Influential Security Papers

This webpage is an attempt to assemble a ranking of top-cited papers from the area of computer security. The ranking has been created based on citations of papers published at the four tier-1 security conferences, also known as the system security circus:

In addition, the following security conferences are also considered for generating the ranking:

The citations for each paper have been determined by carefully crawling the DBLP service and Google Scholar. As both services limit crawling activity, the update interval for the ranking is very large, such that citation counts change at most every two months, if at all.

Top of the Notch

Top-cited papers from 1981 to 2016 ⌄

  1. 1
    Laurent Eschenauer, Virgil D. Gligor:
    A key-management scheme for distributed sensor networks.
    ACM Conference on Computer and Communications Security (CCS), 2002
    4463 cites at Google Scholar
    1899% above average of year
    Last visited: May-2017
  2. 2
    Mihir Bellare, Phillip Rogaway:
    Random Oracles are Practical: A Paradigm for Designing Efficient Protocols.
    ACM Conference on Computer and Communications Security (CCS), 1993
    4396 cites at Google Scholar
    2700% above average of year
    Last visited: Apr-2017
  3. 3
    Dorothy E. Denning:
    An Intrusion-Detection Model.
    IEEE Symposium on Security and Privacy, 1986
    4209 cites at Google Scholar
    1691% above average of year
    Last visited: Mar-2017
  4. 4
    Haowen Chan, Adrian Perrig, Dawn Xiaodong Song:
    Random Key Predistribution Schemes for Sensor Networks.
    IEEE Symposium on Security and Privacy, 2003
    3599 cites at Google Scholar
    1575% above average of year
    Last visited: May-2017
  5. 5
    Vipul Goyal, Omkant Pandey, Amit Sahai, Brent Waters:
    Attribute-based encryption for fine-grained access control of encrypted data.
    ACM Conference on Computer and Communications Security (CCS), 2006
    3179 cites at Google Scholar
    2599% above average of year
    Last visited: Apr-2017

→  Check out the top-100 ranking

Absolute citations are not necessarily a good indicator for the impact of a paper, as the number of citations usually grows with the age of a paper. The following list shows an alternative ranking, where the citations are normalized by the age of each paper.

Top-cited papers normalized by age ⌄

  1. 1
    Mihir Bellare, Phillip Rogaway:
    Random Oracles are Practical: A Paradigm for Designing Efficient Protocols.
    ACM Conference on Computer and Communications Security (CCS), 1993
    4396 cites at Google Scholar
    2700% above average of year
    Last visited: Apr-2017
  2. 2
    Vipul Goyal, Omkant Pandey, Amit Sahai, Brent Waters:
    Attribute-based encryption for fine-grained access control of encrypted data.
    ACM Conference on Computer and Communications Security (CCS), 2006
    3179 cites at Google Scholar
    2599% above average of year
    Last visited: Apr-2017
  3. 3
    D. F. C. Brewer, Michael J. Nash:
    The Chinese Wall Security Policy.
    IEEE Symposium on Security and Privacy, 1989
    1262 cites at Google Scholar
    2581% above average of year
    Last visited: Jun-2017
  4. 4
    Steven M. Bellovin, Michael Merritt:
    Encrypted key exchange: password-based protocols secure against dictionary attacks.
    IEEE Symposium on Security and Privacy, 1992
    1648 cites at Google Scholar
    2049% above average of year
    Last visited: Apr-2017
  5. 5
    Matt Blaze, Joan Feigenbaum, Jack Lacy:
    Decentralized Trust Management.
    IEEE Symposium on Security and Privacy, 1996
    2895 cites at Google Scholar
    2008% above average of year
    Last visited: May-2017

→  Check out the normalized top-100 ranking

The last Decades

If you are interested in a more detailed breakdown. Here are also rankings of top-cited papers for the last four decades:

1980 – 1990
1990 – 2000
2000 – 2010
2010 – now

Contact

As with any ranking, the presented results do not necessarily reflect the true impact of a paper. Moreover, the underlying data may contain errors or missing information. Errare humanum est.

If you have questions, comments or ideas how to improve this webpage, feel free to drop an e-mail.