This webpage is an attempt to assemble a ranking of top-cited papers from the area of computer security. The ranking has been created based on citations of papers published at top security conferences. More details are available here.
Absolute citations are not necessarily a good indicator for the impact of a paper, as the number of citations usually grows with the age of a paper. The following list shows an alternative ranking, where the citations are normalized by the age of each paper.
Top 100 papers normalized by age ⌄
1
Xinyue Shen, Zeyuan Chen, Michael Backes, Yun Shen, and Yang Zhang: "Do Anything Now": Characterizing and Evaluating In-The-Wild Jailbreak Prompts on Large Language Models. ACM Conference on Computer and Communications Security (CCS), 2024
Gelei Deng, Yi Liu, Yuekang Li, Kailong Wang, Ying Zhang, Zefeng Li, Haoyu Wang, Tianwei Zhang, and Yang Liu: MASTERKEY: Automated Jailbreaking of Large Language Model Chatbots. Network and Distributed System Security Symposium (NDSS), 2024
Martín Abadi, Andy Chu, Ian J. Goodfellow, H. Brendan McMahan, Ilya Mironov, Kunal Talwar, and Li Zhang: Deep Learning with Differential Privacy. ACM Conference on Computer and Communications Security (CCS), 2016
Mihir Bellare and Phillip Rogaway: Random Oracles are Practical: A Paradigm for Designing Efficient Protocols. ACM Conference on Computer and Communications Security (CCS), 1993
Nicholas Carlini, Jamie Hayes, Milad Nasr, Matthew Jagielski, Vikash Sehwag, Florian Tramèr, Borja Balle, Daphne Ippolito, and Eric Wallace: Extracting Training Data from Diffusion Models. USENIX Security Symposium, 2023
Vipul Goyal, Omkant Pandey, Amit Sahai, and Brent Waters: Attribute-based encryption for fine-grained access control of encrypted data. ACM Conference on Computer and Communications Security (CCS), 2006
Reza Shokri, Marco Stronati, Congzheng Song, and Vitaly Shmatikov: Membership Inference Attacks Against Machine Learning Models. IEEE Symposium on Security and Privacy (S&P), 2017
Nicholas Carlini, Matthew Jagielski, Christopher A. Choquette-Choo, Daniel Paleka, Will Pearce, Hyrum S. Anderson, Andreas Terzis, Kurt Thomas, and Florian Tramèr: Poisoning Web-Scale Training Datasets is Practical. IEEE Symposium on Security and Privacy (S&P), 2024
Stephanie Forrest, Alan S. Perelson, Lawrence Allen, and Rajesh Cherukuri: Self-nonself discrimination in a computer. IEEE Symposium on Security and Privacy (S&P), 1994
Paul Kocher, Jann Horn, Anders Fogh, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, and Yuval Yarom: Spectre Attacks: Exploiting Speculative Execution. IEEE Symposium on Security and Privacy (S&P), 2019
Nicolas Papernot, Patrick D. McDaniel, Somesh Jha, Matt Fredrikson, Z. Berkay Celik, and Ananthram Swami: The Limitations of Deep Learning in Adversarial Settings. IEEE European Symposium on Security and Privacy (EuroS&P), 2016
Nicolas Papernot, Patrick D. McDaniel, Ian J. Goodfellow, Somesh Jha, Z. Berkay Celik, and Ananthram Swami: Practical Black-Box Attacks against Machine Learning. ACM Asia Conference on Computer and Communications Security (AsiaCCS), 2017
Dawn Xiaodong Song, David A. Wagner, and Adrian Perrig: Practical Techniques for Searches on Encrypted Data. IEEE Symposium on Security and Privacy (S&P), 2000
Matt Fredrikson, Somesh Jha, and Thomas Ristenpart: Model Inversion Attacks that Exploit Confidence Information and Basic Countermeasures. ACM Conference on Computer and Communications Security (CCS), 2015
