Normalized Top-100 Security Papers

This webpage is an attempt to assemble a ranking of top-cited papers from the area of computer security. The ranking has been created based on citations of papers published at top security conferences. More details are available here.

Absolute citations are not necessarily a good indicator for the impact of a paper, as the number of citations usually grows with the age of a paper. The following list shows an alternative ranking, where the citations are normalized by the age of each paper.

Top 100 papers normalized by age ⌄

  1. 1
    Xinyue Shen, Zeyuan Chen, Michael Backes, Yun Shen, and Yang Zhang:
    "Do Anything Now": Characterizing and Evaluating In-The-Wild Jailbreak Prompts on Large Language Models.
    ACM Conference on Computer and Communications Security (CCS), 2024
    563 cites at Google Scholar
    7833% above average of year
    Visited: May-2025
    Paper: DOI
  2. 2
    Nicholas Carlini and David A. Wagner:
    Towards Evaluating the Robustness of Neural Networks.
    IEEE Symposium on Security and Privacy (S&P), 2017
    11403 cites at Google Scholar
    7054% above average of year
    Visited: Jun-2025
    Paper: DOI
  3. 3
    Gelei Deng, Yi Liu, Yuekang Li, Kailong Wang, Ying Zhang, Zefeng Li, Haoyu Wang, Tianwei Zhang, and Yang Liu:
    MASTERKEY: Automated Jailbreaking of Large Language Model Chatbots.
    Network and Distributed System Security Symposium (NDSS), 2024
    397 cites at Google Scholar
    5494% above average of year
    Visited: Jun-2025
    Paper: DOI
  4. 4
    Wen-jie Lu, Zhicong Huang, Zhen Gu, Jingyu Li, Jian Liu, Cheng Hong, Kui Ren, Tao Wei, and Wenguang Chen:
    BumbleBee: Secure Two-party Inference Framework for Large Transformers.
    Network and Distributed System Security Symposium (NDSS), 2025
    50 cites at Google Scholar
    4900% above average of year
    Visited: May-2025
    Paper: DOI
  5. 5
    Nicholas Carlini, Florian Tramèr, Eric Wallace, Matthew Jagielski, Ariel Herbert-Voss, Katherine Lee, Adam Roberts, Tom B. Brown, Dawn Song, Úlfar Erlingsson, Alina Oprea, and Colin Raffel:
    Extracting Training Data from Large Language Models.
    USENIX Security Symposium, 2021
    2472 cites at Google Scholar
    4722% above average of year
    Visited: Jun-2025
    Paper: DOI
  6. 6
    Martín Abadi, Andy Chu, Ian J. Goodfellow, H. Brendan McMahan, Ilya Mironov, Kunal Talwar, and Li Zhang:
    Deep Learning with Differential Privacy.
    ACM Conference on Computer and Communications Security (CCS), 2016
    8188 cites at Google Scholar
    4596% above average of year
    Visited: Jul-2025
    Paper: DOI
  7. 7
    Mihir Bellare and Phillip Rogaway:
    Random Oracles are Practical: A Paradigm for Designing Efficient Protocols.
    ACM Conference on Computer and Communications Security (CCS), 1993
    6912 cites at Google Scholar
    4544% above average of year
    Visited: Jun-2025
    Paper: DOI
  8. 8
    Nicholas Carlini, Jamie Hayes, Milad Nasr, Matthew Jagielski, Vikash Sehwag, Florian Tramèr, Borja Balle, Daphne Ippolito, and Eric Wallace:
    Extracting Training Data from Diffusion Models.
    USENIX Security Symposium, 2023
    780 cites at Google Scholar
    4300% above average of year
    Visited: Jun-2025
    Paper: DOI
  9. 9
    Vipul Goyal, Omkant Pandey, Amit Sahai, and Brent Waters:
    Attribute-based encryption for fine-grained access control of encrypted data.
    ACM Conference on Computer and Communications Security (CCS), 2006
    7389 cites at Google Scholar
    3946% above average of year
    Visited: Apr-2025
    Paper: DOI
  10. 10
    Nicholas Carlini, Matthew Jagielski, Christopher A. Choquette-Choo, Daniel Paleka, Will Pearce, Hyrum S. Anderson, Andreas Terzis, Kurt Thomas, and Florian Tramèr:
    Poisoning Web-Scale Training Datasets is Practical.
    IEEE Symposium on Security and Privacy (S&P), 2024
    263 cites at Google Scholar
    3606% above average of year
    Visited: Jul-2025
    Paper: DOI
  11. 11
    Reza Shokri, Marco Stronati, Congzheng Song, and Vitaly Shmatikov:
    Membership Inference Attacks Against Machine Learning Models.
