This webpage is an attempt to assemble a ranking of top-cited security papers from the 2010s. The ranking has been created based on citations of papers published at top security conferences. More details are available here.
Top-cited papers from 2019 ⌄
1
Paul Kocher, Jann Horn, Anders Fogh, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, and Yuval Yarom: Spectre Attacks: Exploiting Speculative Execution. IEEE Symposium on Security and Privacy (S&P), 2019
Luca Melis, Congzheng Song, Emiliano De Cristofaro, and Vitaly Shmatikov: Exploiting Unintended Feature Leakage in Collaborative Learning. IEEE Symposium on Security and Privacy (S&P), 2019
Milad Nasr, Reza Shokri, and Amir Houmansadr: Comprehensive Privacy Analysis of Deep Learning: Passive and Active White-box Inference Attacks against Centralized and Federated Learning. IEEE Symposium on Security and Privacy (S&P), 2019
Bolun Wang, Yuanshun Yao, Shawn Shan, Huiying Li, Bimal Viswanath, Haitao Zheng, and Ben Y. Zhao: Neural Cleanse: Identifying and Mitigating Backdoor Attacks in Neural Networks. IEEE Symposium on Security and Privacy (S&P), 2019
Nicholas Carlini, Chang Liu, Úlfar Erlingsson, Jernej Kos, and Dawn Song: The Secret Sharer: Evaluating and Testing Unintended Memorization in Neural Networks. USENIX Security Symposium, 2019
Mathias Lécuyer, Vaggelis Atlidakis, Roxana Geambasu, Daniel Hsu, and Suman Jana: Certified Robustness to Adversarial Examples with Differential Privacy. IEEE Symposium on Security and Privacy (S&P), 2019
Ahmed Salem, Yang Zhang, Mathias Humbert, Pascal Berrang, Mario Fritz, and Michael Backes: ML-Leaks: Model and Data Independent Membership Inference Attacks and Defenses on Machine Learning Models. Network and Distributed System Security Symposium (NDSS), 2019
Jinfeng Li, Shouling Ji, Tianyu Du, Bo Li, and Ting Wang: TextBugger: Generating Adversarial Text Against Real-world Applications. Network and Distributed System Security Symposium (NDSS), 2019
Victor Le Pochat, Tom van Goethem, Samaneh Tajalizadehkhoob, Maciej Korczynski, and Wouter Joosen: Tranco: A Research-Oriented Top Sites Ranking Hardened Against Manipulation. Network and Distributed System Security Symposium (NDSS), 2019
Weilin Xu, David Evans, and Yanjun Qi: Feature Squeezing: Detecting Adversarial Examples in Deep Neural Networks. Network and Distributed System Security Symposium (NDSS), 2018
Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Anders Fogh, Jann Horn, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, and Mike Hamburg: Meltdown: Reading Kernel Memory from User Space. USENIX Security Symposium, 2018
Jo Van Bulck, Marina Minkin, Ofir Weisse, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Thomas F. Wenisch, Yuval Yarom, and Raoul Strackx: Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution. USENIX Security Symposium, 2018
Eleftherios Kokoris-Kogias, Philipp Jovanovic, Linus Gasser, Nicolas Gailly, Ewa Syta, and Bryan Ford: OmniLedger: A Secure, Scale-Out, Decentralized Ledger via Sharding. IEEE Symposium on Security and Privacy (S&P), 2018
Benedikt Bünz, Jonathan Bootle, Dan Boneh, Andrew Poelstra, Pieter Wuille, and Gregory Maxwell: Bulletproofs: Short Proofs for Confidential Transactions and More. IEEE Symposium on Security and Privacy (S&P), 2018
Yisroel Mirsky, Tomer Doitshman, Yuval Elovici, and Asaf Shabtai: Kitsune: An Ensemble of Autoencoders for Online Network Intrusion Detection. Network and Distributed System Security Symposium (NDSS), 2018
Mahdi Zamani, Mahnush Movahedi, and Mariana Raykova: RapidChain: Scaling Blockchain via Full Sharding. ACM Conference on Computer and Communications Security (CCS), 2018
Petar Tsankov, Andrei Marian Dan, Dana Drachsler-Cohen, Arthur Gervais, Florian Bünzli, and Martin T. Vechev: Securify: Practical Security Analysis of Smart Contracts. ACM Conference on Computer and Communications Security (CCS), 2018
Kang Liu, Brendan Dolan-Gavitt, and Siddharth Garg: Fine-Pruning: Defending Against Backdooring Attacks on Deep Neural Networks. International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 2018