Nicholas Carlini, Steve Chien, Milad Nasr, Shuang Song, Andreas Terzis, and Florian Tramèr: Membership Inference Attacks From First Principles. IEEE Symposium on Security and Privacy (S&P), 2022
Kushal Babel, Andrey Chursin, George Danezis, Anastasios Kichidis, Lefteris Kokoris-Kogias, Arun Koshy, Alberto Sonnino, and Mingwei Tian: Mysticeti: Reaching the Latency Limits with Uncertified DAGs. Network and Distributed System Security Symposium (NDSS), 2025
Wen-jie Lu, Zhicong Huang, Zhen Gu, Jingyu Li, Jian Liu, Cheng Hong, Kui Ren, Tao Wei, and Wenguang Chen: BumbleBee: Secure Two-party Inference Framework for Large Transformers. Network and Distributed System Security Symposium (NDSS), 2025
Kallista A. Bonawitz, Vladimir Ivanov, Ben Kreuter, Antonio Marcedone, H. Brendan McMahan, Sarvar Patel, Daniel Ramage, Aaron Segal, and Karn Seth: Practical Secure Aggregation for Privacy-Preserving Machine Learning. ACM Conference on Computer and Communications Security (CCS), 2017
Steven M. Bellovin and Michael Merritt: Encrypted key exchange: password-based protocols secure against dictionary attacks. IEEE Symposium on Security and Privacy (S&P), 1992
Nicolas Papernot, Patrick D. McDaniel, Xi Wu, Somesh Jha, and Ananthram Swami: Distillation as a Defense to Adversarial Perturbations Against Deep Neural Networks. IEEE Symposium on Security and Privacy (S&P), 2016
Lucas Bourtoule, Varun Chandrasekaran, Christopher A. Choquette-Choo, Hengrui Jia, Adelin Travers, Baiwu Zhang, David Lie, and Nicolas Papernot: Machine Unlearning. IEEE Symposium on Security and Privacy (S&P), 2021
Giuseppe Ateniese, Randal C. Burns, Reza Curtmola, Joseph Herring, Lea Kissner, Zachary N. J. Peterson, and Dawn Xiaodong Song: Provable data possession at untrusted stores. ACM Conference on Computer and Communications Security (CCS), 2007
Ruijie Meng, Martin Mirchev, Marcel Böhme, and Abhik Roychoudhury: Large Language Model guided Protocol Fuzzing. Network and Distributed System Security Symposium (NDSS), 2024
Yao Liu, Michael K. Reiter, and Peng Ning: False data injection attacks against state estimation in electric power grids. ACM Conference on Computer and Communications Security (CCS), 2009
Minghong Fang, Xiaoyu Cao, Jinyuan Jia, and Neil Zhenqiang Gong: Local Model Poisoning Attacks to Byzantine-Robust Federated Learning. USENIX Security Symposium, 2020
Hammond Pearce, Benjamin Tan, Baleegh Ahmad, Ramesh Karri, and Brendan Dolan-Gavitt: Examining Zero-Shot Vulnerability Repair with Large Language Models. IEEE Symposium on Security and Privacy (S&P), 2023
Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Anders Fogh, Jann Horn, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, and Mike Hamburg: Meltdown: Reading Kernel Memory from User Space. USENIX Security Symposium, 2018
Daniel Arp, Michael Spreitzenbarth, Malte Hubner, Hugo Gascon, and Konrad Rieck: DREBIN: Effective and Explainable Detection of Android Malware in Your Pocket. Network and Distributed System Security Symposium (NDSS), 2014
Laurent Eschenauer and Virgil D. Gligor: A key-management scheme for distributed sensor networks. ACM Conference on Computer and Communications Security (CCS), 2002
Luca Melis, Congzheng Song, Emiliano De Cristofaro, and Vitaly Shmatikov: Exploiting Unintended Feature Leakage in Collaborative Learning. IEEE Symposium on Security and Privacy (S&P), 2019