    IEEE Symposium on Security and Privacy (S&P), 2017
    5748 cites at Google Scholar
    3506% above average of year
    Visited: May-2025
    Paper: DOI
  12. 12
    John Bethencourt, Amit Sahai, and Brent Waters:
    Ciphertext-Policy Attribute-Based Encryption.
    IEEE Symposium on Security and Privacy (S&P), 2007
    7214 cites at Google Scholar
    3338% above average of year
    Visited: May-2025
    Paper: DOI
  13. 13
    Paul Kocher, Jann Horn, Anders Fogh, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, and Yuval Yarom:
    Spectre Attacks: Exploiting Speculative Execution.
    IEEE Symposium on Security and Privacy (S&P), 2019
    3515 cites at Google Scholar
    3170% above average of year
    Visited: Jun-2025
    Paper: DOI
  14. 14
    Nicolas Papernot, Patrick D. McDaniel, Somesh Jha, Matt Fredrikson, Z. Berkay Celik, and Ananthram Swami:
    The Limitations of Deep Learning in Adversarial Settings.
    IEEE European Symposium on Security and Privacy (EuroS&P), 2016
    5466 cites at Google Scholar
    3035% above average of year
    Visited: Jun-2025
    Paper: DOI
  15. 15
    Jiawen Zhang, Xinpeng Yang, Lipeng He, Kejia Chen, Wen-jie Lu, Yinghao Wang, Xiaoyang Hou, Jian Liu, Kui Ren, and Xiaohu Yang:
    Secure Transformer Inference Made Non-interactive.
    Network and Distributed System Security Symposium (NDSS), 2025
    31 cites at Google Scholar
    3000% above average of year
    Visited: May-2025
    Paper: DOI
  16. 16
    Stephanie Forrest, Alan S. Perelson, Lawrence Allen, and Rajesh Cherukuri:
    Self-nonself discrimination in a computer.
    IEEE Symposium on Security and Privacy (S&P), 1994
    3315 cites at Google Scholar
    2990% above average of year
    Visited: Jun-2025
    Paper: DOI
  17. 17
    Dawn Xiaodong Song, David A. Wagner, and Adrian Perrig:
    Practical Techniques for Searches on Encrypted Data.
    IEEE Symposium on Security and Privacy (S&P), 2000
    5448 cites at Google Scholar
    2987% above average of year
    Visited: Jun-2025
    Paper: DOI
  18. 18
    Nicolas Papernot, Patrick D. McDaniel, Ian J. Goodfellow, Somesh Jha, Z. Berkay Celik, and Ananthram Swami:
    Practical Black-Box Attacks against Machine Learning.
    ACM Asia Conference on Computer and Communications Security (AsiaCCS), 2017
    4727 cites at Google Scholar
    2866% above average of year
    Visited: Jun-2025
    Paper: DOI
  19. 19
    Nicholas Carlini, Steve Chien, Milad Nasr, Shuang Song, Andreas Terzis, and Florian Tramèr:
    Membership Inference Attacks From First Principles.
    IEEE Symposium on Security and Privacy (S&P), 2022
    906 cites at Google Scholar
    2800% above average of year
    Visited: Jun-2025
    Paper: DOI
  20. 20
    D. F. C. Brewer and Michael J. Nash:
    The Chinese Wall Security Policy.
    IEEE Symposium on Security and Privacy (S&P), 1989
    1531 cites at Google Scholar
    2761% above average of year
    Visited: May-2025
    Paper: DOI
  21. 21
    Matt Fredrikson, Somesh Jha, and Thomas Ristenpart:
    Model Inversion Attacks that Exploit Confidence Information and Basic Countermeasures.
    ACM Conference on Computer and Communications Security (CCS), 2015
    3831 cites at Google Scholar
    2677% above average of year
    Visited: Jun-2025
    Paper: DOI
  22. 22
    Roger Dingledine, Nick Mathewson, and Paul F. Syverson:
    Tor: The Second-Generation Onion Router.
    USENIX Security Symposium, 2004
    6419 cites at Google Scholar
    2610% above average of year
    Visited: Jul-2025
    Paper: DOI
  23. 23
    Ye Liu, Yue Xue, Daoyuan Wu, Yuqiang Sun, Yi Li, Miaolei Shi, and Yang Liu:
    PropertyGPT: LLM-driven Formal Verification of Smart Contracts through Retrieval-Augmented Property Generation.
    Network and Distributed System Security Symposium (NDSS), 2025
    27 cites at Google Scholar
    2600% above average of year
    Visited: May-2025
    Paper: DOI
  24. 24
    Yan Pang, Tianhao Wang, Xuhui Kang, Mengdi Huai, and Yang Zhang:
    White-box Membership Inference Attacks against Diffusion Models.
