This webpage is an attempt to assemble a ranking of top-cited security papers from the 1990s. The ranking has been created based on citations of papers published at top security conferences. More details are available here.
Top-cited papers from 1999 ⌄
1
Ari Juels and Martin Wattenberg: A Fuzzy Commitment Scheme. ACM Conference on Computer and Communications Security (CCS), 1999
Wenke Lee, Salvatore J. Stolfo, and Kui W. Mok: A Data Mining Framework for Building Intrusion Detection Models. IEEE Symposium on Security and Privacy (S&P), 1999
Christina Warrender, Stephanie Forrest, and Barak A. Pearlmutter: Detecting Intrusions using System Calls: Alternative Data Models. IEEE Symposium on Security and Privacy (S&P), 1999
Richard Lippmann, Robert K. Cunningham, David J. Fried, Isaac Graf, Kris R. Kendall, Seth E. Webster, and Marc A. Zissman: Results of the DARPA 1998 Offline Intrusion Detection Evaluation. International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 1999
Ian Jermyn, Alain J. Mayer, Fabian Monrose, Michael K. Reiter, and Aviel D. Rubin: The Design and Analysis of Graphical Passwords. USENIX Security Symposium, 1999
Ari Juels and John G. Brainard: Client Puzzles: A Cryptographic Countermeasure Against Connection Depletion Attacks. Network and Distributed System Security Symposium (NDSS), 1999
Fabian Monrose, Michael K. Reiter, and Susanne Wetzel: Password Hardening Based on Keystroke Dynamics. ACM Conference on Computer and Communications Security (CCS), 1999
John P. McDermott and Chris Fox: Using Abuse Case Models for Security Requirements Analysis. Annual Computer Security Applications Conference (ACSAC), 1999
Crispin Cowan, Calton Pu, Dave Maier, Heather Hintony, Jonathan Walpole, Peat Bakke, Steve Beattie, Aaron Grier, Perry Wagle, and Qian Zhang: StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks. USENIX Security Symposium, 1998
Ian T. Foster, Carl Kesselman, Gene Tsudik, and Steven Tuecke: A Security Architecture for Computational Grids. ACM Conference on Computer and Communications Security (CCS), 1998
J. S. Balasubramaniyan, J. O. Garcia-Fernandez, D. Isacoff, Eugene H. Spafford, and Diego Zamboni: An Architecture for Intrusion Detection Using Autonomous Agents. Annual Computer Security Applications Conference (ACSAC), 1998
Terran Lane and Carla E. Brodley: Temporal Sequence Learning and Data Reduction for Anomaly Detection. ACM Conference on Computer and Communications Security (CCS), 1998
F. Javier Thayer, Jonathan C. Herzog, and Joshua D. Guttman: Strand Spaces: Why is a Security Protocol Correct? IEEE Symposium on Security and Privacy (S&P), 1998
George I. Davida, Yair Frankel, and Brian J. Matt: On Enabling Secure Applications Through Off-Line Biometric Identification. IEEE Symposium on Security and Privacy (S&P), 1998
Martín Abadi and Andrew D. Gordon: A Calculus for Cryptographic Protocols: The Spi Calculus. ACM Conference on Computer and Communications Security (CCS), 1997
William A. Arbaugh, David J. Farber, and Jonathan M. Smith: A Secure and Reliable Bootstrap Architecture. IEEE Symposium on Security and Privacy (S&P), 1997
Paul F. Syverson, David M. Goldschlag, and Michael G. Reed: Anonymous Connections and Onion Routing. IEEE Symposium on Security and Privacy (S&P), 1997
Christoph L. Schuba, Ivan Krsul, Markus G. Kuhn, Eugene H. Spafford, Aurobindo Sundaram, and Diego Zamboni: Analysis of a Denial of Service Attack on TCP. IEEE Symposium on Security and Privacy (S&P), 1997
John C. Mitchell, Mark Mitchell, and Ulrich Stern: Automated analysis of cryptographic protocols using Mur-phi. IEEE Symposium on Security and Privacy (S&P), 1997
Sushil Jajodia, Pierangela Samarati, and V. S. Subrahmanian: A Logical Language for Expressing Authorizations. IEEE Symposium on Security and Privacy (S&P), 1997
N. Asokan, Matthias Schunter, and Michael Waidner: Optimistic Protocols for Fair Exchange. ACM Conference on Computer and Communications Security (CCS), 1997
Stephanie Forrest, Steven A. Hofmeyr, Anil Somayaji, and Thomas A. Longstaff: A Sense of Self for Unix Processes. IEEE Symposium on Security and Privacy (S&P), 1996
Michael Steiner, Gene Tsudik, and Michael Waidner: Diffie-Hellman Key Distribution Extended to Group Communication. ACM Conference on Computer and Communications Security (CCS), 1996
Ian Goldberg, David A. Wagner, Randi Thomas, and Eric A. Brewer: A Secure Environment for Untrusted Helper Applications. USENIX Security Symposium, 1996
Patrik D'haeseleer, Stephanie Forrest, and Paul Helman: An Immunological Approach to Change Detection: Algorithms, Analysis and Implications. IEEE Symposium on Security and Privacy (S&P), 1996
Drew Dean, Edward W. Felten, and Dan S. Wallach: Java Security: From HotJava to Netscape and Beyond. IEEE Symposium on Security and Privacy (S&P), 1996
