This webpage is an attempt to assemble a ranking of top-cited papers from the area of computer security. The ranking has been created based on citations of papers published at top security conferences. More details are available here.
Top 100 papers from 1980 to 2025 ⌄
1
Nicholas Carlini and David A. Wagner: Towards Evaluating the Robustness of Neural Networks. IEEE Symposium on Security and Privacy (S&P), 2017
Martín Abadi, Andy Chu, Ian J. Goodfellow, H. Brendan McMahan, Ilya Mironov, Kunal Talwar, and Li Zhang: Deep Learning with Differential Privacy. ACM Conference on Computer and Communications Security (CCS), 2016
Vipul Goyal, Omkant Pandey, Amit Sahai, and Brent Waters: Attribute-based encryption for fine-grained access control of encrypted data. ACM Conference on Computer and Communications Security (CCS), 2006
Mihir Bellare and Phillip Rogaway: Random Oracles are Practical: A Paradigm for Designing Efficient Protocols. ACM Conference on Computer and Communications Security (CCS), 1993
Reza Shokri, Marco Stronati, Congzheng Song, and Vitaly Shmatikov: Membership Inference Attacks Against Machine Learning Models. IEEE Symposium on Security and Privacy (S&P), 2017
Laurent Eschenauer and Virgil D. Gligor: A key-management scheme for distributed sensor networks. ACM Conference on Computer and Communications Security (CCS), 2002
Nicolas Papernot, Patrick D. McDaniel, Somesh Jha, Matt Fredrikson, Z. Berkay Celik, and Ananthram Swami: The Limitations of Deep Learning in Adversarial Settings. IEEE European Symposium on Security and Privacy (EuroS&P), 2016
Dawn Xiaodong Song, David A. Wagner, and Adrian Perrig: Practical Techniques for Searches on Encrypted Data. IEEE Symposium on Security and Privacy (S&P), 2000
Nicolas Papernot, Patrick D. McDaniel, Ian J. Goodfellow, Somesh Jha, Z. Berkay Celik, and Ananthram Swami: Practical Black-Box Attacks against Machine Learning. ACM Asia Conference on Computer and Communications Security (AsiaCCS), 2017
Haowen Chan, Adrian Perrig, and Dawn Xiaodong Song: Random Key Predistribution Schemes for Sensor Networks. IEEE Symposium on Security and Privacy (S&P), 2003
Nicolas Papernot, Patrick D. McDaniel, Xi Wu, Somesh Jha, and Ananthram Swami: Distillation as a Defense to Adversarial Perturbations Against Deep Neural Networks. IEEE Symposium on Security and Privacy (S&P), 2016
Giuseppe Ateniese, Randal C. Burns, Reza Curtmola, Joseph Herring, Lea Kissner, Zachary N. J. Peterson, and Dawn Xiaodong Song: Provable data possession at untrusted stores. ACM Conference on Computer and Communications Security (CCS), 2007
Yao Liu, Michael K. Reiter, and Peng Ning: False data injection attacks against state estimation in electric power grids. ACM Conference on Computer and Communications Security (CCS), 2009
Kallista A. Bonawitz, Vladimir Ivanov, Ben Kreuter, Antonio Marcedone, H. Brendan McMahan, Sarvar Patel, Daniel Ramage, Aaron Segal, and Karn Seth: Practical Secure Aggregation for Privacy-Preserving Machine Learning. ACM Conference on Computer and Communications Security (CCS), 2017
Matt Fredrikson, Somesh Jha, and Thomas Ristenpart: Model Inversion Attacks that Exploit Confidence Information and Basic Countermeasures. ACM Conference on Computer and Communications Security (CCS), 2015
Paul Kocher, Jann Horn, Anders Fogh, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, and Yuval Yarom: Spectre Attacks: Exploiting Speculative Execution. IEEE Symposium on Security and Privacy (S&P), 2019
Reza Curtmola, Juan A. Garay, Seny Kamara, and Rafail Ostrovsky: Searchable symmetric encryption: improved definitions and efficient constructions. ACM Conference on Computer and Communications Security (CCS), 2006
Alessandro Acquisti and Ralph Gross: Imagined Communities: Awareness, Information Sharing, and Privacy on the Facebook. International Symposium on Privacy Enhancing Technologies (PETS), 2006
