OOIR: Observatory of International Research

Papers

(The TQCC of IEEE Security & Privacy is 1. The table below lists those papers that are above that threshold based on CrossRef citation counts [max. 250 papers]. The publications cover those that have been published in the past four years, i.e., from 2020-11-01 to 2024-11-01.)

Article	Citations
A Taxonomy of Attacks on Federated Learning	115
Perspectives on the SolarWinds Incident	45
Top Five Challenges in Software Supply Chain Security: Observations From 30 Industry and Government Organizations	33
A Critical Overview of Privacy in Machine Learning	31
Zero Trust Architecture: Does It Help?	21
Understanding the Security Implications of Kubernetes Networking	21
Challenges and Opportunities in Cyberphysical Systems Security: A Physics-Based Perspective	19
Privacy Regulations, Smart Roads, Blockchain, and Liability Insurance: Putting Technologies to Work	19
Data Privacy and Trustworthy Machine Learning	18
Privacy in the Time of COVID-19: Divergent Paths for Contact Tracing and Route-Disclosure Mechanisms in South Korea	18
Security and Privacy in Internet of Things-Enabled Smart Cities: Challenges and Future Directions	17
An Informative Security and Privacy “Nutrition” Label for Internet of Things Devices	17
Software Bills of Materials Are Required. Are We There Yet?	17
Time to Change the CVSS?	17
Tamarin: Verification of Large-Scale, Real-World, Cryptographic Protocols	16
Are We Preparing Students to Build Security In? A Survey of European Cybersecurity in Higher Education Programs [Education]	16
Never Mind the Malware, Here’s the Stegomalware	15
Dealing With COVID-19 Network Traffic Spikes [Cybercrime and Forensics]	15
Beyond Passwords—Challenges and Opportunities of Future Authentication	13
SolarWinds and the Challenges of Patching: Can We Ever Stop Dancing With the Devil?	13
Phishing Detection Leveraging Machine Learning and Deep Learning: A Review	13
Verify It’s You: How Users Perceive Risk-Based Authentication	12
Different Kind of Smells: Security Smells in Infrastructure as Code Scripts	12
Threat Modeling Tools: A Taxonomy	12
Cyberassured Systems Engineering at Scale	11

Toward Cybersecurity Personalization in Smart Homes	11
Machine Learning for Source Code Vulnerability Detection: What Works and What Isn’t There Yet	11
Secure Messaging Authentication Ceremonies Are Broken	10
Security Verification of the OpenTitan Hardware Root of Trust	10
Attacks on Artificial Intelligence [Last Word]	9
Backdoors Against Natural Language Processing: A Review	9
Embedding Privacy Into Design Through Software Developers: Challenges and Solutions	9
The Ransomware Threat to Energy-Delivery Systems	9
Challenges in Cryptography	9
The State of the Art in Integer Factoring and Breaking Public-Key Cryptography	8
Detecting Spying Drones	8
Equity and Privacy: More Than Just a Tradeoff	8
Parental Controls: Safer Internet Solutions or New Pitfalls?	8
Privacy in a Time of COVID-19: How Concerned Are You?	7
A Real-Time Cosimulation Testbed for Electric Vehicle Charging and Smart Grid Security	7
Online Log Data Analysis With Efficient Machine Learning: A Review	7
Privacy for the People? Exploring Collective Action as a Mechanism to Shift Power to Consumers in End-User Privacy	7
Certificate Transparency in Google Chrome: Past, Present, and Future	7
The Challenges of Software Cybersecurity Certification [Building Security In]	6
End-to-End Security: When Do We Have It?	6
Dispelling Misconceptions and Characterizing the Failings of Deepfake Detection	6
Disinformation and Reflections From Usable Security	6
Complex Encoded Tile Tensors: Accelerating Encrypted Analytics	6
A Decade of Reoccurring Software Weaknesses	6
Privacy-Preserving and Sustainable Contact Tracing Using Batteryless Bluetooth Low-Energy Beacons	6
Sphynx: A Deep Neural Network Design for Private Inference	6
Medical Device Forensics	6
Computing on Encrypted Data	5
Privacy Compliance: Can Technology Come to the Rescue?	5
Challenges of Producing Software Bill of Materials for Java	5
Credit Card Fraud Is a Computer Security Problem	5
Are Machine Learning Models for Malware Detection Ready for Prime Time?	5
Road Traffic Poisoning of Navigation Apps: Threats and Countermeasures	5
The Advanced Encryption Standard: 20 Years Later	5
Citizens’ Cybersecurity Behavior: Some Major Challenges	5
Toward Hardware Security Property Generation at Scale	5
OpenSSF Scorecard: On the Path Toward Ecosystem-Wide Automated Security Metrics	5
Practical Attacks on Machine Learning: A Case Study on Adversarial Windows Malware	5
Nudging Software Developers Toward Secure Code	5
Security for Shared Electric and Automated Mobility Services in Smart Cities	5
The United Kingdom’s Cyber Security Degree Certification Program: A Cyber Security Body of Knowledge Case Study	5
Electric Sheep on the Pastures of Disinformation and Targeted Phishing Campaigns: The Security Implications of ChatGPT	5
Challenges and Opportunities for Beyond-5G Wireless Security	5
Seven Pain Points of Threat Analysis and Risk Assessment in the Automotive Domain	5
“Free” as in Freedom to Protest?	4
Integrating Cybersecurity and Artificial Intelligence Research in Engineering and Computer Science Education	4
Exploring the Shift in Security Responsibility	4
Technical Leverage: Dependencies Are a Mixed Blessing	4
Problematic Privacy Policies of Voice Assistant Applications	4
Lessons Learned on Machine Learning for Computer Security	4