William M. Farmer, Joshua D. Guttman, and Vipin Swarup: Security for Mobile Agents: Authentication and State Appraisal. European Symposium on Research in Computer Security (ESORICS), 1996
Matthew K. Franklin and Michael K. Reiter: The design and implementation of a secure auction service. IEEE Symposium on Security and Privacy (S&P), 1995
Lee Badger, Daniel F. Sterne, David L. Sherman, Kenneth M. Walker, and Sheila A. Haghighat: Practical Domain and Type Enforcement for UNIX. IEEE Symposium on Security and Privacy (S&P), 1995
Lee Badger, Daniel F. Sterne, David L. Sherman, Kenneth M. Walker, and Sheila A. Haghighat: A Domain and Type Enforcement UNIX Prototype. USENIX Security Symposium, 1995
Tony Ballardie and Jon Crowcroft: Multicast-specific security threats and counter-measures. Network and Distributed System Security Symposium (NDSS), 1995
Stephanie Forrest, Alan S. Perelson, Lawrence Allen, and Rajesh Cherukuri: Self-nonself discrimination in a computer. IEEE Symposium on Security and Privacy (S&P), 1994
Thomas Beth, Malte Borcherding, and Birgit Klein: Valuation of Trust in Open Networks. European Symposium on Research in Computer Security (ESORICS), 1994
Gene H. Kim and Eugene H. Spafford: The Design and Implementation of Tripwire: A File System Integrity Checker. ACM Conference on Computer and Communications Security (CCS), 1994
John McLean: A general theory of composition for trace sets closed under selective interleaving functions. IEEE Symposium on Security and Privacy (S&P), 1994
Michael K. Reiter: Secure Agreement Protocols: Reliable and Atomic Group Multicast in Rampart. ACM Conference on Computer and Communications Security (CCS), 1994
Calvin Ko, George Fink, and Karl N. Levitt: Automated detection of vulnerabilities in privileged programs by execution monitoring. Annual Computer Security Applications Conference (ACSAC), 1994
Jean-Paul Boly, Antoon Bosselaers, Ronald Cramer, Rolf Michelsen, Stig Fr. Mjølsnes, Frank Muller, Torben P. Pedersen, Birgit Pfitzmann, Peter de Rooij, Berry Schoenmakers, Matthias Schunter, Luc Vallée, and Michael Waidner: The ESPRIT Project CAFE - High Security Digital Payment Systems. European Symposium on Research in Computer Security (ESORICS), 1994
Mihir Bellare and Phillip Rogaway: Random Oracles are Practical: A Paradigm for Designing Efficient Protocols. ACM Conference on Computer and Communications Security (CCS), 1993
Steven M. Bellovin and Michael Merritt: Augmented Encrypted Key Exchange: A Password-Based Protocol Secure against Dictionary Attacks and Password File Compromise. ACM Conference on Computer and Communications Security (CCS), 1993
Raphael Yahalom, Birgit Klein, and Thomas Beth: Trust relationships in secure systems-a distributed authentication perspective. IEEE Symposium on Security and Privacy (S&P), 1993
Myong H. Kang and Ira S. Moskowitz: A Pump for Rapid, Reliable, Secure Communication. ACM Conference on Computer and Communications Security (CCS), 1993
Steven M. Bellovin and Michael Merritt: Encrypted key exchange: password-based protocols secure against dictionary attacks. IEEE Symposium on Security and Privacy (S&P), 1992
Hervé Debar, Monique Becker, and Didier Siboni: A neural network component for an intrusion detection system. IEEE Symposium on Security and Privacy (S&P), 1992
Phillip A. Porras and Richard A. Kemmerer: Penetration state transition analysis: A rule-based intrusion detection approach. Annual Computer Security Applications Conference (ACSAC), 1992
Naji Habra, Baudouin Le Charlier, Abdelaziz Mounji, and Isabelle Mathieu: ASAX: Software Architecture and Rule-Based Language for Universal Audit Trail Analysis. European Symposium on Research in Computer Security (ESORICS), 1992
Refik Molva, Gene Tsudik, Els Van Herreweghen, and Stefano Zatti: KryptoKnight Authentication and Key Distribution System. European Symposium on Research in Computer Security (ESORICS), 1992
Vijay Varadharajan, Phillip Allen, and Stewart Black: An Analysis of the Proxy Problem in Distributed Systems. IEEE Symposium on Security and Privacy (S&P), 1991
Henry S. Teng, Kaihu Chen, and Stephen C. Y. Lu: Adaptive Real-Time Anomaly Detection Using Inductively Generated Sequential Patterns. IEEE Symposium on Security and Privacy (S&P), 1990
Morrie Gasser and Ellen McDermott: An Architecture for Practical Delegation in a Distributed System. IEEE Symposium on Security and Privacy (S&P), 1990
Catherine D. McCollum, J. R. Messing, and LouAnna Notargiacomo: Beyond the Pale of MAC and DAC-Defining New Forms of Access Control. IEEE Symposium on Security and Privacy (S&P), 1990
Paul A. Karger, Mary Ellen Zurko, Douglas W. Bonin, Andrew H. Mason, and Clifford E. Kahn: A VMM Security Kernel for the VAX Architecture. IEEE Symposium on Security and Privacy (S&P), 1990
Janice I. Glasgow, Glenn H. MacEwen, and Prakash Panangaden: A Logic for Reasoning about Security. IEEE Computer Security Foundations Symposium (CSF), 1990