Ahmed E. Kosba, Andrew Miller, Elaine Shi, Zikai Wen, and Charalampos Papamanthou: Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts. IEEE Symposium on Security and Privacy (S&P), 2016
Stephanie Forrest, Alan S. Perelson, Lawrence Allen, and Rajesh Cherukuri: Self-nonself discrimination in a computer. IEEE Symposium on Security and Privacy (S&P), 1994
Stephanie Forrest, Steven A. Hofmeyr, Anil Somayaji, and Thomas A. Longstaff: A Sense of Self for Unix Processes. IEEE Symposium on Security and Privacy (S&P), 1996
Daniel Arp, Michael Spreitzenbarth, Malte Hubner, Hugo Gascon, and Konrad Rieck: DREBIN: Effective and Explainable Detection of Android Malware in Your Pocket. Network and Distributed System Security Symposium (NDSS), 2014
Thomas Ristenpart, Eran Tromer, Hovav Shacham, and Stefan Savage: Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. ACM Conference on Computer and Communications Security (CCS), 2009
Manos Antonakakis, Tim April, Michael D. Bailey, Matt Bernhard, Elie Bursztein, Jaime Cochran, Zakir Durumeric, J. Alex Halderman, Luca Invernizzi, Michalis Kallitsis, Deepak Kumar, Chaz Lever, Zane Ma, Joshua Mason, Damian Menscher, Chad Seaman, Nick Sullivan, Kurt Thomas, and Yi Zhou: Understanding the Mirai Botnet. USENIX Security Symposium, 2017
Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Anders Fogh, Jann Horn, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, and Mike Hamburg: Meltdown: Reading Kernel Memory from User Space. USENIX Security Symposium, 2018
Ari Juels and Burton S. Kaliski Jr.: Pors: proofs of retrievability for large files. ACM Conference on Computer and Communications Security (CCS), 2007
Loi Luu, Duc-Hiep Chu, Hrishi Olickel, Prateek Saxena, and Aquinas Hobor: Making Smart Contracts Smarter. ACM Conference on Computer and Communications Security (CCS), 2016
Eli Ben-Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer, and Madars Virza: Zerocash: Decentralized Anonymous Payments from Bitcoin. IEEE Symposium on Security and Privacy (S&P), 2014
Martín Abadi, Mihai Budiu, Úlfar Erlingsson, and Jay Ligatti: Control-flow integrity. ACM Conference on Computer and Communications Security (CCS), 2005
Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak N. Patel, Tadayoshi Kohno, Stephen Checkoway, Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham, and Stefan Savage: Experimental Security Analysis of a Modern Automobile. IEEE Symposium on Security and Privacy (S&P), 2010
Donggang Liu and Peng Ning: Establishing pairwise keys in distributed sensor networks. ACM Conference on Computer and Communications Security (CCS), 2003
Florian Tramèr, Fan Zhang, Ari Juels, Michael K. Reiter, and Thomas Ristenpart: Stealing Machine Learning Models via Prediction APIs. USENIX Security Symposium, 2016
Payman Mohassel and Yupeng Zhang: SecureML: A System for Scalable Privacy-Preserving Machine Learning. IEEE Symposium on Security and Privacy (S&P), 2017
Crispin Cowan, Calton Pu, Dave Maier, Heather Hintony, Jonathan Walpole, Peat Bakke, Steve Beattie, Aaron Grier, Perry Wagle, and Qian Zhang: StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks. USENIX Security Symposium, 1998
James Newsome and Dawn Xiaodong Song: Dynamic Taint Analysis for Automatic Detection, Analysis, and SignatureGeneration of Exploits on Commodity Software. Network and Distributed System Security Symposium (NDSS), 2005
Robin Sommer and Vern Paxson: Outside the Closed World: On Using Machine Learning for Network Intrusion Detection. IEEE Symposium on Security and Privacy (S&P), 2010
Stephen Checkoway, Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham, Stefan Savage, Karl Koscher, Alexei Czeskis, Franziska Roesner, and Tadayoshi Kohno: Comprehensive Experimental Analyses of Automotive Attack Surfaces. USENIX Security Symposium, 2011