    Proceedings on Privacy Enhancing Technologies (PoPETS), 2025
    26 cites at Google Scholar
    2500% above average of year
    Visited: May-2025
    Paper: DOI
  25. 25
    Kallista A. Bonawitz, Vladimir Ivanov, Ben Kreuter, Antonio Marcedone, H. Brendan McMahan, Sarvar Patel, Daniel Ramage, Aaron Segal, and Karn Seth:
    Practical Secure Aggregation for Privacy-Preserving Machine Learning.
    ACM Conference on Computer and Communications Security (CCS), 2017
    3922 cites at Google Scholar
    2361% above average of year
    Visited: Jun-2025
    Paper: DOI
  26. 26
    Steven M. Bellovin and Michael Merritt:
    Encrypted key exchange: password-based protocols secure against dictionary attacks.
    IEEE Symposium on Security and Privacy (S&P), 1992
    2308 cites at Google Scholar
    2359% above average of year
    Visited: Jul-2025
    Paper: DOI
  27. 27
    Nicolas Papernot, Patrick D. McDaniel, Xi Wu, Somesh Jha, and Ananthram Swami:
    Distillation as a Defense to Adversarial Perturbations Against Deep Neural Networks.
    IEEE Symposium on Security and Privacy (S&P), 2016
    4168 cites at Google Scholar
    2290% above average of year
    Visited: Jun-2025
    Paper: DOI
  28. 28
    Ruijie Meng, Martin Mirchev, Marcel Böhme, and Abhik Roychoudhury:
    Large Language Model guided Protocol Fuzzing.
    Network and Distributed System Security Symposium (NDSS), 2024
    169 cites at Google Scholar
    2281% above average of year
    Visited: Jun-2025
    Paper: DOI
  29. 29
    Li Gong, Roger M. Needham, and Raphael Yahalom:
    Reasoning about Belief in Cryptographic Protocols.
    IEEE Symposium on Security and Privacy (S&P), 1990
    1057 cites at Google Scholar
    2197% above average of year
    Visited: May-2025
    Paper: DOI
  30. 30
    Reza Shokri and Vitaly Shmatikov:
    Privacy-Preserving Deep Learning.
    ACM Conference on Computer and Communications Security (CCS), 2015
    3128 cites at Google Scholar
    2167% above average of year
    Visited: May-2025
    Paper: DOI
  31. 31
    Lucas Bourtoule, Varun Chandrasekaran, Christopher A. Choquette-Choo, Hengrui Jia, Adelin Travers, Baiwu Zhang, David Lie, and Nicolas Papernot:
    Machine Unlearning.
    IEEE Symposium on Security and Privacy (S&P), 2021
    1156 cites at Google Scholar
    2155% above average of year
    Visited: Jun-2025
    Paper: DOI
  32. 32
    Arvind Narayanan and Vitaly Shmatikov:
    Robust De-anonymization of Large Sparse Datasets.
    IEEE Symposium on Security and Privacy (S&P), 2008
    3612 cites at Google Scholar
    2136% above average of year
    Visited: Apr-2025
    Paper: DOI
  33. 33
    Yao Liu, Michael K. Reiter, and Peng Ning:
    False data injection attacks against state estimation in electric power grids.
    ACM Conference on Computer and Communications Security (CCS), 2009
    4007 cites at Google Scholar
    2104% above average of year
    Visited: Jul-2025
    Paper: DOI
  34. 34
    Shuo Shao, Yiming Li, Hongwei Yao, Yiling He, Zhan Qin, and Kui Ren:
    Explanation as a Watermark: Towards Harmless and Multi-bit Model Ownership Verification via Watermarking Feature Attribution.
    Network and Distributed System Security Symposium (NDSS), 2025
    22 cites at Google Scholar
    2100% above average of year
    Visited: May-2025
    Paper: DOI
  35. 35
    Andy Zhou, Xiaojun Xu, Ramesh Raghunathan, Alok Lal, Xinze Guan, Bin Yu, and Bo Li:
    KnowGraph: Knowledge-Enabled Anomaly Detection via Logical Reasoning on Graph Data.
    ACM Conference on Computer and Communications Security (CCS), 2024
    156 cites at Google Scholar
    2098% above average of year
    Visited: Jun-2025
    Paper: DOI
  36. 36
    Matt Blaze, Joan Feigenbaum, and Jack Lacy:
    Decentralized Trust Management.
    IEEE Symposium on Security and Privacy (S&P), 1996
    3475 cites at Google Scholar
    2048% above average of year
    Visited: Jul-2025
    Paper: DOI
  37. 37
    Vern Paxson:
    Bro: A System for Detecting Network Intruders in Real-Time.