Wake Up Digital Forensics’ Community and Help Combat Ransomware	4
Trusting Trust: Humans in the Software Supply Chain Loop	4
Rectification of Syntactic and Semantic Privacy Mechanisms	4
Automated Privacy Preferences for Smart Home Data Sharing Using Personal Data Stores	4
Whack-a-Meltdown: Microarchitectural Security Games [Systems Attacks and Defenses]	4
Is Vulnerability Report Confidence Redundant? Pitfalls Using Temporal Risk Scores	4
Security and Privacy for Edge Artificial Intelligence	3
Demystifying Android’s Scoped Storage Defense	3
Distributed Self-Sovereign-Based Access Control System	3
A Cybersecurity Moonshot	3
Security Issues in Situational Awareness: Adversarial Threats and Mitigation Techniques	3
Cybersecurity Advocates: Force Multipliers in Security Behavior Change	3
A Self-Healing Mechanism for Internet of Things Devices	3
Action Bias and the Two Most Dangerous Words in Cybersecurity Incident Response: An Argument for More Measured Incident Response	3
The Data Protection Officer: A Ubiquitous Role That No One Really Knows	3
What We Have Here Is Failure to Validate: Summer of LangSec	3
The Seven Golden Principles of Effective Anomaly-Based Intrusion Detection	3
Forensic Event Analysis: From Seemingly Unrelated Data to Understanding	3
End-to-End Verifiable E-Voting Trial for Polling Station Voting	3
Contextual Integrity, Explained: A More Usable Privacy Definition	3
Current Perspectives on Securing Critical Infrastructures’ Supply Chains	3
Privacy in the Era of 5G, IoT, Big Data, and Machine Learning	3
Online Attack Recovery in Cyberphysical Systems	3
Reconfigurable Digital Twin to Support Research, Education, and Training in the Defense of Critical Infrastructure	3
Decentralized Public-Key Infrastructure With Blockchain in V2X Communications: Promising or Only Euphoria?	3
(In)secure Smart Device Use Among Senior Citizens	3
Machine Learning Security and Privacy	3
Katie Moussouris: Vulnerability Disclosure and Security Workforce Development	2
Blind Spots of Security Monitoring in Enterprise Infrastructures: A Survey	2
Investigative Techniques for the De-Anonymization of Hidden Services	2
Formal Methods at Scale	2
The Rise of Cybercrime and Cyber-Threat Intelligence: Perspectives and Challenges From Law Enforcement	2
Incident Response as a Lawyers’ Service	2
Being the Developers’ Friend: Our Experience Developing a High-Precision Tool for Secure Coding	2
AI Code Generators for Security: Friend or Foe?	2
What’s Driving Conflicts Around Differential Privacy for the U.S. Census	2
Cybersecurity During COVID-19	2
Security Policy Audits: Why and How	2
Balancing Public Health and Civil Liberties: Privacy Aspects of Contact-Tracing Technologies	2
A View of Security as 20 Subject Areas in Four Themes	2
Supporting Artificial Intelligence/Machine Learning Security Workers Through an Adversarial Techniques, Tools, and Common Knowledge Framework	2
What Will It Take?	2
Developing With Formal Methods at BedRock Systems, Inc.	2
Modeling Large-Scale Manipulation in Open Stock Markets	2
Journey to the Center of Software Supply Chain Attacks	2
Opportunities and Challenges in Securing Critical Infrastructures Through Cryptography	2
Memory Protection Keys: Facts, Key Extension Perspectives, and Discussions	2
Courseware as Code: Instituting Agile Courseware Collaboration	2
Usable Security and Privacy for Security and Privacy Workers	2
Preserving Privacy in the Globalized Smart Home: The SIFIS-Home Project	2
Ransomware-Bitcoin Threat Intelligence Sharing Using Structured Threat Information Expression	2
A Review of the Privacy-Enhancing Technologies Software Market	2
Driving Cybersecurity Policy Insights From Information on the Internet	2
The People Who Live in Glass Houses Are Happy the Stones Weren't Thrown at Them [From the Editors]	2
Personal IoT Privacy Control at the Edge	2
Measures to Ensure Cybersecurity of Industrial Enterprises: A Legal Perspective	2
Deepfake Detection in Super-Recognizers and Police Officers	2
Formally Verifying Industry Cryptography	2
Coevolution of Security’s Body of Knowledge and Curricula	2
Trusted Execution Environments for Telecoms: Strengths, Weaknesses, Opportunities, and Threats	2
It Lurks Within: A Look at the Unexpected Security Implications of Compliance Programs	1
A Maturity Spectrum for Data Institutions	1
CLARK: A Design Science Research Project for Building and Sharing High-Quality Cybersecurity Curricula	1
How Are Industrial Control Systems Insecure by Design? A Deeper Insight Into Real-World Programmable Logic Controllers	1
IEEE Computer Society Information	1
Trust Me, I’m a Liar	1
NIST’s Post-Quantum Cryptography Standards Competition	1
On Bridges and Software	1
CrawlPhish: Large-Scale Analysis of Client-Side Cloaking Techniques in Phishing	1
A Viewpoint on the Societal Impact of Everyday Augmented Reality and the Need for Perceptual Human Rights	1
Synthetic Data: Methods, Use Cases, and Risks	1
A Research Road Map for Building Secure and Resilient Software-Intensive Systems	1
Reflections on the Past, Perspectives on the Future [From the Editors]	1
Memory Errors and Memory Safety: A Look at Java and Rust	1
Open Source and Trust	1
The Ethical Smart Home: Perspectives and Guidelines	1
Authentication of Voice Commands by Leveraging Vibrations in Wearables	1
Shockvertising, Malware, and a Lack of Accountability: Exploring Consumer Risks of Virtual Reality Advertisements and Marketing Experiences	1
They Would Do Better If They Worked Together: Interaction Problems Between Password Managers and the Web	1
Large-Language-Model-Powered Agent-Based Framework for Misinformation and Disinformation Research: Opportunities and Open Challenges	1

