Category Archives: Meta

2017 in numbers

As a follow-up to last year’s post, a quick personal note on my scholar profile. As of now, second week of January 2018, my publications reached 1001 citations according to Google scholar (vs. 700 at this time last year/ 500 two years ago). Google scholar currently lists 53 publications (vs. 43 last year, most peer-reviewed), and one US patent. Our first GPS paper currently has 203 cites. My h-index has increased to 15 (from 11), my i10-index is currently 18, from ~12 last year.

Semantic scholar stopped listing total citation numbers for profiles. I noted they revised/reduced my citation estimate for 2016 quite a bit, down to 111 (was >200 before). They still indicate how many papers were strongly influenced by my work (54), compared to 7 in previous year.

Scopus lists generally lower numbers (e.g. only 39 publications, ~450 citations), but they provide a number of co-authors: 66.

Other numbers for 2017: Github lists 450 commits to repositories (after 807 in 2016). I received 16,285 mails on my university account (after removal of spam). Per working day, that would make around 64 mails. I sent 4,733 mails (~19 per working day). Both numbers are quite close to my 2016/2015 statistics.

Google’s Security Conference/Journal ranking 2017

As a follow up to the two previous posts on the topic, here is the version with the newly released 2017 metrics data. It provides a ranking of journals and conferences in different fields, and uses the h5 metric, “the number n of papers that were released in the last 5 years, and had at least n citations”. Google also now added a “Classic Papers” category for papers (link) – but there was essentially nothing in that which I recognized.

Based on the h5 metric, the following ranking for security conferences and journals is generated here:

  1. ACM Symposium on Computer and Communications Security (71)
  2. IEEE Symposium on Security and Privacy (68, +1 position)
  3. IEEE Transactions on Information Forensics and Security (67, -1 position)
  4. USENIX Conference on Security (61)
  5. Network and Distributed System Security Symposium (NDSS) (56)
  6. International Conference on Cryptology (CRYPTO) (53)
  7. Annual International Conference on Theory and Applications of Cryptographic Techniques (EUROCRYPT) (53)
  8. ArXiv (see discussion)
  9. Computers & Security (40,+4 positions)
  10. IEEE Transactions on Dependable and Secure Computing (38)
  11. International Conference on The Theory and Application of Cryptology and Information Security (ASIACRYPT) (36)
  12. International Conference on Financial Cryptography and Data Security (35, not in top 15 last year)
  13. Theory of cryptography (34)
  14. Workshop on Cryptographic Hardware and Embedded Systems (CHES) (33)
  15. ACM Symposium on Information, Computer and Communications Security (ASIACCS) (31)

Some other honourable mentions where I published before, am involved, or consider submitting:

  1. Conference of the IEEE Computer and Communications Societies (INFOCOM) (80)
  2. Computer Networks (54)
  3. International Conference on Mobile systems, applications, and services (MOBISYS) (47)
  4. Annual International Conference on Mobile computing and networking (Mobicom) (45)
  5. International Conference on Dependable Systems and Networks (DSN) (32)
  6. ACM Symposium on Applied Computing (SAC) (32, but only small security track)
  7. Annual Computer Security Applications Conference (ACSAC) (29)
  8. European Conference on Research in Computer Security (ESORICS) (28)
  9. ACM conference on Data and Application Security and Privacy (CODASPY) (25)
  10. International Conference on Cyber-Physical Systems (ICCPS) (23)
  11. Wireless Network Security (WISEC) (21)
  12. Symposium on Research in Attacks, Intrusions and Defenses (RAID) (19)
  13. IFIP TC 11 International Conference on ICT Systems Security and Privacy Protection (IFIP Sec) (18)
  14. IEEE High Assurance Systems Engineering Symposium, (HASE) (14)
  15. Network and Systems Security (NSS) (13)
  16. IEEE International Conferences on Internet of Things, and Cyber, Physical and Social Computing (CPSCom) (13)
  17. Conference on Cryptology and Network Security (CANS) (13)
  18. Conference on Formal Engineering Methods (ICFEM) (12)
  19. Conference on Security and Privacy in Communication Networks (SecureComm) (10)

There are some interesting observations I made from the ranking (updated from last iteration):