    USENIX Security Symposium, 1998
    4207 cites at Google Scholar
    2044% above average of year
    Visited: Jul-2025
    Paper: DOI
  38. 38
    Laurent Eschenauer and Virgil D. Gligor:
    A key-management scheme for distributed sensor networks.
    ACM Conference on Computer and Communications Security (CCS), 2002
    5594 cites at Google Scholar
    2014% above average of year
    Visited: Jun-2025
    Paper: DOI
  39. 39
    Daniel Arp, Michael Spreitzenbarth, Malte Hubner, Hugo Gascon, and Konrad Rieck:
    DREBIN: Effective and Explainable Detection of Android Malware in Your Pocket.
    Network and Distributed System Security Symposium (NDSS), 2014
    3090 cites at Google Scholar
    2001% above average of year
    Visited: Jun-2025
    Paper: DOI
  40. 40
    Minghong Fang, Xiaoyu Cao, Jinyuan Jia, and Neil Zhenqiang Gong:
    Local Model Poisoning Attacks to Byzantine-Robust Federated Learning.
    USENIX Security Symposium, 2020
    1537 cites at Google Scholar
    1995% above average of year
    Visited: Jun-2025
    Paper: DOI
  41. 41
    Giuseppe Ateniese, Randal C. Burns, Reza Curtmola, Joseph Herring, Lea Kissner, Zachary N. J. Peterson, and Dawn Xiaodong Song:
    Provable data possession at untrusted stores.
    ACM Conference on Computer and Communications Security (CCS), 2007
    4180 cites at Google Scholar
    1892% above average of year
    Visited: Jun-2025
    Paper: DOI
  42. 42
    Reza Curtmola, Juan A. Garay, Seny Kamara, and Rafail Ostrovsky:
    Searchable symmetric encryption: improved definitions and efficient constructions.
    ACM Conference on Computer and Communications Security (CCS), 2006
    3620 cites at Google Scholar
    1882% above average of year
    Visited: Jul-2025
    Paper: DOI
  43. 43
    Yupei Liu, Yuqi Jia, Runpeng Geng, Jinyuan Jia, and Neil Zhenqiang Gong:
    Formalizing and Benchmarking Prompt Injection Attacks and Defenses.
    USENIX Security Symposium, 2024
    139 cites at Google Scholar
    1859% above average of year
    Visited: Jul-2025
    Paper: DOI
  44. 44
    Hammond Pearce, Benjamin Tan, Baleegh Ahmad, Ramesh Karri, and Brendan Dolan-Gavitt:
    Examining Zero-Shot Vulnerability Repair with Large Language Models.
    IEEE Symposium on Security and Privacy (S&P), 2023
    347 cites at Google Scholar
    1857% above average of year
    Visited: Apr-2025
    Paper: DOI
  45. 45
    Eli Ben-Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer, and Madars Virza:
    Zerocash: Decentralized Anonymous Payments from Bitcoin.
    IEEE Symposium on Security and Privacy (S&P), 2014
    2867 cites at Google Scholar
    1850% above average of year
    Visited: Jun-2025
    Paper: DOI
  46. 46
    Ahmed E. Kosba, Andrew Miller, Elaine Shi, Zikai Wen, and Charalampos Papamanthou:
    Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts.
    IEEE Symposium on Security and Privacy (S&P), 2016
    3386 cites at Google Scholar
    1842% above average of year
    Visited: Jun-2025
    Paper: DOI
  47. 47
    Stephanie Forrest, Steven A. Hofmeyr, Anil Somayaji, and Thomas A. Longstaff:
    A Sense of Self for Unix Processes.
    IEEE Symposium on Security and Privacy (S&P), 1996
    3131 cites at Google Scholar
    1835% above average of year
    Visited: Jun-2025
    Paper: DOI
  48. 48
    Yuchen Yang, Bo Hui, Haolin Yuan, Neil Gong, and Yinzhi Cao:
    SneakyPrompt: Jailbreaking Text-to-image Generative Models.
    IEEE Symposium on Security and Privacy (S&P), 2024
    135 cites at Google Scholar
    1802% above average of year
    Visited: Jun-2025
    Paper: DOI
  49. 49
    Alessandro Acquisti and Ralph Gross:
    Imagined Communities: Awareness, Information Sharing, and Privacy on the Facebook.
