Influential Security Papers

This webpage is an attempt to assemble a ranking of top-cited papers from the area of computer security. The ranking is automatically created based on citations of papers published at top security conferences. In particular, the ranking is based on the four tier-1 conferences (see the System Security Circus)

• IEEE Symposium on Security and Privacy ("Oakland")
• USENIX Security Symposium
• ACM Conference on Computer and Communications Security (CCS)
• Network and Distributed System Security Symposium (NDSS)

and the following tier-2 conferences

• Annual Computer Security Applications Conference (ACSAC)
• European Symposium on Research in Computer Security (ESORICS)
• International Symposium on Research in Attacks, Intrusions and Defenses (RAID)
• Privacy Enhancing Technologies Symposium (PETS)
• IEEE European Symposium on Security and Privacy (EuroS&P)
• IEEE Computer Security Foundations Symposium (CSF)

The citations for each paper are determined by crawling the DBLP service and Google Scholar. As both services limit crawling activity, the update interval for the ranking is large, such that citation counts change on average every two months.

Update: The crawling mechanism for DBLP has been updated on July 1, 2022. As a result, the paper database may show a few inconsistencies. This effect will disappear over the next months.

Top of the Notch

Top-cited papers from 1980 to 2023 ⌄

1. 1

   Vipul Goyal, Omkant Pandey, Amit Sahai, and Brent Waters:
   Attribute-based encryption for fine-grained access control of encrypted data.
   ACM Conference on Computer and Communications Security (CCS), 2006
   

   6409 cites at Google Scholar

   3103% above average of year

   Last visited: Feb-2023

   Paper: DOI
2. 2

   Nicholas Carlini and David A. Wagner:
   Towards Evaluating the Robustness of Neural Networks.
   IEEE Symposium on Security and Privacy, 2017
   

   6308 cites at Google Scholar

   5940% above average of year

   Last visited: Dec-2022

   Paper: DOI
3. 3

   Mihir Bellare and Phillip Rogaway:
   Random Oracles are Practical: A Paradigm for Designing Efficient Protocols.
   ACM Conference on Computer and Communications Security (CCS), 1993
   

   6153 cites at Google Scholar

   4250% above average of year

   Last visited: Mar-2023

   Paper: DOI
4. 4

   John Bethencourt, Amit Sahai, and Brent Waters:
   Ciphertext-Policy Attribute-Based Encryption.
   IEEE Symposium on Security and Privacy, 2007
   

   6113 cites at Google Scholar

   2871% above average of year

   Last visited: Jan-2023

   Paper: DOI
5. 5

   Dorothy E. Denning:
   An Intrusion-Detection Model.
   IEEE Symposium on Security and Privacy, 1986
   

   6036 cites at Google Scholar

   1624% above average of year

   Last visited: Feb-2023

   Paper: DOI

→  Check out the top-100 ranking

Absolute citations are not necessarily a good indicator for the impact of a paper, as the number of citations usually grows with the age of a paper. The following list shows an alternative ranking, where the citations are normalized by the age of each paper.

Top-cited papers normalized by age ⌄

1. 1

   Nicholas Carlini and David A. Wagner:
   Towards Evaluating the Robustness of Neural Networks.
   IEEE Symposium on Security and Privacy, 2017
   

   6308 cites at Google Scholar

   5940% above average of year

   Last visited: Dec-2022

   Paper: DOI
2. 2

   Mihir Bellare and Phillip Rogaway:
   Random Oracles are Practical: A Paradigm for Designing Efficient Protocols.
   ACM Conference on Computer and Communications Security (CCS), 1993
   

   6153 cites at Google Scholar

   4250% above average of year

   Last visited: Mar-2023

   Paper: DOI
3. 3

   Ahmed Salem, Rui Wen, Michael Backes, Shiqing Ma, and Yang Zhang:
   Dynamic Backdoor Attacks Against Machine Learning Models.
   IEEE European Symposium on Security and Privacy, 2022
   

   135 cites at Google Scholar

   3951% above average of year

   Last visited: Feb-2023

   Paper: DOI
4. 4

   Paul Kocher, Jann Horn, Anders Fogh, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, and Yuval Yarom:
   Spectre Attacks: Exploiting Speculative Execution.
   IEEE Symposium on Security and Privacy, 2019
   

   2262 cites at Google Scholar

   3777% above average of year

   Last visited: Mar-2023

   Paper: DOI
5. 5

   Vipul Goyal, Omkant Pandey, Amit Sahai, and Brent Waters:
   Attribute-based encryption for fine-grained access control of encrypted data.
   ACM Conference on Computer and Communications Security (CCS), 2006
   

   6409 cites at Google Scholar

   3103% above average of year

   Last visited: Feb-2023

   Paper: DOI

→  Check out the normalized top-100 ranking

The Last Decades

If you are interested in a more detailed breakdown of top-cited papers over time, you can find can find rankings for the last decades here:

Limitations

As with any ranking, the presented results do not necessarily reflect the true impact of a paper. Citations are only one metric to assess the reception of a paper and are insufficient to characterize all aspects contributing to the relevance of scientific work. Moreover, the underlying data may contain errors or missing information. Errare humanum est.

Contact

If you have questions, comments, complains, or ideas how to improve this webpage, feel free to send an email to Konrad Rieck. Alternatively, you can contact me on Twitter.

Last updated: 2023-03-17T18:52:45