  1. The h5 index of the top venues increased by about 5-9 points, with S&P returning to place 2. For CCS, this is definitely expected, as the number of submissions/accepted papers has increased significantly in the last 5 years.
  2. Computer & Security joined the other two journals in the top ten list
  3. Financial Cryptography and Data Security makes its first entry into top 15, probably due to Bitcoin/blockchain/smart contract related content and FinTec
  4. ArXiv is in the list, but can hardly be counted as “peer reviewed”.
  5. 5 of the top 14 venues (w/o Arxiv) have a strong crypto focus, further limiting the options for general security papers to be published at.
  6. Google also publishes a h5-median score, which indicates the median citation count of the publications included in the h5 computation. This somewhat gives a nice indication on how many citations you could expect for your publications in the conference, after five years. For the top 10 venues, this is between 60 and 110, for top 10-20 between 40 and 65
  7. Clearly, for h5 it helps to accept more papers (see ArXiv and Infocom rank). It would be great to award selectivity somehow, for example by dividing by number of accepted papers. Unfortunately, that information is not directly available (see here).

See also: aminer conference ranking, CORE2014 conference ranking

 

SVN over SSH

Disclaimer: might only be interesting to SVN users

I use SVN for my personal documents, research and teaching material. I finally got around to configure the server in what I expect to be a secure and usuable setup for multiple users. In particular, I am now using SSH for authentication, without giving users a shell or requiring software like apache to be installed. The setup is super easy, and I would like to thank this blog for the detailed and helpful instructions. In the end, you just create SSH public/private keys for your SVN users, add an additional dummy linux user, set up the keys in that user’s SSH config in a specific way, and create corresponding SVN users with dummy passwords. Then, everything works out of the box. Way better than going with plain SVN or using monsters like apache. It only took 10 years to realize that this is possible ūüėČ

Google’s Security Conference/Journal ranking 2016

As a follow up to last year’s post on the topic, here is the version with the newly released 2016 metrics data. It provides a ranking of journals and conferences in different fields, and uses the h5 metric, “the number n of papers that were released in the last 5 years, and had at least n citations”.

Based on the h5 metric, the following ranking for security conferences and journals is generated here:

  1. ACM Symposium on Computer and Communications Security (62, +1 position)
  2. IEEE Transactions on Information Forensics and Security  (61, +2 positions)
  3. IEEE Symposium on Security and Privacy    (59, -2 positions)
  4. USENIX Conference on Security    (56)
  5. Network and Distributed System Security Symposium (NDSS)    (51)
  6. International Conference on Cryptology (CRYPTO) (51)
  7. Annual International Conference on Theory and Applications of Cryptographic Techniques (EUROCRYPT)    (50)
  8. ArXiv (see discussion)
  9. IEEE Transactions on Dependable and Secure Computing    (41)
  10. Theory of cryptography (36)
  11. International Conference on The Theory and Application of Cryptology and Information Security (ASIACRYPT)    (36)
  12. Workshop on Cryptographic Hardware and Embedded Systems (CHES) (33)
  13. Computers & Security (32)
  14. ACM Symposium on Information, Computer and Communications Security (ASIACCS) (31)

Some other honourable mentions where I published before, am involved, or consider submitting:

  1. Conference of the IEEE Computer and Communications Societies (INFOCOM) (80)
  2. Computer Networks (50)
  3. International Conference on Mobile systems, applications, and services  (MOBISYS)  (46)
  4. Annual International Conference on Mobile computing and networking (Mobicom) (44)
  5. Annual Computer Security Applications Conference (ACSAC) (29)
  6. International Conference on Dependable Systems and Networks (DSN) (28)
  7. European Conference on Research in Computer Security (ESORICS) (26)
  8. ACM conference on Data and Application Security and Privacy (CODASPY) (24)
  9. Wireless Network Security (WISEC) (22)
  10. Symposium on Research in Attacks, Intrusions and Defenses (RAID) (20)
  11. Conference on Formal Engineering Methods (ICFEM) (15)
  12. IFIP TC 11 International Conference on ICT Systems Security and Privacy Protection (IFIP Sec) (14)
  13. Network and Systems Security (NSS) (14)
  14. IEEE International Conferences on Internet of Things, and Cyber, Physical and Social Computing (CPSCom) (13)
  15. IEEE High Assurance Systems Engineering Symposium, (HASE) (13)

There are some interesting observations I made from the ranking (updated from last iteration):

