This webpage is an attempt to assemble a ranking of top-cited
papers from the area of computer security. The ranking has been
created based on citations of papers published at top
security conferences. More details are available here.
Top 100 papers from 1981 to 2018 ⌄
1
Mihir Bellare and Phillip Rogaway: Random Oracles are Practical: A Paradigm for Designing Efficient Protocols. ACM Conference on Computer and Communications Security (CCS), 1993
Laurent Eschenauer and Virgil D. Gligor: A key-management scheme for distributed sensor networks. ACM Conference on Computer and Communications Security (CCS), 2002
Vipul Goyal, Omkant Pandey, Amit Sahai, and Brent Waters: Attribute-based encryption for fine-grained access control of encrypted data. ACM Conference on Computer and Communications Security (CCS), 2006
Haowen Chan, Adrian Perrig, and Dawn Xiaodong Song: Random Key Predistribution Schemes for Sensor Networks. IEEE Symposium on Security and Privacy, 2003
Dawn Xiaodong Song, David A. Wagner, and Adrian Perrig: Practical Techniques for Searches on Encrypted Data. IEEE Symposium on Security and Privacy, 2000
Giuseppe Ateniese, Randal C. Burns, Reza Curtmola, Joseph Herring, Lea Kissner, Zachary N. J. Peterson, and Dawn Xiaodong Song: Provable data possession at untrusted stores. ACM Conference on Computer and Communications Security (CCS), 2007
Donggang Liu and Peng Ning: Establishing pairwise keys in distributed sensor networks. ACM Conference on Computer and Communications Security (CCS), 2003
Thomas Ristenpart, Eran Tromer, Hovav Shacham, and Stefan Savage: Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. ACM Conference on Computer and Communications Security (CCS), 2009
Martín Abadi and Andrew D. Gordon: A Calculus for Cryptographic Protocols: The Spi Calculus. ACM Conference on Computer and Communications Security (CCS), 1997
Ian T. Foster, Carl Kesselman, Gene Tsudik, and Steven Tuecke: A Security Architecture for Computational Grids. ACM Conference on Computer and Communications Security (CCS), 1998
Ari Juels and Burton S. Kaliski Jr.: Pors: proofs of retrievability for large files. ACM Conference on Computer and Communications Security (CCS), 2007
Steven M. Bellovin and Michael Merritt: Encrypted key exchange: password-based protocols secure against dictionary attacks. IEEE Symposium on Security and Privacy, 1992
Crispin Cowan, Calton Pu, Dave Maier, Heather Hintony, Jonathan Walpole, Peat Bakke, Steve Beattie, Aaron Grier, Perry Wagle, and Qian Zhang: StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks. USENIX Security Symposium, 1998
Wenke Lee, Salvatore J. Stolfo, and Kui W. Mok: A Data Mining Framework for Building Intrusion Detection Models. IEEE Symposium on Security and Privacy, 1999
Tal Garfinkel and Mendel Rosenblum: A Virtual Machine Introspection Based Architecture for Intrusion Detection. Network and Distributed System Security Symposium (NDSS), 2003
Reza Curtmola, Juan A. Garay, Seny Kamara, and Rafail Ostrovsky: Searchable symmetric encryption: improved definitions and efficient constructions. ACM Conference on Computer and Communications Security (CCS), 2006
James Newsome and Dawn Xiaodong Song: Dynamic Taint Analysis for Automatic Detection, Analysis, and SignatureGeneration of Exploits on Commodity Software. Network and Distributed System Security Symposium (NDSS), 2005
Christina Warrender, Stephanie Forrest, and Barak A. Pearlmutter: Detecting Intrusions using System Calls: Alternative Data Models. IEEE Symposium on Security and Privacy, 1999
Yao Liu, Michael K. Reiter, and Peng Ning: False data injection attacks against state estimation in electric power grids. ACM Conference on Computer and Communications Security (CCS), 2009
Giuseppe Ateniese, Kevin Fu, Matthew Green, and Susan Hohenberger: Improved Proxy Re-Encryption Schemes with Applications to Secure Distributed Storage. Network and Distributed System Security Symposium (NDSS), 2005
