Home Publications Media Students Teaching Service

Conference Papers

  1. S&P'19 Measuring and Analyzing Search Engine Poisoning of Linguistic Collisions
    Matthew Joslin, Neng Li, Shuang Hao, Minhui Xue, and Haojin Zhu
    40th IEEE Symposium on Security and Privacy,
    San Francisco, CA, May 2019. To appear.
  2. SRDS'18 Abusing CDNs for Fun and Profit: Security Issues in CDNs' Origin Validation
    Run Guo, Jianjun Chen, Baojun Liu, Jia Zhang, Chao Zhang, Haixin Duan, Tao Wan, Jian Jiang, Shuang Hao and Yaoqi Jia
    37th IEEE International Symposium on Reliable Distributed Systems,
    Salvador, Brazil, October 2018. To appear.
  3. ESORICS'18 SEISMIC: SEcure In-lined Script Monitors for Interrupting Cryptojacks
    Wenhao Wang, Benjamin Ferrell, Xiaoyang Xu, Kevin W. Hamlen, and Shuang Hao
    23rd European Symposium on Research in Computer Security,
    Barcelona, Spain, September 2018. To appear.
  4. FOCI'18 Measuring Privacy Threats in China-Wide Mobile Networks
    Mingming Zhang, Baojun Liu, Chaoyi Lu, Jia Zhang, Shuang Hao and Haixin Duan
    8th USENIX Workshop on Free and Open Communications on the Internet,
    Baltimore, MD, August 2018. PDF
  5. USENIX Security'18 Rampart: Protecting Web Applications from CPU-Exhaustion Denial-of-Service Attacks
    Wei Meng, Chenxiong Qian, Shuang Hao, Kevin Borgolte, Giovanni Vigna, Christopher Kruegel, and Wenke Lee
    27th USENIX Security Symposium,
    Baltimore, MD, August 2018. PDF
  6. USENIX Security'18 Who Is Answering My Queries: Understanding and Characterizing Interception of the DNS Resolution Path
    Baojun Liu, Chaoyi Lu, Haixin Duan, Ying Liu, Zhou Li, Shuang Hao, and Min Yang
    27th USENIX Security Symposium,
    Baltimore, MD, August 2018. PDF
    Media coverage The Register, Hackread, and Rambler.
  7. DSN'18 A Reexamination of Internationalized Domain Names: the Good, the Bad and the Ugly
    Baojun Liu, Chaoyi Lu, Zhou Li, Ying Liu, Haixin Duan, Shuang Hao and Zaifeng Zhang
    48th IEEE/IFIP International Conference on Dependable Systems and Networks,
    Luxembourg City, Luxembourg, June 2018. PDF
  8. S&P'18 Enumerating Active IPv6 Hosts for Large-scale Security Scans via DNSSEC-signed Reverse Zones
    Kevin Borgolte, Shuang Hao, Tobias Fiebig, and Giovanni Vigna
    39th IEEE Symposium on Security and Privacy,
    San Francisco, CA, May 2018. PDF
  9. PAM'18 In rDNS We Trust: Revisiting a Common Data-Source's Reliability
    Tobias Fiebig, Kevin Borgolte, Shuang Hao, Christopher Kruegel, Giovanni Vigna, and Anja Feldmann
    Passive and Active Measurement Conference,
    Berlin, Germany, March 2018. PDF
  10. NDSS'18 Cloud Strife: Mitigating the Security Risks of Domain-Validated Certificates
    Kevin Borgolte, Tobias Fiebig, Shuang Hao, Christopher Kruegel, and Giovanni Vigna
    25th Network and Distributed System Security Symposium,
    San Diego, CA, February 2018. PDF
  11. NDSS'18 Smoke Screener or Straight Shooter: Detecting Elite Sybil Attacks in User-Review Social Networks
    Haizhong Zheng, Minhui Xue, Hao Lu, Shuang Hao, Haojin Zhu, Xiaohui Liang, and Keith Ross
    25th Network and Distributed System Security Symposium,
    San Diego, CA, February 2018. PDF
  12. CCS'17 DIFUZE: Interface Aware Fuzzing for Kernel Drivers
    Jake Corina, Aravind Machiry, Christopher Salls, Yan Shoshitaishvili, Shuang Hao, Christopher Kruegel, and Giovanni Vigna
    24th ACM Conference on Computer and Communications Security,
    Dallas, TX, October 2017. PDF
  13. ASIACCS'17 Gossip: Automatically Identifying Malicious Domains from Mailing List Discussions
    Cheng Huang, Shuang Hao, Luca Invernizzi, Jiayong Liu, Yong Fang, Christopher Kruegel, and Giovanni Vigna
    ACM Asia Conference on Computer and Communications Security,
    Abu Dhabi, UAE, April 2017. PDF
  14. PAM'17 Something From Nothing (There): Collecting Global IPv6 Datasets From DNS
    Tobias Fiebig, Kevin Borgolte, Shuang Hao, Christopher Kruegel, and Giovanni Vigna