    International Symposium on Privacy Enhancing Technologies (PETS), 2006
    3426 cites at Google Scholar
    1776% above average of year
    Visited: Apr-2025
    Paper: DOI
  50. 50
    Manos Antonakakis, Tim April, Michael D. Bailey, Matt Bernhard, Elie Bursztein, Jaime Cochran, Zakir Durumeric, J. Alex Halderman, Luca Invernizzi, Michalis Kallitsis, Deepak Kumar, Chaz Lever, Zane Ma, Joshua Mason, Damian Menscher, Chad Seaman, Nick Sullivan, Kurt Thomas, and Yi Zhou:
    Understanding the Mirai Botnet.
    USENIX Security Symposium, 2017
    2973 cites at Google Scholar
    1765% above average of year
    Visited: Jul-2025
    Paper: DOI
  51. 51
    Luca Melis, Congzheng Song, Emiliano De Cristofaro, and Vitaly Shmatikov:
    Exploiting Unintended Feature Leakage in Collaborative Learning.
    IEEE Symposium on Security and Privacy (S&P), 2019
    1999 cites at Google Scholar
    1760% above average of year
    Visited: Apr-2025
    Paper: DOI
  52. 52
    Yajin Zhou and Xuxian Jiang:
    Dissecting Android Malware: Characterization and Evolution.
    IEEE Symposium on Security and Privacy (S&P), 2012
    3138 cites at Google Scholar
    1710% above average of year
    Visited: Jun-2025
    Paper: DOI
  53. 53
    Weilin Xu, David Evans, and Yanjun Qi:
    Feature Squeezing: Detecting Adversarial Examples in Deep Neural Networks.
    Network and Distributed System Security Symposium (NDSS), 2018
    2394 cites at Google Scholar
    1688% above average of year
    Visited: Jun-2025
    Paper: DOI
  54. 54
    Úlfar Erlingsson, Vasyl Pihur, and Aleksandra Korolova:
    RAPPOR: Randomized Aggregatable Privacy-Preserving Ordinal Response.
    ACM Conference on Computer and Communications Security (CCS), 2014
    2600 cites at Google Scholar
    1668% above average of year
    Visited: May-2025
    Paper: DOI
  55. 55
    Saad Ullah, Mingji Han, Saurabh Pujar, Hammond Pearce, Ayse K. Coskun, and Gianluca Stringhini:
    LLMs Cannot Reliably Identify and Reason About Security Vulnerabilities (Yet?): A Comprehensive Evaluation, Framework, and Benchmarks.
    IEEE Symposium on Security and Privacy (S&P), 2024
    123 cites at Google Scholar
    1633% above average of year
    Visited: Jun-2025
    Paper: DOI
  56. 56
    Milad Nasr, Reza Shokri, and Amir Houmansadr:
    Comprehensive Privacy Analysis of Deep Learning: Passive and Active White-box Inference Attacks against Centralized and Federated Learning.
    IEEE Symposium on Security and Privacy (S&P), 2019
    1860 cites at Google Scholar
    1630% above average of year
    Visited: Apr-2025
    Paper: DOI
  57. 57
    Bolun Wang, Yuanshun Yao, Shawn Shan, Huiying Li, Bimal Viswanath, Haitao Zheng, and Ben Y. Zhao:
    Neural Cleanse: Identifying and Mitigating Backdoor Attacks in Neural Networks.
    IEEE Symposium on Security and Privacy (S&P), 2019
    1859 cites at Google Scholar
    1629% above average of year
    Visited: Jun-2025
    Paper: DOI
  58. 58
    Thomas Ristenpart, Eran Tromer, Hovav Shacham, and Stefan Savage:
    Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds.
    ACM Conference on Computer and Communications Security (CCS), 2009
    3102 cites at Google Scholar
    1606% above average of year
    Visited: Jul-2025
    Paper: DOI
  59. 59
    Tian Dong, Minhui Xue, Guoxing Chen, Rayne Holland, Yan Meng, Shaofeng Li, Zhen Liu, and Haojin Zhu:
    The Philosopher's Stone: Trojaning Plugins of Large Language Models.
    Network and Distributed System Security Symposium (NDSS), 2025
    17 cites at Google Scholar
    1600% above average of year
    Visited: Jun-2025
    Paper: DOI
  60. 60
    Loi Luu, Duc-Hiep Chu, Hrishi Olickel, Prateek Saxena, and Aquinas Hobor:
    Making Smart Contracts Smarter.
    ACM Conference on Computer and Communications Security (CCS), 2016
    2918 cites at Google Scholar
    1574% above average of year
    Visited: Jun-2025
    Paper: DOI
  61. 61
    Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak N. Patel, Tadayoshi Kohno, Stephen Checkoway, Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham, and Stefan Savage:
    Experimental Security Analysis of a Modern Automobile.