Andy Zhou, Xiaojun Xu, Ramesh Raghunathan, Alok Lal, Xinze Guan, Bin Yu, and Bo Li: KnowGraph: Knowledge-Enabled Anomaly Detection via Logical Reasoning on Graph Data. ACM Conference on Computer and Communications Security (CCS), 2024
Eli Ben-Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer, and Madars Virza: Zerocash: Decentralized Anonymous Payments from Bitcoin. IEEE Symposium on Security and Privacy (S&P), 2014
Stephanie Forrest, Steven A. Hofmeyr, Anil Somayaji, and Thomas A. Longstaff: A Sense of Self for Unix Processes. IEEE Symposium on Security and Privacy (S&P), 1996
Ahmed E. Kosba, Andrew Miller, Elaine Shi, Zikai Wen, and Charalampos Papamanthou: Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts. IEEE Symposium on Security and Privacy (S&P), 2016
Reza Curtmola, Juan A. Garay, Seny Kamara, and Rafail Ostrovsky: Searchable symmetric encryption: improved definitions and efficient constructions. ACM Conference on Computer and Communications Security (CCS), 2006
Manos Antonakakis, Tim April, Michael D. Bailey, Matt Bernhard, Elie Bursztein, Jaime Cochran, Zakir Durumeric, J. Alex Halderman, Luca Invernizzi, Michalis Kallitsis, Deepak Kumar, Chaz Lever, Zane Ma, Joshua Mason, Damian Menscher, Chad Seaman, Nick Sullivan, Kurt Thomas, and Yi Zhou: Understanding the Mirai Botnet. USENIX Security Symposium, 2017
Yuchen Yang, Bo Hui, Haolin Yuan, Neil Gong, and Yinzhi Cao: SneakyPrompt: Jailbreaking Text-to-image Generative Models. IEEE Symposium on Security and Privacy (S&P), 2024
Alessandro Acquisti and Ralph Gross: Imagined Communities: Awareness, Information Sharing, and Privacy on the Facebook. International Symposium on Privacy Enhancing Technologies (PETS), 2006
Xiaoyu Cao, Minghong Fang, Jia Liu, and Neil Zhenqiang Gong: FLTrust: Byzantine-robust Federated Learning via Trust Bootstrapping. Network and Distributed System Security Symposium (NDSS), 2021
Weilin Xu, David Evans, and Yanjun Qi: Feature Squeezing: Detecting Adversarial Examples in Deep Neural Networks. Network and Distributed System Security Symposium (NDSS), 2018
Bolun Wang, Yuanshun Yao, Shawn Shan, Huiying Li, Bimal Viswanath, Haitao Zheng, and Ben Y. Zhao: Neural Cleanse: Identifying and Mitigating Backdoor Attacks in Neural Networks. IEEE Symposium on Security and Privacy (S&P), 2019
Xinlei He, Xinyue Shen, Zeyuan Chen, Michael Backes, and Yang Zhang: MGTBench: Benchmarking Machine-Generated Text Detection. ACM Conference on Computer and Communications Security (CCS), 2024
Nibesh Shrestha, Rohan Shrothrium, Aniket Kate, and Kartik Nayak: Sailfish: Towards Improving the Latency of DAG-Based BFT. IEEE Symposium on Security and Privacy (S&P), 2025
Thomas Ristenpart, Eran Tromer, Hovav Shacham, and Stefan Savage: Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. ACM Conference on Computer and Communications Security (CCS), 2009
Loi Luu, Duc-Hiep Chu, Hrishi Olickel, Prateek Saxena, and Aquinas Hobor: Making Smart Contracts Smarter. ACM Conference on Computer and Communications Security (CCS), 2016
Ari Juels and Burton S. Kaliski Jr.: Pors: proofs of retrievability for large files. ACM Conference on Computer and Communications Security (CCS), 2007
Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak N. Patel, Tadayoshi Kohno, Stephen Checkoway, Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham, and Stefan Savage: Experimental Security Analysis of a Modern Automobile. IEEE Symposium on Security and Privacy (S&P), 2010