Reza Shokri, Marco Stronati, Congzheng Song, and Vitaly Shmatikov: Membership Inference Attacks Against Machine Learning Models. IEEE Symposium on Security and Privacy (S&P), 2017
Kallista A. Bonawitz, Vladimir Ivanov, Ben Kreuter, Antonio Marcedone, H. Brendan McMahan, Sarvar Patel, Daniel Ramage, Aaron Segal, and Karn Seth: Practical Secure Aggregation for Privacy-Preserving Machine Learning. ACM Conference on Computer and Communications Security (CCS), 2017
Manos Antonakakis, Tim April, Michael Bailey, Matt Bernhard, Elie Bursztein, Jaime Cochran, Zakir Durumeric, J. Alex Halderman, Luca Invernizzi, Michalis Kallitsis, Deepak Kumar, Chaz Lever, Zane Ma, Joshua Mason, Damian Menscher, Chad Seaman, Nick Sullivan, Kurt Thomas, and Yi Zhou: Understanding the Mirai Botnet. USENIX Security Symposium, 2017
Payman Mohassel and Yupeng Zhang: SecureML: A System for Scalable Privacy-Preserving Machine Learning. IEEE Symposium on Security and Privacy (S&P), 2017
Min Du, Feifei Li, Guineng Zheng, and Vivek Srikumar: DeepLog: Anomaly Detection and Diagnosis from System Logs through Deep Learning. ACM Conference on Computer and Communications Security (CCS), 2017
Briland Hitaj, Giuseppe Ateniese, and Fernando Pérez-Cruz: Deep Models Under the GAN: Information Leakage from Collaborative Deep Learning. ACM Conference on Computer and Communications Security (CCS), 2017
Dongyu Meng and Hao Chen: MagNet: A Two-Pronged Defense against Adversarial Examples. ACM Conference on Computer and Communications Security (CCS), 2017
Martín Abadi, Andy Chu, Ian J. Goodfellow, H. Brendan McMahan, Ilya Mironov, Kunal Talwar, and Li Zhang: Deep Learning with Differential Privacy. ACM Conference on Computer and Communications Security (CCS), 2016
Nicolas Papernot, Patrick D. McDaniel, Somesh Jha, Matt Fredrikson, Z. Berkay Celik, and Ananthram Swami: The Limitations of Deep Learning in Adversarial Settings. IEEE European Symposium on Security and Privacy (EuroS&P), 2016
Nicolas Papernot, Patrick D. McDaniel, Xi Wu, Somesh Jha, and Ananthram Swami: Distillation as a Defense to Adversarial Perturbations Against Deep Neural Networks. IEEE Symposium on Security and Privacy (S&P), 2016
Ahmed E. Kosba, Andrew Miller, Elaine Shi, Zikai Wen, and Charalampos Papamanthou: Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts. IEEE Symposium on Security and Privacy (S&P), 2016
Loi Luu, Duc-Hiep Chu, Hrishi Olickel, Prateek Saxena, and Aquinas Hobor: Making Smart Contracts Smarter. ACM Conference on Computer and Communications Security (CCS), 2016
Florian Tramèr, Fan Zhang, Ari Juels, Michael K. Reiter, and Thomas Ristenpart: Stealing Machine Learning Models via Prediction APIs. USENIX Security Symposium, 2016
Arthur Gervais, Ghassan O. Karame, Karl Wüst, Vasileios Glykantzis, Hubert Ritzdorf, and Srdjan Capkun: On the Security and Performance of Proof of Work Blockchains. ACM Conference on Computer and Communications Security (CCS), 2016
Mahmood Sharif, Sruti Bhagavatula, Lujo Bauer, and Michael K. Reiter: Accessorize to a Crime: Real and Stealthy Attacks on State-of-the-Art Face Recognition. ACM Conference on Computer and Communications Security (CCS), 2016
Loi Luu, Viswesh Narayanan, Chaodong Zheng, Kunal Baweja, Seth Gilbert, and Prateek Saxena: A Secure Sharding Protocol For Open Blockchains. ACM Conference on Computer and Communications Security (CCS), 2016
Yan Shoshitaishvili, Ruoyu Wang, Christopher Salls, Nick Stephens, Mario Polino, Andrew Dutcher, John Grosen, Siji Feng, Christophe Hauser, Christopher Krügel, and Giovanni Vigna: SOK: (State of) The Art of War: Offensive Techniques in Binary Analysis. IEEE Symposium on Security and Privacy (S&P), 2016
Matt Fredrikson, Somesh Jha, and Thomas Ristenpart: Model Inversion Attacks that Exploit Confidence Information and Basic Countermeasures. ACM Conference on Computer and Communications Security (CCS), 2015
Joseph Bonneau, Andrew Miller, Jeremy Clark, Arvind Narayanan, Joshua A. Kroll, and Edward W. Felten: SoK: Research Perspectives and Challenges for Bitcoin and Cryptocurrencies. IEEE Symposium on Security and Privacy (S&P), 2015
Amit Datta, Michael Carl Tschantz, and Anupam Datta: Automated Experiments on Ad Privacy Settings. Proceedings on Privacy Enhancing Technologies (PoPETS), 2015