    IEEE Symposium on Security and Privacy (S&P), 2010
    2715 cites at Google Scholar
    1560% above average of year
    Visited: Jul-2025
    Paper: DOI
  62. 62
    Jeffrey O. Kephart and Steve R. White:
    Directed-Graph Epidemiological Models of Computer Viruses.
    IEEE Symposium on Security and Privacy (S&P), 1991
    1257 cites at Google Scholar
    1556% above average of year
    Visited: May-2025
    Paper: DOI
  63. 63
    Daniel Arp, Erwin Quiring, Feargus Pendlebury, Alexander Warnecke, Fabio Pierazzi, Christian Wressnegger, Lorenzo Cavallaro, and Konrad Rieck:
    Dos and Don'ts of Machine Learning in Computer Security.
    USENIX Security Symposium, 2022
    511 cites at Google Scholar
    1536% above average of year
    Visited: Jun-2025
    Paper: DOI
  64. 64
    Haowen Chan, Adrian Perrig, and Dawn Xiaodong Song:
    Random Key Predistribution Schemes for Sensor Networks.
    IEEE Symposium on Security and Privacy (S&P), 2003
    4447 cites at Google Scholar
    1534% above average of year
    Visited: Jun-2025
    Paper: DOI
  65. 65
    Xinlei He, Xinyue Shen, Zeyuan Chen, Michael Backes, and Yang Zhang:
    MGTBench: Benchmarking Machine-Generated Text Detection.
    ACM Conference on Computer and Communications Security (CCS), 2024
    115 cites at Google Scholar
    1520% above average of year
    Visited: Apr-2025
    Paper: DOI
  66. 66
    Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Anders Fogh, Jann Horn, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, and Mike Hamburg:
    Meltdown: Reading Kernel Memory from User Space.
    USENIX Security Symposium, 2018
    2152 cites at Google Scholar
    1507% above average of year
    Visited: Jun-2025
    Paper: DOI
  67. 67
    Nils Lukas, Ahmed Salem, Robert Sim, Shruti Tople, Lukas Wutschitz, and Santiago Zanella Béguelin:
    Analyzing Leakage of Personally Identifiable Information in Language Models.
    IEEE Symposium on Security and Privacy (S&P), 2023
    284 cites at Google Scholar
    1502% above average of year
    Visited: Jul-2025
    Paper: DOI
  68. 68
    Payman Mohassel and Yupeng Zhang:
    SecureML: A System for Scalable Privacy-Preserving Machine Learning.
    IEEE Symposium on Security and Privacy (S&P), 2017
    2502 cites at Google Scholar
    1470% above average of year
    Visited: Jul-2025
    Paper: DOI
  69. 69
    Shawn Shan, Wenxin Ding, Josephine Passananti, Stanley Wu, Haitao Zheng, and Ben Y. Zhao:
    Nightshade: Prompt-Specific Poisoning Attacks on Text-to-Image Generative Models.
    IEEE Symposium on Security and Privacy (S&P), 2024
    108 cites at Google Scholar
    1422% above average of year
    Visited: Jun-2025
    Paper: DOI
  70. 70
    Xiaoyu Cao, Minghong Fang, Jia Liu, and Neil Zhenqiang Gong:
    FLTrust: Byzantine-robust Federated Learning via Trust Bootstrapping.
    Network and Distributed System Security Symposium (NDSS), 2021
    776 cites at Google Scholar
    1414% above average of year
    Visited: Apr-2025
    Paper: DOI
  71. 71
    Joseph A. Goguen and José Meseguer:
    Security Policies and Security Models.
    IEEE Symposium on Security and Privacy (S&P), 1982
    3210 cites at Google Scholar
    1402% above average of year
    Visited: Jun-2025
    Paper: DOI
  72. 72
    Stephen Checkoway, Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham, Stefan Savage, Karl Koscher, Alexei Czeskis, Franziska Roesner, and Tadayoshi Kohno:
    Comprehensive Experimental Analyses of Automotive Attack Surfaces.
    USENIX Security Symposium, 2011
    2439 cites at Google Scholar
    1401% above average of year
    Visited: Jul-2025
    Paper: DOI
  73. 73
    Robin Sommer and Vern Paxson:
    Outside the Closed World: On Using Machine Learning for Network Intrusion Detection.
    IEEE Symposium on Security and Privacy (S&P), 2010
    2437 cites at Google Scholar
    1390% above average of year
    Visited: Jul-2025
    Paper: DOI
  74. 74
    Ari Juels and Martin Wattenberg:
    A Fuzzy Commitment Scheme.