Haowen Chan, Adrian Perrig, and Dawn Xiaodong Song: Random Key Predistribution Schemes for Sensor Networks. IEEE Symposium on Security and Privacy (S&P), 2003
Saad Ullah, Mingji Han, Saurabh Pujar, Hammond Pearce, Ayse K. Coskun, and Gianluca Stringhini: LLMs Cannot Reliably Identify and Reason About Security Vulnerabilities (Yet?): A Comprehensive Evaluation, Framework, and Benchmarks. IEEE Symposium on Security and Privacy (S&P), 2024
Payman Mohassel and Yupeng Zhang: SecureML: A System for Scalable Privacy-Preserving Machine Learning. IEEE Symposium on Security and Privacy (S&P), 2017
Daniel Arp, Erwin Quiring, Feargus Pendlebury, Alexander Warnecke, Fabio Pierazzi, Christian Wressnegger, Lorenzo Cavallaro, and Konrad Rieck: Dos and Don'ts of Machine Learning in Computer Security. USENIX Security Symposium, 2022
Nils Lukas, Ahmed Salem, Robert Sim, Shruti Tople, Lukas Wutschitz, and Santiago Zanella Béguelin: Analyzing Leakage of Personally Identifiable Information in Language Models. IEEE Symposium on Security and Privacy (S&P), 2023
Robin Sommer and Vern Paxson: Outside the Closed World: On Using Machine Learning for Network Intrusion Detection. IEEE Symposium on Security and Privacy (S&P), 2010
Stephen Checkoway, Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham, Stefan Savage, Karl Koscher, Alexei Czeskis, Franziska Roesner, and Tadayoshi Kohno: Comprehensive Experimental Analyses of Automotive Attack Surfaces. USENIX Security Symposium, 2011
Florian Tramèr, Fan Zhang, Ari Juels, Michael K. Reiter, and Thomas Ristenpart: Stealing Machine Learning Models via Prediction APIs. USENIX Security Symposium, 2016
Martín Abadi, Mihai Budiu, Úlfar Erlingsson, and Jay Ligatti: Control-flow integrity. ACM Conference on Computer and Communications Security (CCS), 2005
Joseph Bonneau, Andrew Miller, Jeremy Clark, Arvind Narayanan, Joshua A. Kroll, and Edward W. Felten: SoK: Research Perspectives and Challenges for Bitcoin and Cryptocurrencies. IEEE Symposium on Security and Privacy (S&P), 2015
Phillip A. Porras and Richard A. Kemmerer: Penetration state transition analysis: A rule-based intrusion detection approach. Annual Computer Security Applications Conference (ACSAC), 1992
Shawn Shan, Wenxin Ding, Josephine Passananti, Stanley Wu, Haitao Zheng, and Ben Y. Zhao: Nightshade: Prompt-Specific Poisoning Attacks on Text-to-Image Generative Models. IEEE Symposium on Security and Privacy (S&P), 2024
Vale Tolpegin, Stacey Truex, Mehmet Emre Gursoy, and Ling Liu: Data Poisoning Attacks Against Federated Learning Systems. European Symposium on Research in Computer Security (ESORICS), 2020
Wenke Lee, Salvatore J. Stolfo, and Kui W. Mok: A Data Mining Framework for Building Intrusion Detection Models. IEEE Symposium on Security and Privacy (S&P), 1999
Zhiyuan Yu, Xiaogeng Liu, Shunning Liang, Zach Cameron, Chaowei Xiao, and Ning Zhang: Don't Listen To Me: Understanding and Exploring Jailbreak Prompts of Large Language Models. USENIX Security Symposium, 2024
Nicholas Carlini, Chang Liu, Úlfar Erlingsson, Jernej Kos, and Dawn Song: The Secret Sharer: Evaluating and Testing Unintended Memorization in Neural Networks. USENIX Security Symposium, 2019