Raphael Bost, Raluca Ada Popa, Stephen Tu, and Shafi Goldwasser: Machine Learning Classification over Encrypted Data. Network and Distributed System Security Symposium (NDSS), 2015
Yuanzhong Xu, Weidong Cui, and Marcus Peinado: Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems. IEEE Symposium on Security and Privacy (S&P), 2015
Daniel Demmler, Thomas Schneider, and Michael Zohner: ABY - A Framework for Efficient Mixed-Protocol Secure Two-Party Computation. Network and Distributed System Security Symposium (NDSS), 2015
Felix Schuster, Manuel Costa, Cédric Fournet, Christos Gkantsidis, Marcus Peinado, Gloria Mainar-Ruiz, and Mark Russinovich: VC3: Trustworthy Data Analytics in the Cloud Using SGX. IEEE Symposium on Security and Privacy (S&P), 2015
Daniel Arp, Michael Spreitzenbarth, Malte Hubner, Hugo Gascon, and Konrad Rieck: DREBIN: Effective and Explainable Detection of Android Malware in Your Pocket. Network and Distributed System Security Symposium (NDSS), 2014
Eli Ben-Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer, and Madars Virza: Zerocash: Decentralized Anonymous Payments from Bitcoin. IEEE Symposium on Security and Privacy (S&P), 2014
Matthew Fredrikson, Eric Lantz, Somesh Jha, Simon M. Lin, David Page, and Thomas Ristenpart: Privacy in Pharmacogenetics: An End-to-End Case Study of Personalized Warfarin Dosing. USENIX Security Symposium, 2014
Gunes Acar, Christian Eubank, Steven Englehardt, Marc Juarez, Arvind Narayanan, and Claudia Díaz: The Web Never Forgets: Persistent Tracking Mechanisms in the Wild. ACM Conference on Computer and Communications Security (CCS), 2014
David Cash, Joseph Jaeger, Stanislaw Jarecki, Charanjit S. Jutla, Hugo Krawczyk, Marcel-Catalin Rosu, and Michael Steiner: Dynamic Searchable Encryption in Very-Large Databases: Data Structures and Implementation. Network and Distributed System Security Symposium (NDSS), 2014
Eli Ben-Sasson, Alessandro Chiesa, Eran Tromer, and Madars Virza: Succinct Non-Interactive Zero Knowledge for a von Neumann Architecture. USENIX Security Symposium, 2014
Fabian Yamaguchi, Nico Golde, Daniel Arp, and Konrad Rieck: Modeling and Discovering Vulnerabilities with Code Property Graphs. IEEE Symposium on Security and Privacy (S&P), 2014
Alex Biryukov, Dmitry Khovratovich, and Ivan Pustogarov: Deanonymisation of Clients in Bitcoin P2P Network. ACM Conference on Computer and Communications Security (CCS), 2014
Miguel E. Andrés, Nicolás Emilio Bordenabe, Konstantinos Chatzikokolakis, and Catuscia Palamidessi: Geo-indistinguishability: differential privacy for location-based systems. ACM Conference on Computer and Communications Security (CCS), 2013
Ian Miers, Christina Garman, Matthew Green, and Aviel D. Rubin: Zerocoin: Anonymous Distributed E-Cash from Bitcoin. IEEE Symposium on Security and Privacy (S&P), 2013
Emil Stefanov, Marten van Dijk, Elaine Shi, Christopher W. Fletcher, Ling Ren, Xiangyao Yu, and Srinivas Devadas: Path ORAM: an extremely simple oblivious RAM protocol. ACM Conference on Computer and Communications Security (CCS), 2013
Seungwon Shin, Phillip A. Porras, Vinod Yegneswaran, Martin W. Fong, Guofei Gu, and Mabry Tyson: FRESCO: Modular Composable Security Services for Software-Defined Networks. Network and Distributed System Security Symposium (NDSS), 2013
Seungwon Shin, Vinod Yegneswaran, Phillip A. Porras, and Guofei Gu: AVANT-GUARD: scalable and vigilant switch flow management in software-defined networks. ACM Conference on Computer and Communications Security (CCS), 2013
Joseph Bonneau, Cormac Herley, Paul C. van Oorschot, and Frank Stajano: The Quest to Replace Passwords: A Framework for Comparative Evaluation of Web Authentication Schemes. IEEE Symposium on Security and Privacy (S&P), 2012
Seny Kamara, Charalampos Papamanthou, and Tom Roeder: Dynamic searchable symmetric encryption. ACM Conference on Computer and Communications Security (CCS), 2012
Yajin Zhou, Zhi Wang, Wu Zhou, and Xuxian Jiang: Hey, You, Get Off of My Market: Detecting Malicious Apps in Official and Alternative Android Markets. Network and Distributed System Security Symposium (NDSS), 2012
