Large-scale Analysis of Email Sender Spoofing Attacks, Proceedings of The 30th USENIX Security Symposium (USENIX Security), Vancouver, BC, Canada, August 11-13, 2021.
[15] Mingming Zhang, Xiaofeng Zheng, Kaiwen Shen, Ziqiao Kong, Chaoyi Lu, Yu Wang, Haixin Duan, Shuang Hao, Baojun Liu and Min Yang. Talking with Familiar Strangers: An Empirical Study on HTTPS Context Confusion Attacks, Proceedings of The 27th ACM Conference on Computer and Communications Security (CCS), Orlando, USA, November 9-13, 2020.
[14] Yiming Zhang, Baojun Liu, Chaoyi Lu, Zhou Li, Haixin Duan, Shuang Hao, Mingxuan Liu, Ying Liu, Dong Wang and Qiang Li. Lies in the Air: Characterizing Fake-base-station Spam Ecosystem in China, Proceedings of The 27th ACM Conference on Computer and Communications Security (CCS), Orlando, USA, November 9-13, 2020.
[13] Xiaofeng Zheng, Chaoyi Lu, Jian Peng, Qiushi Yang, Dongjie Zhou, Baojun Liu, Keyu Man, Shuang Hao, Haixin Duan and Zhiyun Qian. Poison over Troubled Forwarders: A Cache Poisoning Attack Targeting DNS Forwarding Devices, Proceedings of The 29th USENIX Security Symposium (USENIX Security), Boston, MA, USA, August 12-14, 2020.
[12] Weizhong Li, Kaiwen Shen, Run Guo, Baojun Liu, Jia Zhang, Haixin Duan, Shuang Hao, Xiarun Chen and Yao Wang. CDN Backfired: Amplification Attacks Based on HTTP Range Requests, Proceedings of The 50th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), Valencia, Spain, June 29 - July 02, 2020.
[11] Ruo Guo, Weizhong Li, Baojun Liu, Shuang Hao, Haixin Duan, Jia Zhang, Kaiwen Shen, Jianjun Chen and Ying Liu. CDN Judo: Breaking the CDN DoS Protection with Itself, Proceedings of The 27th ISOC Network and Distributed System Security Symposium (NDSS), Valencia, Spain, June 29 - July 02, 2020.
[10] Chaoyi Lu, Baojun Liu, Zhou Li, Shuang Hao, Haixin Duan, Mingming Zhang, Chunying Leng, Ying Liu, Zaifeng Zhang and Jianping Wu. An End-to-End, Large-Scale Measurement of DNS-over-Encryption: How Far Have We Come? Proceedings of The 2019 Internet Measurement Conference (IMC), Amsterdam, Netherlands, October 21-23, 2019.
[9] Kun Du, Hao Yang, Zhou Li, Haixin Duan, Shuang Hao, Baojun Liu, Yuxiao Ye, Mingxuan Liu, Xiaodong Su, Guang Liu, Zhifeng Geng, Zaifeng Zhang and Jinjin Liang. TL;DR Hazard: A Comprehensive Study of Levelsquatting Scams, Proceedings of The 15th International Conference on Security and Privacy On Communication Networks (SecureComm), Orlando, USA, October 23-25, 2019.
[8] Baojun Liu, Zhou Li, Peiyuan Zong, Chaoyi Lu, Haixin Duan, Ying Liu, Sumayah Alrwais, XiaoFeng Wang, Shuang Hao, Yaoqi Jia, Yiming Zhang, Kai Chen and Zaifeng Zhang. TraffickStop: Detecting and Measuring Illicit Traffic Monetization Through Large-scale DNS Analysis, Proceedings of The 4th IEEE European Symposium on Security and Privacy (IEEE EuroS&P), Stockholm, Sweden, June 17-19, 2019.
[7] Eihal Alowaisheq, Peng Wang, Sumayah Alrwais, Xiaojing Liao, XaioFeng Wang, Tasneem Alowaisheq, XiangHang Mi, Siyuan Tang and Baojun Liu. Cracking Wall of Confinement: Understanding and Analyzing Malicious Domain Takedowns, Proceedings of The 26th ISOC Network and Distributed System Security Symposium (NDSS), San Diego, CA, USA, February 24-27, 2020.
[6] Xianghang Mi, Xuan Feng, Xiaojing Liao, Baojun Liu, Xiaofeng Wang, Feng Qian, Zhou Li, Sumayah Alrwais, Limin Sun and Ying Liu. Resident Evil: Understanding Residential IP Proxy as a Dark Service, Proceedings of The 40th IEEE Symposium on Security and Privacy (IEEE S&P), San Francisco, USA, May 20-22, 2019.
[5] Run Guo, Jianjun Chen, Baojun Liu, Jia Zhang, Chao Zhang, Haixin Duan, Tao Wan, Jian Jiang, Shuang Hao and Yaoqi Jia. Abusing CDNs for Fun and Profit: Security Issues in CDNs’ Origin Validation, Proceedings of The 37th IEEE International Symposium on Reliable Distributed Systems (SRDS), Bahia, Brazil, October 2-5, 2018.
[4] Mingming Zhang, Baojun Liu, Chaoyi Lu, Jia Zhang, Shuang Hao and Haixin Duan. Measuring Privacy Threats in China-Wide Mobile Networks, Proceedings of The 8th USENIX Workshop on Free and Open Communications on the Internet (FOCI), Baltimore, USA, August 14, 2018.
[3] Baojun Liu, Chaoyi Lu, Haixin Duan, Ying Liu, Zhou Li, Shuang Hao and Min Yang. Who Is Answering My Queries: Understanding and Characterizing Interception of the DNS Resolution Path, Proceedings of The 27th USENIX Security Symposium (USENIX Security), Baltimore, USA, August 14, 2018.
[2] Baojun Liu, Chaoyi Lu, Zhou Li, Ying Liu, Haixin Duan, Shuang Hao and Zaifeng Zhang. A Reexamination of Internationalized Domain Names: the Good, the Bad and the Ugly, Proceedings of The 48th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), Luxembourg City, Luxembourg, June 25-28, 2018.
[1] Daiping Liu, Zhou Li, Kun Du, Haining Wang, Baojun Liu and Haixin Duan. Don’t Let One Rotten Apple Spoil the Whole Barrel: Towards Automated Detection of Shadowed Domains, Proceedings of The 24th ACM Conference on Computer and Communications Security (CCS), Dallas, TX, October 30 - November 3, 2017.