This webpage is an attempt to assemble a ranking of top-cited security papers from the 2000s. The ranking has been created based on citations of papers published at top security conferences. More details are available here.
Top-cited papers from 2009 ⌄
1
Yao Liu, Michael K. Reiter, and Peng Ning: False data injection attacks against state estimation in electric power grids. ACM Conference on Computer and Communications Security (CCS), 2009
Thomas Ristenpart, Eran Tromer, Hovav Shacham, and Stefan Savage: Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. ACM Conference on Computer and Communications Security (CCS), 2009
C. Christopher Erway, Alptekin Küpçü, Charalampos Papamanthou, and Roberto Tamassia: Dynamic provable data possession. ACM Conference on Computer and Communications Security (CCS), 2009
Qian Wang, Cong Wang, Jin Li, Kui Ren, and Wenjing Lou: Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing. European Symposium on Research in Computer Security (ESORICS), 2009
William Enck, Machigar Ongtang, and Patrick D. McDaniel: On lightweight mobile phone application certification. ACM Conference on Computer and Communications Security (CCS), 2009
Kevin D. Bowers, Ari Juels, and Alina Oprea: HAIL: a high-availability and integrity layer for cloud storage. ACM Conference on Computer and Communications Security (CCS), 2009
Melissa Chase and Sherman S. M. Chow: Improving privacy and security in multi-authority attribute-based encryption. ACM Conference on Computer and Communications Security (CCS), 2009
Bennet Yee, David Sehr, Gregory Dardyk, J. Bradley Chen, Robert Muth, Tavis Ormandy, Shiki Okasaka, Neha Narula, and Nicholas Fullagar: Native Client: A Sandbox for Portable, Untrusted x86 Native Code. IEEE Symposium on Security and Privacy (S&P), 2009
Ulrich Bayer, Paolo Milani Comparetti, Clemens Hlauschek, Christopher Krügel, and Engin Kirda: Scalable, Behavior-Based Malware Clustering. Network and Distributed System Security Symposium (NDSS), 2009
J. Alex Halderman, Seth D. Schoen, Nadia Heninger, William Clarkson, William Paul, Joseph A. Calandrino, Ariel J. Feldman, Jacob Appelbaum, and Edward W. Felten: Lest We Remember: Cold Boot Attacks on Encryption Keys. USENIX Security Symposium, 2008
Patrice Godefroid, Michael Y. Levin, and David A. Molnar: Automated Whitebox Fuzz Testing. Network and Distributed System Security Symposium (NDSS), 2008
Guofei Gu, Junjie Zhang, and Wenke Lee: BotSniffer: Detecting Botnet Command and Control Channels in Network Traffic. Network and Distributed System Security Symposium (NDSS), 2008
Artem Dinaburg, Paul Royal, Monirul Islam Sharif, and Wenke Lee: Ether: malware analysis via hardware virtualization extensions. ACM Conference on Computer and Communications Security (CCS), 2008
Daniel Halperin, Thomas S. Heydt-Benjamin, Benjamin Ransford, Shane S. Clark, Benessa Defend, Will Morgan, Kevin Fu, Tadayoshi Kohno, and William H. Maisel: Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses. IEEE Symposium on Security and Privacy (S&P), 2008
Dan Bogdanov, Sven Laur, and Jan Willemson: Sharemind: A Framework for Fast Privacy-Preserving Computations. European Symposium on Research in Computer Security (ESORICS), 2008
Giuseppe Ateniese, Randal C. Burns, Reza Curtmola, Joseph Herring, Lea Kissner, Zachary N. J. Peterson, and Dawn Xiaodong Song: Provable data possession at untrusted stores. ACM Conference on Computer and Communications Security (CCS), 2007
Ari Juels and Burton S. Kaliski Jr.: Pors: proofs of retrievability for large files. ACM Conference on Computer and Communications Security (CCS), 2007
Hovav Shacham: The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86). ACM Conference on Computer and Communications Security (CCS), 2007
Rafail Ostrovsky, Amit Sahai, and Brent Waters: Attribute-based encryption with non-monotonic access structures. ACM Conference on Computer and Communications Security (CCS), 2007
Andreas Moser, Christopher Kruegel, and Engin Kirda: Limits of Static Analysis for Malware Detection. Annual Computer Security Applications Conference (ACSAC), 2007
Guofei Gu, Phillip A. Porras, Vinod Yegneswaran, Martin W. Fong, and Wenke Lee: BotHunter: Detecting Malware Infection Through IDS-Driven Dialog Correlation. USENIX Security Symposium, 2007