Memory Errors and Memory Safety: C as a Case Study	1
Robot Hacking Games	1
Known Vulnerabilities of Open Source Projects: Where Are the Fixes?	1
What Has Artifact Evaluation Ever Done for Us?	1
Cryptographic Standards in the Post-Quantum Era	1
Defensive Technology Use During the 2018-2019 Sudanese Revolution	1
Toward Unseating the Unsafe C Programming Language	1
Augmenting Security and Privacy in the Virtual Realm: An Analysis of Extended Reality Devices	1
Dissecting the Industrial Control Systems Software Supply Chain	1
Toward Fail Safety for Security Decisions	1
Securing Bystander Privacy in Mixed Reality While Protecting the User Experience	1
Truth in Motion: The Unprecedented Risks and Opportunities of Extended Reality Motion Data	1
Power in Computer Security and Privacy: A Critical Lens	1
Do You Speak Cyber? Talking Security With Developers of Health Systems and Devices	1
Security and Privacy Issues of Home Globalization	1
Automating Recovery in Mixed Operation Technology/IT Critical Infrastructures	1
Dirty Metadata: Understanding A Threat to Online Privacy	1
Distributed Financial Exchanges: Security Challenges and Design Principles	1
VAULT-Style Risk-Limiting Audits and the Inyo County Pilot	1
Pseudo Ground-Truth Generators and Large-Scale Studies	1
Auto-Update Considered Harmful	1
Security and Privacy Research Artifacts: Are We Making Progress?	1
A Viewpoint on Knowing Software: Bill of Materials Quality When You See It	1
IEEE Career Center	1
Research and Industry Partnerships in Cybersecurity and Privacy Research: New Frontiers or Fueling the Tech Sector?	1
Nothing Is Good Enough: Fast and Cheap Are Undervalued as Influencers of Security Tool Adoption	1
Privacy Engineering From Principles to Practice: A Roadmap	1
42nd IEEE Symposium on Security & Privacy	1
Verifiable Sustainability in Data Centers	1
Security-Enhancing Digital Twins: Characteristics, Indicators, and Future Perspectives	1
A Systems Approach Toward Addressing Anonymous Abuses: Technical and Policy Considerations	1
Transient Execution Attacks	1