Oleg Sheyner, Joshua W. Haines, Somesh Jha, Richard Lippmann, and Jeannette M. Wing: Automated Generation and Analysis of Attack Graphs. IEEE Symposium on Security and Privacy, 2002
Adrienne Porter Felt, Erika Chin, Steve Hanna, Dawn Song, and David A. Wagner: Android permissions demystified. ACM Conference on Computer and Communications Security (CCS), 2011
Michael K. Reiter, Matthew K. Franklin, John B. Lacy, and Rebecca N. Wright: The Omega Key Management Service. ACM Conference on Computer and Communications Security (CCS), 1996
Reiner Sailer, Xiaolan Zhang, Trent Jaeger, and Leendert van Doorn: Design and Implementation of a TCG-based Integrity Measurement Architecture. USENIX Security Symposium, 2004
Blaise Gassend, Dwaine E. Clarke, Marten van Dijk, and Srinivas Devadas: Silicon physical random functions. ACM Conference on Computer and Communications Security (CCS), 2002
Ari Juels, Ronald L. Rivest, and Michael Szydlo: The blocker tag: selective blocking of RFID tags for consumer privacy. ACM Conference on Computer and Communications Security (CCS), 2003
Adrian Perrig, Ran Canetti, J. D. Tygar, and Dawn Xiaodong Song: Efficient Authentication and Signing of Multicast Streams over Lossy Channels. IEEE Symposium on Security and Privacy, 2000
Qian Wang, Cong Wang, Jin Li, Kui Ren, and Wenjing Lou: Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing. European Symposium on Research in Computer Security (ESORICS), 2009
Thomas Beth, Malte Borcherding, and Birgit Klein: Valuation of Trust in Open Networks. European Symposium on Research in Computer Security (ESORICS), 1994
J. Alex Halderman, Seth D. Schoen, Nadia Heninger, William Clarkson, William Paul, Joseph A. Calandrino, Ariel J. Feldman, Jacob Appelbaum, and Edward W. Felten: Lest We Remember: Cold Boot Attacks on Encryption Keys. USENIX Security Symposium, 2008
C. Christopher Erway, Alptekin Küpçü, Charalampos Papamanthou, and Roberto Tamassia: Dynamic provable data possession. ACM Conference on Computer and Communications Security (CCS), 2009
Kevin D. Bowers, Ari Juels, and Alina Oprea: HAIL: a high-availability and integrity layer for cloud storage. ACM Conference on Computer and Communications Security (CCS), 2009
Cristian Cadar, Vijay Ganesh, Peter M. Pawlowski, David L. Dill, and Dawson R. Engler: EXE: automatically generating inputs of death. ACM Conference on Computer and Communications Security (CCS), 2006
Cliff Changchun Zou, Weibo Gong, and Donald F. Towsley: Code red worm propagation modeling and analysis. ACM Conference on Computer and Communications Security (CCS), 2002
Patrice Godefroid, Michael Y. Levin, and David A. Molnar: Automated Whitebox Fuzz Testing. Network and Distributed System Security Symposium (NDSS), 2008
Rafail Ostrovsky, Amit Sahai, and Brent Waters: Attribute-based encryption with non-monotonic access structures. ACM Conference on Computer and Communications Security (CCS), 2007
Hovav Shacham: The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86). ACM Conference on Computer and Communications Security (CCS), 2007
Ninghui Li, John C. Mitchell, and William H. Winsborough: Design of a Role-Based Trust-Management Framework. IEEE Symposium on Security and Privacy, 2002
James Newsome, Brad Karp, and Dawn Xiaodong Song: Polygraph: Automatically Generating Signatures for Polymorphic Worms. IEEE Symposium on Security and Privacy, 2005
Martín Abadi, Mihai Budiu, Úlfar Erlingsson, and Jay Ligatti: Control-flow integrity. ACM Conference on Computer and Communications Security (CCS), 2005
Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, Tadayoshi Kohno, Stephen Checkoway, Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham, and Stefan Savage: Experimental Security Analysis of a Modern Automobile. IEEE Symposium on Security and Privacy, 2010