Heng Yin, Dawn Xiaodong Song, Manuel Egele, Christopher Kruegel, and Engin Kirda: Panorama: capturing system-wide information flow for malware detection and analysis. ACM Conference on Computer and Communications Security (CCS), 2007
Michael D. Bailey, Jon Oberheide, Jon Andersen, Zhuoqing Morley Mao, Farnam Jahanian, and Jose Nazario: Automated Classification and Analysis of Internet Malware. International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 2007
Andreas Moser, Christopher Krügel, and Engin Kirda: Exploring Multiple Execution Paths for Malware Analysis. IEEE Symposium on Security and Privacy (S&P), 2007
Philipp Vogt, Florian Nentwich, Nenad Jovanovic, Engin Kirda, Christopher Krügel, and Giovanni Vigna: Cross Site Scripting Prevention with Dynamic Data Tainting and Static Analysis. Network and Distributed System Security Symposium (NDSS), 2007
Vipul Goyal, Omkant Pandey, Amit Sahai, and Brent Waters: Attribute-based encryption for fine-grained access control of encrypted data. ACM Conference on Computer and Communications Security (CCS), 2006
Reza Curtmola, Juan A. Garay, Seny Kamara, and Rafail Ostrovsky: Searchable symmetric encryption: improved definitions and efficient constructions. ACM Conference on Computer and Communications Security (CCS), 2006
Alessandro Acquisti and Ralph Gross: Imagined Communities: Awareness, Information Sharing, and Privacy on the Facebook. International Symposium on Privacy Enhancing Technologies (PETS), 2006
Cristian Cadar, Vijay Ganesh, Peter M. Pawlowski, David L. Dill, and Dawson R. Engler: EXE: automatically generating inputs of death. ACM Conference on Computer and Communications Security (CCS), 2006
Marco Barreno, Blaine Nelson, Russell Sears, Anthony D. Joseph, and J. D. Tygar: Can machine learning be secure? ACM Asia Conference on Computer and Communications Security (AsiaCCS), 2006
Xinming Ou, Wayne F. Boyer, and Miles A. McQueen: A scalable approach to attack graph generation. ACM Conference on Computer and Communications Security (CCS), 2006
Mihir Bellare and Gregory Neven: Multi-signatures in the plain public-Key model and a general forking lemma. ACM Conference on Computer and Communications Security (CCS), 2006
Stefan Berger, Ramón Cáceres, Kenneth A. Goldman, Ronald Perez, Reiner Sailer, and Leendert van Doorn: vTPM: Virtualizing the Trusted Platform Module. USENIX Security Symposium, 2006
Matthew Pirretti, Patrick Traynor, Patrick D. McDaniel, and Brent Waters: Secure attribute-based systems. ACM Conference on Computer and Communications Security (CCS), 2006
Martín Casado, Tal Garfinkel, Aditya Akella, Michael J. Freedman, Dan Boneh, and Nick McKeown: SANE: A Protection Architecture for Enterprise Networks. USENIX Security Symposium, 2006
Martín Abadi, Mihai Budiu, Úlfar Erlingsson, and Jay Ligatti: Control-flow integrity. ACM Conference on Computer and Communications Security (CCS), 2005
James Newsome and Dawn Xiaodong Song: Dynamic Taint Analysis for Automatic Detection, Analysis, and SignatureGeneration of Exploits on Commodity Software. Network and Distributed System Security Symposium (NDSS), 2005
Giuseppe Ateniese, Kevin Fu, Matthew Green, and Susan Hohenberger: Improved Proxy Re-Encryption Schemes with Applications to Secure Distributed Storage. Network and Distributed System Security Symposium (NDSS), 2005
James Newsome, Brad Karp, and Dawn Xiaodong Song: Polygraph: Automatically Generating Signatures for Polymorphic Worms. IEEE Symposium on Security and Privacy (S&P), 2005
Mihai Christodorescu, Somesh Jha, Sanjit A. Seshia, Dawn Xiaodong Song, and Randal E. Bryant: Semantics-Aware Malware Detection. IEEE Symposium on Security and Privacy (S&P), 2005
Bryan Parno, Adrian Perrig, and Virgil D. Gligor: Distributed Detection of Node Replication Attacks in Sensor Networks. IEEE Symposium on Security and Privacy (S&P), 2005
Reiner Sailer, Xiaolan Zhang, Trent Jaeger, and Leendert van Doorn: Design and Implementation of a TCG-based Integrity Measurement Architecture. USENIX Security Symposium, 2004
Hovav Shacham, Matthew Page, Ben Pfaff, Eu-Jin Goh, Nagendra Modadugu, and Dan Boneh: On the effectiveness of address-space randomization. ACM Conference on Computer and Communications Security (CCS), 2004
Ke Wang and Salvatore J. Stolfo: Anomalous Payload-Based Network Intrusion Detection. International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 2004
