Influential Security Papers

This webpage is an attempt to assemble a ranking of top-cited papers from the area of computer security. The ranking has been created based on citations of papers published at the four tier-1 security conferences, also known as the system security circus:

  1. IEEE Symposium on Security and Privacy
  2. USENIX Security Symposium
  3. ACM Conference on Computer and Communications Security (CCS)
  4. Network and Distributed System Security Symposium (NDSS)

The citations for each paper have been determined by carefully crawling the DBLP service and Google Scholar. As both services limit crawling activity, the update interval for the ranking is very large, such that citation counts change at most every two months, if at all.

Top of the Notch

Top-cited papers from 1981 to 2016 ⌄

  1. 1
    Laurent Eschenauer, Virgil D. Gligor:
    A key-management scheme for distributed sensor networks.
    ACM Conference on Computer and Communications Security (CCS), 2002
    4416 cites at Google Scholar
    1197% above average of year
    Last visited: Apr-2017
  2. 2
    Mihir Bellare, Phillip Rogaway:
    Random Oracles are Practical: A Paradigm for Designing Efficient Protocols.
    ACM Conference on Computer and Communications Security (CCS), 1993
    4398 cites at Google Scholar
    1933% above average of year
    Last visited: Apr-2017
  3. 3
    Dorothy E. Denning:
    An Intrusion-Detection Model.
    IEEE Symposium on Security and Privacy, 1986
    4209 cites at Google Scholar
    1690% above average of year
    Last visited: Mar-2017
  4. 4
    Haowen Chan, Adrian Perrig, Dawn Xiaodong Song:
    Random Key Predistribution Schemes for Sensor Networks.
    IEEE Symposium on Security and Privacy, 2003
    3575 cites at Google Scholar
    1026% above average of year
    Last visited: Apr-2017
  5. 5
    Vipul Goyal, Omkant Pandey, Amit Sahai, Brent Waters:
    Attribute-based encryption for fine-grained access control of encrypted data.
    ACM Conference on Computer and Communications Security (CCS), 2006
    3061 cites at Google Scholar
    2033% above average of year
    Last visited: Feb-2017

→  Check out the top-100 ranking

Absolute citations are not necessarily a good indicator for the impact of a paper, as the number of citations usually grows with the age of a paper. The following list shows an alternative ranking, where the citations are normalized by the age of each paper.

Top-cited papers normalized by age ⌄

  1. 1
    Vipul Goyal, Omkant Pandey, Amit Sahai, Brent Waters:
    Attribute-based encryption for fine-grained access control of encrypted data.
    ACM Conference on Computer and Communications Security (CCS), 2006
    3061 cites at Google Scholar
    2033% above average of year
    Last visited: Feb-2017
  2. 2
    Mihir Bellare, Phillip Rogaway:
    Random Oracles are Practical: A Paradigm for Designing Efficient Protocols.
    ACM Conference on Computer and Communications Security (CCS), 1993
    4398 cites at Google Scholar
    1933% above average of year
    Last visited: Apr-2017
  3. 3
    Dorothy E. Denning:
    An Intrusion-Detection Model.
    IEEE Symposium on Security and Privacy, 1986
    4209 cites at Google Scholar
    1690% above average of year
    Last visited: Mar-2017
  4. 4
    Matt Blaze, Joan Feigenbaum, Jack Lacy:
    Decentralized Trust Management.
    IEEE Symposium on Security and Privacy, 1996
    2850 cites at Google Scholar
    1468% above average of year
    Last visited: Mar-2017
  5. 5
    Joseph A. Goguen, José Meseguer:
    Security Policies and Security Models.
    IEEE Symposium on Security and Privacy, 1982
    2162 cites at Google Scholar
    1461% above average of year
    Last visited: Apr-2017

→  Check out the normalized top-100 ranking

The last Decades

If you are interested in a more detailed breakdown. Here are also rankings of top-cited papers for the last four decades:

1980 – 1990
1990 – 2000
2000 – 2010
2010 – now

Contact

As with any ranking, the presented results do not necessarily reflect the true impact of a paper. Moreover, the underlying data may contain errors or missing information. Errare humanum est.

If you have questions, comments or ideas how to improve this webpage, feel free to drop an e-mail.