William Enck, Machigar Ongtang, and Patrick D. McDaniel: On lightweight mobile phone application certification. ACM Conference on Computer and Communications Security (CCS), 2009
Michael Steiner, Gene Tsudik, and Michael Waidner: Diffie-Hellman Key Distribution Extended to Group Communication. ACM Conference on Computer and Communications Security (CCS), 1996
Ke Wang and Salvatore J. Stolfo: Anomalous Payload-Based Network Intrusion Detection. International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 2004
Alfonso Valdes and Keith Skinner: Probabilistic Alert Correlation. International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 2001
David Molnar and David A. Wagner: Privacy and security in library RFID: issues, practices, and architectures. ACM Conference on Computer and Communications Security (CCS), 2004
Matthew G. Schultz, Eleazar Eskin, Erez Zadok, and Salvatore J. Stolfo: Data Mining Methods for Detection of New Malicious Executables. IEEE Symposium on Security and Privacy, 2001
Ian Jermyn, Alain J. Mayer, Fabian Monrose, Michael K. Reiter, and Aviel D. Rubin: The Design and Analysis of Graphical Passwords. USENIX Security Symposium, 1999
Guofei Gu, Junjie Zhang, and Wenke Lee: BotSniffer: Detecting Botnet Command and Control Channels in Network Traffic. Network and Distributed System Security Symposium (NDSS), 2008
Hovav Shacham, Matthew Page, Ben Pfaff, Eu-Jin Goh, Nagendra Modadugu, and Dan Boneh: On the effectiveness of address-space randomization. ACM Conference on Computer and Communications Security (CCS), 2004
Guofei Gu, Phillip A. Porras, Vinod Yegneswaran, and Martin W. Fong: BotHunter: Detecting Malware Infection Through IDS-Driven Dialog Correlation. USENIX Security Symposium, 2007
David A. Wagner, Jeffrey S. Foster, Eric A. Brewer, and Alexander Aiken: A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities. Network and Distributed System Security Symposium (NDSS), 2000
Michael J. Freedman and Robert Tappan Morris: Tarzan: a peer-to-peer anonymizing network layer. ACM Conference on Computer and Communications Security (CCS), 2002
Ernesto Damiani, Sabrina De Capitani di Vimercati, Stefano Paraboschi, Pierangela Samarati, and Fabio Violante: A reputation-based approach for choosing reliable resources in peer-to-peer networks. ACM Conference on Computer and Communications Security (CCS), 2002
Ian Goldberg, David A. Wagner, Randi Thomas, and Eric A. Brewer: A Secure Environment for Untrusted Helper Applications. USENIX Security Symposium, 1996
Adrian Perrig, Ran Canetti, Dawn Xiaodong Song, and J. D. Tygar: Efficient and Secure Source Authentication for Multicast. Network and Distributed System Security Symposium (NDSS), 2001
Jaeyeon Jung, Vern Paxson, Arthur W. Berger, and Hari Balakrishnan: Fast Portscan Detection Using Sequential Hypothesis Testing. IEEE Symposium on Security and Privacy, 2004
Stephen Checkoway, Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham, Stefan Savage, Karl Koscher, Alexei Czeskis, Franziska Roesner, and Tadayoshi Kohno: Comprehensive Experimental Analyses of Automotive Attack Surfaces. USENIX Security Symposium, 2011
Mihai Christodorescu, Somesh Jha, Sanjit A. Seshia, Dawn Xiaodong Song, and Randal E. Bryant: Semantics-Aware Malware Detection. IEEE Symposium on Security and Privacy, 2005
Bryan Parno, Adrian Perrig, and Virgil D. Gligor: Distributed Detection of Node Replication Attacks in Sensor Networks. IEEE Symposium on Security and Privacy, 2005
Heng Yin, Dawn Xiaodong Song, Manuel Egele, Christopher Kruegel, and Engin Kirda: Panorama: capturing system-wide information flow for malware detection and analysis. ACM Conference on Computer and Communications Security (CCS), 2007
Yajin Zhou, Zhi Wang, Wu Zhou, and Xuxian Jiang: Hey, You, Get Off of My Market: Detecting Malicious Apps in Official and Alternative Android Markets. Network and Distributed System Security Symposium (NDSS), 2012