Lok-Kwong Yan and Heng Yin: DroidScope: Seamlessly Reconstructing the OS and Dalvik Semantic Views for Dynamic Android Malware Analysis. USENIX Security Symposium, 2012
Yinqian Zhang, Ari Juels, Michael K. Reiter, and Thomas Ristenpart: Cross-VM side channels and their use to extract private keys. ACM Conference on Computer and Communications Security (CCS), 2012
Kathy Wain Yee Au, Yi Fan Zhou, Zhen Huang, and David Lie: PScout: analyzing the Android permission specification. ACM Conference on Computer and Communications Security (CCS), 2012
Ghassan Karame, Elli Androulaki, and Srdjan Capkun: Double-spending fast payments in bitcoin. ACM Conference on Computer and Communications Security (CCS), 2012
Mohammad Saiful Islam, Mehmet Kuzu, and Murat Kantarcioglu: Access Pattern disclosure on Searchable Encryption: Ramification, Attack and Mitigation. Network and Distributed System Security Symposium (NDSS), 2012
Stephen Checkoway, Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham, Stefan Savage, Karl Koscher, Alexei Czeskis, Franziska Roesner, and Tadayoshi Kohno: Comprehensive Experimental Analyses of Automotive Attack Surfaces. USENIX Security Symposium, 2011
Adrienne Porter Felt, Erika Chin, Steve Hanna, Dawn Song, and David A. Wagner: Android permissions demystified. ACM Conference on Computer and Communications Security (CCS), 2011
Reza Shokri, George Theodorakopoulos, Jean-Yves Le Boudec, and Jean-Pierre Hubaux: Quantifying Location Privacy. IEEE Symposium on Security and Privacy (S&P), 2011
Shai Halevi, Danny Harnik, Benny Pinkas, and Alexandra Shulman-Peleg: Proofs of ownership in remote storage systems. ACM Conference on Computer and Communications Security (CCS), 2011
Leyla Bilge, Engin Kirda, Christopher Kruegel, and Marco Balduzzi: EXPOSURE: Finding Malicious Domains Using Passive DNS Analysis. Network and Distributed System Security Symposium (NDSS), 2011
Elaine Shi, T.-H. Hubert Chan, Eleanor Gilbert Rieffel, Richard Chow, and Dawn Song: Privacy-Preserving Aggregation of Time-Series Data. Network and Distributed System Security Symposium (NDSS), 2011
Adrienne Porter Felt, Helen J. Wang, Alexander Moshchuk, Steve Hanna, and Erika Chin: Permission Re-Delegation: Attacks and Defenses. USENIX Security Symposium, 2011
Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak N. Patel, Tadayoshi Kohno, Stephen Checkoway, Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham, and Stefan Savage: Experimental Security Analysis of a Modern Automobile. IEEE Symposium on Security and Privacy (S&P), 2010
Robin Sommer and Vern Paxson: Outside the Closed World: On Using Machine Learning for Network Intrusion Detection. IEEE Symposium on Security and Privacy (S&P), 2010
Ulrich Rührmair, Frank Sehnke, Jan Sölter, Gideon Dror, Srinivas Devadas, and Jürgen Schmidhuber: Modeling attacks on physical unclonable functions. ACM Conference on Computer and Communications Security (CCS), 2010
Edward J. Schwartz, Thanassis Avgerinos, and David Brumley: All You Ever Wanted to Know about Dynamic Taint Analysis and Forward Symbolic Execution (but Might Have Been Afraid to Ask). IEEE Symposium on Security and Privacy (S&P), 2010
Gianluca Stringhini, Christopher Kruegel, and Giovanni Vigna: Detecting spammers on social networks. Annual Computer Security Applications Conference (ACSAC), 2010
Jonathan M. McCune, Yanlin Li, Ning Qu, Zongwei Zhou, Anupam Datta, Virgil D. Gligor, and Adrian Perrig: TrustVisor: Efficient TCB Reduction and Attestation. IEEE Symposium on Security and Privacy (S&P), 2010
Stephen Checkoway, Lucas Davi, Alexandra Dmitrienko, Ahmad-Reza Sadeghi, Hovav Shacham, and Marcel Winandy: Return-oriented programming without returns. ACM Conference on Computer and Communications Security (CCS), 2010
Chris Grier, Kurt Thomas, Vern Paxson, and Chao Michael Zhang: @spam: the underground on 140 characters or less. ACM Conference on Computer and Communications Security (CCS), 2010
Zi Chu, Steven Gianvecchio, Haining Wang, and Sushil Jajodia: Who is tweeting on Twitter: human, bot, or cyborg? Annual Computer Security Applications Conference (ACSAC), 2010