Influential Security Papers

This webpage is an attempt to assemble a ranking of top-cited papers from the area of computer security. The ranking has been created based on citations of papers published at the four tier-1 security conferences, also known as the system security circus:

In addition, the following security conferences are also considered for generating the ranking:

The citations for each paper have been determined by carefully crawling the DBLP service and Google Scholar. As both services limit crawling activity, the update interval for the ranking is very large, such that citation counts change at most every two months, if at all.

Top of the Notch

Top-cited papers from 1981 to 2017 ⌄

  1. 1
    Mihir Bellare, Phillip Rogaway:
    Random Oracles are Practical: A Paradigm for Designing Efficient Protocols.
    ACM Conference on Computer and Communications Security (CCS), 1993
    4477 cites at Google Scholar
    2702% above average of year
    Last visited: Jun-2017
  2. 2
    Laurent Eschenauer, Virgil D. Gligor:
    A key-management scheme for distributed sensor networks.
    ACM Conference on Computer and Communications Security (CCS), 2002
    4475 cites at Google Scholar
    1871% above average of year
    Last visited: Jun-2017
  3. 3
    Dorothy E. Denning:
    An Intrusion-Detection Model.
    IEEE Symposium on Security and Privacy, 1986
    4320 cites at Google Scholar
    1699% above average of year
    Last visited: Jun-2017
  4. 4
    Haowen Chan, Adrian Perrig, Dawn Xiaodong Song:
    Random Key Predistribution Schemes for Sensor Networks.
    IEEE Symposium on Security and Privacy, 2003
    3604 cites at Google Scholar
    1556% above average of year
    Last visited: Jul-2017
  5. 5
    Vipul Goyal, Omkant Pandey, Amit Sahai, Brent Waters:
    Attribute-based encryption for fine-grained access control of encrypted data.
    ACM Conference on Computer and Communications Security (CCS), 2006
    3154 cites at Google Scholar
    2552% above average of year
    Last visited: Apr-2017

→  Check out the top-100 ranking

Absolute citations are not necessarily a good indicator for the impact of a paper, as the number of citations usually grows with the age of a paper. The following list shows an alternative ranking, where the citations are normalized by the age of each paper.

Top-cited papers normalized by age ⌄

  1. 1
    Mihir Bellare, Phillip Rogaway:
    Random Oracles are Practical: A Paradigm for Designing Efficient Protocols.
    ACM Conference on Computer and Communications Security (CCS), 1993
    4477 cites at Google Scholar
    2702% above average of year
    Last visited: Jun-2017
  2. 2
    D. F. C. Brewer, Michael J. Nash:
    The Chinese Wall Security Policy.
    IEEE Symposium on Security and Privacy, 1989
    1266 cites at Google Scholar
    2589% above average of year
    Last visited: Jul-2017
  3. 3
    Vipul Goyal, Omkant Pandey, Amit Sahai, Brent Waters:
    Attribute-based encryption for fine-grained access control of encrypted data.
    ACM Conference on Computer and Communications Security (CCS), 2006
    3154 cites at Google Scholar
    2552% above average of year
    Last visited: Apr-2017
  4. 4
    Steven M. Bellovin, Michael Merritt:
    Encrypted key exchange: password-based protocols secure against dictionary attacks.
    IEEE Symposium on Security and Privacy, 1992
    1648 cites at Google Scholar
    2037% above average of year
    Last visited: Apr-2017
  5. 5
    Matt Blaze, Joan Feigenbaum, Jack Lacy:
    Decentralized Trust Management.
    IEEE Symposium on Security and Privacy, 1996
    2905 cites at Google Scholar
    1996% above average of year
    Last visited: Jun-2017

→  Check out the normalized top-100 ranking

The last Decades

If you are interested in a more detailed breakdown. Here are also rankings of top-cited papers for the last four decades:

1980 – 1990
1990 – 2000
2000 – 2010
2010 – now

Contact

As with any ranking, the presented results do not necessarily reflect the true impact of a paper. Moreover, the underlying data may contain errors or missing information. Errare humanum est.

If you have questions, comments or ideas how to improve this webpage, feel free to drop an e-mail.