Franziska Boenisch, Adam Dziedzic, Roei Schuster, Ali Shahin Shamsabadi, Ilia Shumailov, and Nicolas Papernot: When the Curious Abandon Honesty: Federated Learning Is Not Private. IEEE European Symposium on Security and Privacy (EuroS&P), 2023
Philip Daian, Steven Goldfeder, Tyler Kell, Yunqi Li, Xueyuan Zhao, Iddo Bentov, Lorenz Breidenbach, and Ari Juels: Flash Boys 2.0: Frontrunning in Decentralized Exchanges, Miner Extractable Value, and Consensus Instability. IEEE Symposium on Security and Privacy (S&P), 2020
Thomas Beth, Malte Borcherding, and Birgit Klein: Valuation of Trust in Open Networks. European Symposium on Research in Computer Security (ESORICS), 1994
James Newsome and Dawn Xiaodong Song: Dynamic Taint Analysis for Automatic Detection, Analysis, and SignatureGeneration of Exploits on Commodity Software. Network and Distributed System Security Symposium (NDSS), 2005
Adrienne Porter Felt, Erika Chin, Steve Hanna, Dawn Song, and David A. Wagner: Android permissions demystified. ACM Conference on Computer and Communications Security (CCS), 2011
David D. Clark and D. R. Wilson: A Comparison of Commercial and Military Computer Security Policies. IEEE Symposium on Security and Privacy (S&P), 1987
Crispin Cowan, Calton Pu, Dave Maier, Heather Hintony, Jonathan Walpole, Peat Bakke, Steve Beattie, Aaron Grier, Perry Wagle, and Qian Zhang: StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks. USENIX Security Symposium, 1998
Neil Perry, Megha Srivastava, Deepak Kumar, and Dan Boneh: Do Users Write More Insecure Code with AI Assistants? ACM Conference on Computer and Communications Security (CCS), 2023
Arthur Gervais, Ghassan O. Karame, Karl Wüst, Vasileios Glykantzis, Hubert Ritzdorf, and Srdjan Capkun: On the Security and Performance of Proof of Work Blockchains. ACM Conference on Computer and Communications Security (CCS), 2016
Yi Zeng, Minzhou Pan, Hoang Anh Just, Lingjuan Lyu, Meikang Qiu, and Ruoxi Jia: Narcissus: A Practical Clean-Label Backdoor Attack with Limited Information. ACM Conference on Computer and Communications Security (CCS), 2023
Ye Liu, Yue Xue, Daoyuan Wu, Yuqiang Sun, Yi Li, Miaolei Shi, and Yang Liu: PropertyGPT: LLM-driven Formal Verification of Smart Contracts through Retrieval-Augmented Property Generation. Network and Distributed System Security Symposium (NDSS), 2025
Min Du, Feifei Li, Guineng Zheng, and Vivek Srikumar: DeepLog: Anomaly Detection and Diagnosis from System Logs through Deep Learning. ACM Conference on Computer and Communications Security (CCS), 2017
Christina Warrender, Stephanie Forrest, and Barak A. Pearlmutter: Detecting Intrusions using System Calls: Alternative Data Models. IEEE Symposium on Security and Privacy (S&P), 1999
Alexander Warnecke, Lukas Pirch, Christian Wressnegger, and Konrad Rieck: Machine Unlearning of Features and Labels. Network and Distributed System Security Symposium (NDSS), 2023
Benedikt Bünz, Jonathan Bootle, Dan Boneh, Andrew Poelstra, Pieter Wuille, and Gregory Maxwell: Bulletproofs: Short Proofs for Confidential Transactions and More. IEEE Symposium on Security and Privacy (S&P), 2018
Matthew K. Franklin and Michael K. Reiter: The design and implementation of a secure auction service. IEEE Symposium on Security and Privacy (S&P), 1995
Ahmed Salem, Rui Wen, Michael Backes, Shiqing Ma, and Yang Zhang: Dynamic Backdoor Attacks Against Machine Learning Models. IEEE European Symposium on Security and Privacy (EuroS&P), 2022