    ACM Conference on Computer and Communications Security (CCS), 1999
    2300 cites at Google Scholar
    1381% above average of year
    Visited: Jun-2025
    Paper: DOI
  75. 75
    Zhiyuan Yu, Xiaogeng Liu, Shunning Liang, Zach Cameron, Chaowei Xiao, and Ning Zhang:
    Don't Listen To Me: Understanding and Exploring Jailbreak Prompts of Large Language Models.
    USENIX Security Symposium, 2024
    105 cites at Google Scholar
    1379% above average of year
    Visited: Jun-2025
    Paper: DOI
  76. 76
    Yuval Yarom and Katrina Falkner:
    FLUSH+RELOAD: A High Resolution, Low Noise, L3 Cache Side-Channel Attack.
    USENIX Security Symposium, 2014
    2150 cites at Google Scholar
    1362% above average of year
    Visited: Apr-2025
    Paper: DOI
  77. 77
    Florian Tramèr, Fan Zhang, Ari Juels, Michael K. Reiter, and Thomas Ristenpart:
    Stealing Machine Learning Models via Prediction APIs.
    USENIX Security Symposium, 2016
    2544 cites at Google Scholar
    1359% above average of year
    Visited: Jul-2025
    Paper: DOI
  78. 78
    Martín Abadi, Mihai Budiu, Úlfar Erlingsson, and Jay Ligatti:
    Control-flow integrity.
    ACM Conference on Computer and Communications Security (CCS), 2005
    2706 cites at Google Scholar
    1334% above average of year
    Visited: Jun-2025
    Paper: DOI
  79. 79
    Joseph Bonneau, Andrew Miller, Jeremy Clark, Arvind Narayanan, Joshua A. Kroll, and Edward W. Felten:
    SoK: Research Perspectives and Challenges for Bitcoin and Cryptocurrencies.
    IEEE Symposium on Security and Privacy (S&P), 2015
    1973 cites at Google Scholar
    1330% above average of year
    Visited: Jul-2025
    Paper: DOI
  80. 80
    Ari Juels and Burton S. Kaliski Jr.:
    Pors: proofs of retrievability for large files.
    ACM Conference on Computer and Communications Security (CCS), 2007
    2997 cites at Google Scholar
    1328% above average of year
    Visited: Jun-2025
    Paper: DOI
  81. 81
    Shawn Shan, Jenna Cryan, Emily Wenger, Haitao Zheng, Rana Hanocka, and Ben Y. Zhao:
    Glaze: Protecting Artists from Style Mimicry by Text-to-Image Models.
    USENIX Security Symposium, 2023
    250 cites at Google Scholar
    1310% above average of year
    Visited: Jun-2025
    Paper: DOI
  82. 82
    Phillip A. Porras and Richard A. Kemmerer:
    Penetration state transition analysis: A rule-based intrusion detection approach.
    Annual Computer Security Applications Conference (ACSAC), 1992
    1317 cites at Google Scholar
    1303% above average of year
    Visited: Jun-2025
    Paper: DOI
  83. 83
    Yan Pang and Tianhao Wang:
    Black-box Membership Inference Attacks against Fine-tuned Diffusion Models.
    Network and Distributed System Security Symposium (NDSS), 2025
    14 cites at Google Scholar
    1300% above average of year
    Visited: May-2025
    Paper: DOI
  84. 84
    Cong Zuo, Shangqi Lai, Shi-Feng Sun, Xingliang Yuan, Joseph K. Liu, Jun Shao, Huaxiong Wang, Liehuang Zhu, and Shujie Cui:
    Searchable Encryption for Conjunctive Queries with Extended Forward and Backward Privacy.
    Proceedings on Privacy Enhancing Technologies (PoPETS), 2025
    14 cites at Google Scholar
    1300% above average of year
    Visited: Jun-2025
    Paper: DOI
  85. 85
    Vale Tolpegin, Stacey Truex, Mehmet Emre Gursoy, and Ling Liu:
    Data Poisoning Attacks Against Federated Learning Systems.
    European Symposium on Research in Computer Security (ESORICS), 2020
    1009 cites at Google Scholar
    1275% above average of year
    Visited: Jun-2025
    Paper: DOI
  86. 86
    Linyi Li, Tao Xie, and Bo Li:
    SoK: Certified Robustness for Deep Neural Networks.
    IEEE Symposium on Security and Privacy (S&P), 2023
    243 cites at Google Scholar
    1271% above average of year
    Visited: Jun-2025
    Paper: DOI
  87. 87
    Wenke Lee, Salvatore J. Stolfo, and Kui W. Mok:
    A Data Mining Framework for Building Intrusion Detection Models.