Weilin Xu, David Evans, and Yanjun Qi: Feature Squeezing: Detecting Adversarial Examples in Deep Neural Networks. Network and Distributed System Security Symposium (NDSS), 2018
Blaise Gassend, Dwaine E. Clarke, Marten van Dijk, and Srinivas Devadas: Silicon physical random functions. ACM Conference on Computer and Communications Security (CCS), 2002
Steven M. Bellovin and Michael Merritt: Encrypted key exchange: password-based protocols secure against dictionary attacks. IEEE Symposium on Security and Privacy (S&P), 1992
Tal Garfinkel and Mendel Rosenblum: A Virtual Machine Introspection Based Architecture for Intrusion Detection. Network and Distributed System Security Symposium (NDSS), 2003
Arthur Gervais, Ghassan O. Karame, Karl Wüst, Vasileios Glykantzis, Hubert Ritzdorf, and Srdjan Capkun: On the Security and Performance of Proof of Work Blockchains. ACM Conference on Computer and Communications Security (CCS), 2016
Luca Melis, Congzheng Song, Emiliano De Cristofaro, and Vitaly Shmatikov: Exploiting Unintended Feature Leakage in Collaborative Learning. IEEE Symposium on Security and Privacy (S&P), 2019
Adrienne Porter Felt, Erika Chin, Steve Hanna, Dawn Song, and David A. Wagner: Android permissions demystified. ACM Conference on Computer and Communications Security (CCS), 2011
Giuseppe Ateniese, Kevin Fu, Matthew Green, and Susan Hohenberger: Improved Proxy Re-Encryption Schemes with Applications to Secure Distributed Storage. Network and Distributed System Security Symposium (NDSS), 2005
Mahmood Sharif, Sruti Bhagavatula, Lujo Bauer, and Michael K. Reiter: Accessorize to a Crime: Real and Stealthy Attacks on State-of-the-Art Face Recognition. ACM Conference on Computer and Communications Security (CCS), 2016
Ian T. Foster, Carl Kesselman, Gene Tsudik, and Steven Tuecke: A Security Architecture for Computational Grids. ACM Conference on Computer and Communications Security (CCS), 1998
Wenke Lee, Salvatore J. Stolfo, and Kui W. Mok: A Data Mining Framework for Building Intrusion Detection Models. IEEE Symposium on Security and Privacy (S&P), 1999
Hovav Shacham: The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86). ACM Conference on Computer and Communications Security (CCS), 2007
David D. Clark and D. R. Wilson: A Comparison of Commercial and Military Computer Security Policies. IEEE Symposium on Security and Privacy (S&P), 1987
Oleg Sheyner, Joshua W. Haines, Somesh Jha, Richard Lippmann, and Jeannette M. Wing: Automated Generation and Analysis of Attack Graphs. IEEE Symposium on Security and Privacy (S&P), 2002
Min Du, Feifei Li, Guineng Zheng, and Vivek Srikumar: DeepLog: Anomaly Detection and Diagnosis from System Logs through Deep Learning. ACM Conference on Computer and Communications Security (CCS), 2017
Joseph Bonneau, Andrew Miller, Jeremy Clark, Arvind Narayanan, Joshua A. Kroll, and Edward W. Felten: SoK: Research Perspectives and Challenges for Bitcoin and Cryptocurrencies. IEEE Symposium on Security and Privacy (S&P), 2015
J. Alex Halderman, Seth D. Schoen, Nadia Heninger, William Clarkson, William Paul, Joseph A. Calandrino, Ariel J. Feldman, Jacob Appelbaum, and Edward W. Felten: Lest We Remember: Cold Boot Attacks on Encryption Keys. USENIX Security Symposium, 2008
Christina Warrender, Stephanie Forrest, and Barak A. Pearlmutter: Detecting Intrusions using System Calls: Alternative Data Models. IEEE Symposium on Security and Privacy (S&P), 1999
C. Christopher Erway, Alptekin Küpçü, Charalampos Papamanthou, and Roberto Tamassia: Dynamic provable data possession. ACM Conference on Computer and Communications Security (CCS), 2009
Loi Luu, Viswesh Narayanan, Chaodong Zheng, Kunal Baweja, Seth Gilbert, and Prateek Saxena: A Secure Sharding Protocol For Open Blockchains. ACM Conference on Computer and Communications Security (CCS), 2016
Bolun Wang, Yuanshun Yao, Shawn Shan, Huiying Li, Bimal Viswanath, Haitao Zheng, and Ben Y. Zhao: Neural Cleanse: Identifying and Mitigating Backdoor Attacks in Neural Networks. IEEE Symposium on Security and Privacy (S&P), 2019