David Molnar and David A. Wagner: Privacy and security in library RFID: issues, practices, and architectures. ACM Conference on Computer and Communications Security (CCS), 2004
Haowen Chan, Adrian Perrig, and Dawn Xiaodong Song: Random Key Predistribution Schemes for Sensor Networks. IEEE Symposium on Security and Privacy (S&P), 2003
Donggang Liu and Peng Ning: Establishing pairwise keys in distributed sensor networks. ACM Conference on Computer and Communications Security (CCS), 2003
Tal Garfinkel and Mendel Rosenblum: A Virtual Machine Introspection Based Architecture for Intrusion Detection. Network and Distributed System Security Symposium (NDSS), 2003
Ari Juels, Ronald L. Rivest, and Michael Szydlo: The blocker tag: selective blocking of RFID tags for consumer privacy. ACM Conference on Computer and Communications Security (CCS), 2003
George Danezis, Roger Dingledine, and Nick Mathewson: Mixminion: Design of a Type III Anonymous Remailer Protocol. IEEE Symposium on Security and Privacy (S&P), 2003
Cullen Linn and Saumya K. Debray: Obfuscation of executable code to improve resistance to static disassembly. ACM Conference on Computer and Communications Security (CCS), 2003
Laurent Eschenauer and Virgil D. Gligor: A key-management scheme for distributed sensor networks. ACM Conference on Computer and Communications Security (CCS), 2002
Blaise Gassend, Dwaine E. Clarke, Marten van Dijk, and Srinivas Devadas: Silicon physical random functions. ACM Conference on Computer and Communications Security (CCS), 2002
Oleg Sheyner, Joshua W. Haines, Somesh Jha, Richard Lippmann, and Jeannette M. Wing: Automated Generation and Analysis of Attack Graphs. IEEE Symposium on Security and Privacy (S&P), 2002
Cliff Changchun Zou, Weibo Gong, and Donald F. Towsley: Code red worm propagation modeling and analysis. ACM Conference on Computer and Communications Security (CCS), 2002
Michael J. Freedman and Robert Tappan Morris: Tarzan: a peer-to-peer anonymizing network layer. ACM Conference on Computer and Communications Security (CCS), 2002
Frédéric Cuppens and Alexandre Miège: Alert Correlation in a Cooperative Intrusion Detection Framework. IEEE Symposium on Security and Privacy (S&P), 2002
Ninghui Li, John C. Mitchell, and William H. Winsborough: Design of a Role-Based Trust-Management Framework. IEEE Symposium on Security and Privacy (S&P), 2002
David A. Wagner and Paolo Soto: Mimicry attacks on host-based intrusion detection systems. ACM Conference on Computer and Communications Security (CCS), 2002
Alfonso Valdes and Keith Skinner: Probabilistic Alert Correlation. International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 2001
Phillip Rogaway, Mihir Bellare, John Black, and Ted Krovetz: OCB: a block-cipher mode of operation for efficient authenticated encryption. ACM Conference on Computer and Communications Security (CCS), 2001
Hervé Debar and Andreas Wespi: Aggregation and Correlation of Intrusion-Detection Alerts. International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 2001
Adrian Perrig, Ran Canetti, Dawn Xiaodong Song, and J. D. Tygar: Efficient and Secure Source Authentication for Multicast. Network and Distributed System Security Symposium (NDSS), 2001
Dawn Xiaodong Song, David A. Wagner, and Adrian Perrig: Practical Techniques for Searches on Encrypted Data. IEEE Symposium on Security and Privacy (S&P), 2000
Richard Lippmann, Joshua W. Haines, David J. Fried, Jonathan Korba, and Kumar Das: Analysis and Results of the 1999 DARPA Off-Line Intrusion Detection Evaluation. International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 2000
Adrian Perrig, Ran Canetti, J. D. Tygar, and Dawn Xiaodong Song: Efficient Authentication and Signing of Multicast Streams over Lossy Channels. IEEE Symposium on Security and Privacy (S&P), 2000
David A. Wagner, Jeffrey S. Foster, Eric A. Brewer, and Alexander Aiken: A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities. Network and Distributed System Security Symposium (NDSS), 2000
Sotiris Ioannidis, Angelos D. Keromytis, Steven M. Bellovin, and Jonathan M. Smith: Implementing a distributed firewall. ACM Conference on Computer and Communications Security (CCS), 2000
Yongdae Kim, Adrian Perrig, and Gene Tsudik: Simple and fault-tolerant key agreement for dynamic collaborative groups. ACM Conference on Computer and Communications Security (CCS), 2000