    IEEE Symposium on Security and Privacy (S&P), 1999
    2122 cites at Google Scholar
    1266% above average of year
    Visited: Jun-2025
    Paper: DOI
  88. 88
    Franziska Boenisch, Adam Dziedzic, Roei Schuster, Ali Shahin Shamsabadi, Ilia Shumailov, and Nicolas Papernot:
    When the Curious Abandon Honesty: Federated Learning Is Not Private.
    IEEE European Symposium on Security and Privacy (EuroS&P), 2023
    240 cites at Google Scholar
    1254% above average of year
    Visited: Jun-2025
    Paper: DOI
  89. 89
    Nicholas Carlini, Chang Liu, Úlfar Erlingsson, Jernej Kos, and Dawn Song:
    The Secret Sharer: Evaluating and Testing Unintended Memorization in Neural Networks.
    USENIX Security Symposium, 2019
    1444 cites at Google Scholar
    1243% above average of year
    Visited: Jun-2025
    Paper: DOI
  90. 90
    Adrienne Porter Felt, Erika Chin, Steve Hanna, Dawn Song, and David A. Wagner:
    Android permissions demystified.
    ACM Conference on Computer and Communications Security (CCS), 2011
    2182 cites at Google Scholar
    1243% above average of year
    Visited: Jun-2025
    Paper: DOI
  91. 91
    Neil Perry, Megha Srivastava, Deepak Kumar, and Dan Boneh:
    Do Users Write More Insecure Code with AI Assistants?
    ACM Conference on Computer and Communications Security (CCS), 2023
    238 cites at Google Scholar
    1243% above average of year
    Visited: Jun-2025
    Paper: DOI
  92. 92
    Ralph C. Merkle:
    Protocols for Public Key Cryptosystems.
    IEEE Symposium on Security and Privacy (S&P), 1980
    2392 cites at Google Scholar
    1223% above average of year
    Visited: Jun-2025
    Paper: DOI
  93. 93
    David D. Clark and D. R. Wilson:
    A Comparison of Commercial and Military Computer Security Policies.
    IEEE Symposium on Security and Privacy (S&P), 1987
    2045 cites at Google Scholar
    1216% above average of year
    Visited: Apr-2025
    Paper: DOI
  94. 94
    Alma Whitten and J. Doug Tygar:
    Why Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0.
    USENIX Security Symposium, 1999
    2042 cites at Google Scholar
    1214% above average of year
    Visited: Jun-2025
    Paper: DOI
  95. 95
    James Newsome and Dawn Xiaodong Song:
    Dynamic Taint Analysis for Automatic Detection, Analysis, and SignatureGeneration of Exploits on Commodity Software.
    Network and Distributed System Security Symposium (NDSS), 2005
    2472 cites at Google Scholar
    1210% above average of year
    Visited: Jun-2025
    Paper: DOI
  96. 96
    Philip Daian, Steven Goldfeder, Tyler Kell, Yunqi Li, Xueyuan Zhao, Iddo Bentov, Lorenz Breidenbach, and Ari Juels:
    Flash Boys 2.0: Frontrunning in Decentralized Exchanges, Miner Extractable Value, and Consensus Instability.
    IEEE Symposium on Security and Privacy (S&P), 2020
    960 cites at Google Scholar
    1208% above average of year
    Visited: Jun-2025
    Paper: DOI
  97. 97
    Jayshree Sarathy and Salil P. Vadhan:
    Analyzing the Differentially Private Theil-Sen Estimator for Simple Linear Regression.
    Proceedings on Privacy Enhancing Technologies (PoPETS), 2025
    13 cites at Google Scholar
    1200% above average of year
    Visited: Jun-2025
    Paper: DOI
  98. 98
    Alexander Warnecke, Lukas Pirch, Christian Wressnegger, and Konrad Rieck:
    Machine Unlearning of Features and Labels.
    Network and Distributed System Security Symposium (NDSS), 2023
    229 cites at Google Scholar
    1192% above average of year
    Visited: Jun-2025
    Paper: DOI
  99. 99
    Arthur Gervais, Ghassan O. Karame, Karl Wüst, Vasileios Glykantzis, Hubert Ritzdorf, and Srdjan Capkun:
    On the Security and Performance of Proof of Work Blockchains.
    ACM Conference on Computer and Communications Security (CCS), 2016
    2240 cites at Google Scholar
    1185% above average of year
    Visited: Jun-2025
    Paper: DOI
  100. 100
    Crispin Cowan, Calton Pu, Dave Maier, Heather Hintony, Jonathan Walpole, Peat Bakke, Steve Beattie, Aaron Grier, Perry Wagle, and Qian Zhang:
    StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks.
    USENIX Security Symposium, 1998
    2479 cites at Google Scholar
    1163% above average of year
    Visited: Jun-2025
    Paper: DOI