  1. Oakland lost 2 positions to CCS and the best journal (Trans. Inf. Forens. & Sec.). NDSS gained 4 positions (with lots of Android themed publications it seems).
  2. There are only two journals in the top ten list (like last year)
  3. ArXiv is in the list, but can hardly be counted as “peer reviewed”.
  4. 5 of the top 11 venues (w/o Arxiv) have a strong crypto focus, further limiting the options for general security papers to be published at.
  5. Google also publishes a h5-median score, which indicates the median citation count of the publications included in the h5 computation. This somewhat gives a nice indication on how many citations you could expect for your publications in the conference, after five years. For the top 10 venues, this is between 60 and 100, for top 10-20 between 40 and 50
  6. Clearly, for h5 it helps to accept more papers (see ArXiv and Infocom rank). It would be great to award selectivity somehow, for example by dividing by number of accepted papers. Unfortunately, that information is not directly available (see here).
  7. Again, I checked for the placing of my papers in the conferences’ respective “last 5 year highscore”. My GPS paper at CCS is the venue’s top 27 paper of the last 5 years. My IFIP wireless days paper is the most cited of that venue for the last 5 years. Our Wireless signal manipulation paper is in Top 20 of Esorics.

See also: aminer conference ranking, CORE2014 conference ranking

 

Searching Google Scholar for institution publications/profiles

I recently discovered that you can also use Google scholar to search for all articles hosted by an institution, and all faculty members with a Scholar profile at that institution. The trick is to use the institution domain name in the search. Examples: all faculty at SUTD, and all articles hosted by SUTD. Disclaimer: for faculty the search actually matches the registered email addresses, so those in the profile should be the official email addresses. Similarly, the paper must be made available on a website of the domain to be found.

Google’s Security Conference/Journal ranking

Google Scholar just released their 2015 version of Metrics. It provides a ranking of journals and conferences in different fields, and uses the h5 metric, “the number n of papers that were released in the last 5 years, and had at least n citations”.

Based on the h5 metric, the following ranking for security conferences and journals is generated here:

  1. IEEE Symposium on Security and Privacy    (58)
  2. ACM Symposium on Computer and Communications Security (58)
  3. IEEE Transactions on Information Forensics and Security    (55)
  4. USENIX Conference on Security    (50)
  5. Conference on Advances in cryptology (CRYPTO)   49
  6. Annual International Conference on Theory and Applications of Cryptographic Techniques (EUROCRYPT)    (48)
  7. IEEE Transactions on Dependable and Secure Computing    (48)
  8. Network and Distributed System Security Symposium (NDSS)    (44)
  9. ArXiv (see discussion)
  10. International Conference on The Theory and Application of Cryptology and Information Security (ASIACRYPT)    (35)

Some other honorable mentions where I published before:

  1. European Conference on Research in Computer Security (ESORICS) (24)
  2. Wireless Network Security (WISEC) (22)
  3. International Conference on Mobile systems, applications, and services  (MOBICOM)  (49)

There are some interesting observations I made from the ranking:

  1. Oakland and CCS are ranked higher than the best journal (Trans. Inf. Forens. & Sec.)
  2. There are only two journals in the top ten list.
  3. ArXiv is in the list, but can hardly be counted as “peer reviewed”.
  4. Several of the top 20 items have a strong crypto focus, further limiting the options for general security papers to be published at
  5. Google also publishes a h5-median score, which indicates the median citation count of the publications included in the h5 computation. This somewhat gives a nice indication on how many citations you could expect for your publications in the conference, after five years. For the top 10 venues, this is between 70 and 100, for top 10-20 between 40 and 70
  6. Clearly, for h5 it helps to accept more papers (see ArXiv rank). It would be great to award selectivity somehow.
  7. Based on the Google Metrics page, it is now easily possible to find how well a publication performed relatively to other publications at the same venue. I found it interesting to check for some of my publications (e.g. my GPS paper at CCS is within the Top40 papers of the last 5 years). My paper at the Workshop on Positioning, Navigation and Communication is the top 3 most cited in the last 5 years.
Related rankings

References to related rankings: LIPN, A*STAR.

LIPN ranking of security conferences: CCS (A*), Advances in Crypto (A*), EUROCRYPT (A*), ACSAC (A), ASIACRYPT (A), CSF (A), ESORICS (A), Financial Cryptography (A),  NDSS (A), S&P(A), SecureCom (A), Usenix Sec (A), AsiaCCS (B), IFIP Security (B)

Most other security conferences of level B or lower are not known to me, level C includes a lot of workshops as well. Notably, WiSec is not in the ranking (yet?)