Patrice Godefroid, Michael Y. Levin, and David A. Molnar: Automated Whitebox Fuzz Testing. Network and Distributed System Security Symposium (NDSS), 2008
Paul F. Syverson, David M. Goldschlag, and Michael G. Reed: Anonymous Connections and Onion Routing. IEEE Symposium on Security and Privacy (S&P), 1997
Reiner Sailer, Xiaolan Zhang, Trent Jaeger, and Leendert van Doorn: Design and Implementation of a TCG-based Integrity Measurement Architecture. USENIX Security Symposium, 2004
Benedikt Bünz, Jonathan Bootle, Dan Boneh, Andrew Poelstra, Pieter Wuille, and Gregory Maxwell: Bulletproofs: Short Proofs for Confidential Transactions and More. IEEE Symposium on Security and Privacy (S&P), 2018
Cristian Cadar, Vijay Ganesh, Peter M. Pawlowski, David L. Dill, and Dawson R. Engler: EXE: automatically generating inputs of death. ACM Conference on Computer and Communications Security (CCS), 2006
Minghong Fang, Xiaoyu Cao, Jinyuan Jia, and Neil Zhenqiang Gong: Local Model Poisoning Attacks to Byzantine-Robust Federated Learning. USENIX Security Symposium, 2020
Miguel E. Andrés, Nicolás Emilio Bordenabe, Konstantinos Chatzikokolakis, and Catuscia Palamidessi: Geo-indistinguishability: differential privacy for location-based systems. ACM Conference on Computer and Communications Security (CCS), 2013
Rafail Ostrovsky, Amit Sahai, and Brent Waters: Attribute-based encryption with non-monotonic access structures. ACM Conference on Computer and Communications Security (CCS), 2007
Eleftherios Kokoris-Kogias, Philipp Jovanovic, Linus Gasser, Nicolas Gailly, Ewa Syta, and Bryan Ford: OmniLedger: A Secure, Scale-Out, Decentralized Ledger via Sharding. IEEE Symposium on Security and Privacy (S&P), 2018
Qian Wang, Cong Wang, Jin Li, Kui Ren, and Wenjing Lou: Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing. European Symposium on Research in Computer Security (ESORICS), 2009
Dongyu Meng and Hao Chen: MagNet: A Two-Pronged Defense against Adversarial Examples. ACM Conference on Computer and Communications Security (CCS), 2017
Samuel Yeom, Irene Giacomelli, Matt Fredrikson, and Somesh Jha: Privacy Risk in Machine Learning: Analyzing the Connection to Overfitting. IEEE Computer Security Foundations Symposium (CSF), 2018
Joseph Bonneau, Cormac Herley, Paul C. van Oorschot, and Frank Stajano: The Quest to Replace Passwords: A Framework for Comparative Evaluation of Web Authentication Schemes. IEEE Symposium on Security and Privacy (S&P), 2012
Jo Van Bulck, Marina Minkin, Ofir Weisse, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Thomas F. Wenisch, Yuval Yarom, and Raoul Strackx: Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution. USENIX Security Symposium, 2018
Richard Lippmann, Joshua W. Haines, David J. Fried, Jonathan Korba, and Kumar Das: Analysis and Results of the 1999 DARPA Off-Line Intrusion Detection Evaluation. International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 2000
Ian Miers, Christina Garman, Matthew Green, and Aviel D. Rubin: Zerocoin: Anonymous Distributed E-Cash from Bitcoin. IEEE Symposium on Security and Privacy (S&P), 2013
Yisroel Mirsky, Tomer Doitshman, Yuval Elovici, and Asaf Shabtai: Kitsune: An Ensemble of Autoencoders for Online Network Intrusion Detection. Network and Distributed System Security Symposium (NDSS), 2018
Yan Shoshitaishvili, Ruoyu Wang, Christopher Salls, Nick Stephens, Mario Polino, Andrew Dutcher, John Grosen, Siji Feng, Christophe Hauser, Christopher Krügel, and Giovanni Vigna: SOK: (State of) The Art of War: Offensive Techniques in Binary Analysis. IEEE Symposium on Security and Privacy (S&P), 2016
William Enck, Machigar Ongtang, and Patrick D. McDaniel: On lightweight mobile phone application certification. ACM Conference on Computer and Communications Security (CCS), 2009