Jianjun Chen

Postdoctoral fellow at UC Berkeley

International Computer Science Institute (ICSI)

Jianjun Chen is a postdoctoral fellow at UC Berkeley under the direction of Prof. Vern Paxson. He was a PhD student at Tsinghua University supervised by Prof. Haixin Duan.

Gernerally, his research focus on looking for new ways to break and fix systems to improve Internet security. He has published multiple papers on the “Big 4” security conferences (NDSS, CCS, USENIX Security and IEEE S&P). Among them, the NDSS paper on CDN attacks has won the “Distinguished Paper Award”. His research has not only been recognized by the academic community, but also helped many industrial companies(eg. Google, Apple, Akamai) and open-source software(eg. Squid, Firefox, Tomcat) to fix multiple vulnerabilities.

Interests

Network Security
Web Security
Protocol Security

Education

PhD in Computer Science, 2018

Tsinghua University
BSc in Computer Science, 2013

Wuhan University

Recent News

[03/19] Akamai, Fastly and Cloudflare proposed a new IETF RFC draft to mitigate the CDN loop attack discovered by us !
[07/18] Our paper on CORS security has been accepted by USENIX security 2018 !

Recent Publications

Jianjun Chen, J. Jiang, H. Duan, T. Wan, S. Chen, V. Paxson, M. Yang. We Still Don’t Have Secure Cross-Domain Requests: an Empirical Study of CORS. In USENIX Security 2018.

PDF Code Slides Video

Jianjun Chen, J. Jiang, H. Duan, N. Weaver, T. Wan, and V. Paxson. Host of Troubles: Multiple Host Ambiguities in HTTP Implementations. In CCS 2016. (Best Paper Nominee)

PDF Slides Video

X.Liao, K.Yuan, X.Wang, Z.Pei, H.Yang, Jianjun Chen, H.Duan, K.Du, E.Alowaisheq, etc. Seeking Nonsense, Looking for Trouble: Efficient Promotional-Infection Detection through Semantic Inconsistency Search. In IEEE S&P 2016.

PDF

Jianjun Chen, J. Jiang, X. Zheng, H. Duan, J. Liang, K. Li, T. Wan, and V. Paxson. Forwarding Loop Attacks in Content Delivery Networks. In NDSS 2016. (Distinguished Paper Award)

PDF Slides

Activities

Talks:

“Hacking Intranet from outside: security problems of Cross Origin Resource Sharing (CORS)“, DEF CON China, 2018, Beijing.
“Host of Troubles attack”, The 2th China Cyber Security summit(CSS) 2016, Beijing.
“Improving IPv6 Attack Detector”, Free and Open Source Software conference (FOSSAISA) 2014, Cambodia.

Selected vulnerabilities:

CVE-2016-4553, Squid team evaluated it as a highest level(blocker) security vulnerability, which allowed an attacker to remotely poison the cache of any HTTP website with arbitrary content.
CVE-2016-4554, A critical security vulnerability in Squid, which was introduced to version 1.0 in 1996.
VU#938151, A new type of DoS attacks affecting all 16 CDNs we tested.

I am serving as an reviewer for IEEE/ACM Transactions on Networking(ToN).

Awards & Scholarships

Network Security Scholarship, China Internet Development Foundation, 2017
Distinguished Paper Award, Network and Distributed System Symposium (NDSS), 2016
National Scholarship, Ministry of Education, China, 2012
National Endeavor Scholarship, Ministry of Education, China, 2011

Contact

jianjun[AT]icsi[DOT]berkeley[DOT]edu
Suite 600, 1947 Center Street, Berkeley, CA, USA