    Passive and Active Measurement Conference,
    Sydney, Australia, March 2017. PDF
  15. PETS'17 On the Privacy and Security of the Ultrasound Ecosystem
    Vasilios Mavroudis, Shuang Hao, Yanick Fratantonio, Federico Maggi, Giovanni Vigna, and Christopher Kruegel
    17th Privacy Enhancing Technologies Symposium,
    Minneapolis, MN, July 2017. PDF
  16. Black Hat EU'16 Talking Behind Your Back: Attacks and Countermeasures of Ultrasonic Cross-device Tracking
    Vasilios Mavroudis, Shuang Hao, Yanick Fratantonio, Federico Maggi, Giovanni Vigna, and Christopher Kruegel
    Black Hat Europe,
    London, UK, November 2016.
    Media coverage WIRED, Fortune, Slashdot, New Scientist, Digital Trends, and International Business Times.
  17. CCS'16 PREDATOR: Proactive Recognition and Elimination of Domain Abuse at Time-Of-Registration
    Shuang Hao, Alex Kantchelian, Brad Miller, Vern Paxson, and Nick Feamster
    23rd ACM Conference on Computer and Communications Security,
    Vienna, Austria, October 2016. PDF
    Media coverage The Wall Street Journal, Dark Reading, and Daily Mail.
  18. CCS'16 Lurking Malice in the Cloud: Understanding and Detecting Cloud Repository as a Malicious Service
    Xiaojing Liao, Sumayah Alrwais, Kan Yuan, Luyi Xing, XiaoFeng Wang, Shuang Hao, and Raheem Beyah
    23rd ACM Conference on Computer and Communications Security,
    Vienna, Austria, October 2016. PDF
    Media coverage SC Magazine and Daily Mail.
  19. WWW'16 Characterizing Long-tail SEO Spam on Cloud Web Hosting Services
    Xiaojing Liao, Chang Liu, Damon McCoy, Elaine Shi, Shuang Hao, and Raheem Beyah
    25th International World Wide Web Conference,
    Montreal, Canada, April 2016. PDF
  20. CCS'15 Drops for Stuff: An Analysis of Reshipping Mule Scams
    Shuang Hao, Kevin Borgolte, Nick Nikiforakis, Gianluca Stringhini, Manuel Egele, Michael Eubanks, Brian Krebs, and Giovanni Vigna
    22nd ACM Conference on Computer and Communications Security,
    Denver, CO, October 2015. PDF Slides
    Media coverage Krebs on Security, Schneier on Security, Slashdot, and CNN.
  21. IMC'13 Understanding the Domain Registration Behavior of Spammers
    Shuang Hao, Matthew Thomas, Vern Paxson, Nick Feamster, Christian Kreibich, Chris Grier, and Scott Hollenbeck
    ACM Internet Measurement Conference,
    Barcelona, Spain, October 2013. PDF Slides
  22. IMC'11 Monitoring the Initial DNS Behavior of Malicious Domains
    Shuang Hao, Nick Feamster, and Ramakant Pandrangi
    ACM Internet Measurement Conference,
    Berlin, Germany, November 2011. PDF Slides
  23. USENIX Security'09 Detecting Spammers with SNARE: Spatio-temporal Network-level Automatic Reputation Engine
    Shuang Hao, Nadeem Ahmed Syed, Nick Feamster, Alexander G. Gray, and Sven Krasser
    18th USENIX Security Symposium,
    Montreal, Canada, August 2009. PDF Slides
    Media coverage MIT Technology Review, Slashdot, and MetaFilter.
  24. WLN'06 Sensor Networks Routing via Bayesian Exploration (poster paper)
    Shuang Hao and Ting Wang
    6th International Workshop on Wireless Local Networks,
    Tampa, FL, November 2006. PDF
  25. ICCCN'06 Efficient and Density-Aware Routing for Wireless Sensor Networks
    Ting Wang, Shuang Hao, Ping Wang, and Gang Peng
    15th International Conference on Computer Communications and Networks,
    Arlington, VA, October 2006. PDF
  26. CTS'05 A Queue Model to Detect DDos Attacks
    Shuang Hao, Hua Song, Wenbao Jiang, and Yiqi Dai
    International Symposium on Collaborative Technologies and Systems,
    Saint Louis, MO, May 2005. PDF
  27. ISPEC'05 Using Trust for Restricted Delegation in Grid Environments
    Wenbao Jiang, Chen Li, Shuang Hao, and Yiqi Dai
    1st Information Security Practice and Experience Conference,
    Singapore, April 2005. PDF

Technical Reports

  1. An Internet-Wide View into DNS Lookup Patterns
    Shuang Hao, Nick Feamster, and Ramakant Pandrangi
    White Paper, Verisign Labs, Georiga Tech, 2010. PDF