[Ndss-tot-award] A couple Test of Time Award Nominations

David Balenson david.balenson at sri.com
Wed Jan 16 15:41:47 PST 2019


Hi Paul,

 

The list I sent as a Word file was all the papers (some with citation counts) presented at / published by NDSS during the years under consideration, 1995-2009. It was intended to provide a single source for people to consider. 

 

I also nominated two papers at that time (taint analysis and VMI) and this morning I suggested a third paper (buffer overrun). I also liked Trent’s suggestion of TESLA. I’m not sure about client puzzles. And, I happen to like your suggestion of SKEME – the kind of impact you described is exactly what we should ultimately be looking for.

 

I don’t recall your initial nominations. I think they may have come when we were still discussing the idea of having the ToT award. Perhaps you could resend them to be sure?

 

Thanks,

-DB

 

 

From: Ndss-tot-award <ndss-tot-award-bounces at elists.isoc.org> on behalf of Paul Syverson <paul.syverson at nrl.navy.mil>
Reply-To: NDSS Test of Time Award <ndss-tot-award at elists.isoc.org>
Date: Wednesday, January 16, 2019 at 6:06 PM
To: NDSS Test of Time Award <ndss-tot-award at elists.isoc.org>
Subject: Re: [Ndss-tot-award] A couple Test of Time Award Nominations

 

I know we already have a bunch of candidates. I had suggested a bunch

way back when, some of which are on the list of highly cited papers

Dave Balenson sent. I'll limit myself to arguing for just one

addition.  It's sort of reminiscent of Karen's point.

 

1996

SKEME: A Versatile Secure Key Exchange Mechanism for Internet

Hugo Krawczyk

 

It only has 361 citations but it is the

underlying protocol for IKE (whose RFC has 2453 citations besides

being a major influential Internet standard).

 

The only other 1996 candidate I see mentioned is Mixing Email with

Babel.  Ironically that is a paper that I'm sure I have cited more

than the SKEME paper, and it has had a bigger influence on my own

work. But if I am being honest with myself, SKEME is a much more

influential paper on modern computer security and on research, whether

the citations show it or not.

 

More broadly, I've lost the forest for the trees. Trent has asked for

people to submit votes by Friday. But I don't have a clear idea of the

specific list of nominations, and we were told we had until today to

make further nominations so how could we be voting already?  And are

all the papers that Dave gave in the citation count list nominated, or

were those just suggestions to consider and only the ones he called

out specifically nominated? If they're not all nominated, I might want

to argue to add a few of them as well (Client Puzzles  comes to mind).

 

Could someone provide a list of what exactly is currently nominated

and where we stand in the process?

 

aloha,

Paul

 

 

On Wed, Jan 16, 2019 at 05:20:49PM +0000, Jaeger, Trent Ray wrote:

I am also hoping not to vote - a few more folks need to submit their votes.  Either to me alone or the list.  Also, can adjust your vote, if you want, until voting closes - say Fr Jan 18.

A modest concern with TESLA paper is that that will result in one person being on two of the inaugural ToT papers, but  I do not think that is a huge deal.

Otherwise, I am supportive of that paper, as the domain is quite different than the other two.  The First Step paper is more of a static analysis paper (rather than a dynamic analysis or dynamic monitoring paper, but still in the software security domain).

Regards,

Trent.

----------------------------------------------

Trent Jaeger

Professor, CSE Department

Pennsylvania State University

W359 Westgate Bldg, University Park, PA 16802

Email: tjaeger at cse.psu.edu<mailto:tjaeger at cse.psu.edu>

Ph: (814) 865-1042, Fax: (814) 865-3176

URL: http://www.trentjaeger.com

On Jan 16, 2019, at 10:57 AM, Karen O'Donoghue <odonoghue at isoc.org<mailto:odonoghue at isoc.org>> wrote:

I am not on the committee and don’t really have a vote. However, in line with my original desire to show the impact of the paper beyond the number of academic citations, I’d like to see some details on the impact of each of these papers.

As such, I would strongly support the TESLA work and its impact on IETF standards. I know of a couple of activities that are currently ongoing that are leveraging TESLA.

Also, in putting out the announcement for the award, I’d like to be able to have a paragraph writeup about the impact of the paper beyond just the number of citations - so we are going to need to be able to articulate this information in the case of the awarded paper in any event.

Karen

On Jan 16, 2019, at 9:58 AM, David Balenson <david.balenson at sri.com<mailto:david.balenson at sri.com>> wrote:

Hi Trent,

   1.  I accept my recommendations ;-)

   2.  I vote for both my recommendations

   3.  I’m willing to support a third paper, esp. the one on source authentication, since I believe TESLA is specified in an Internet RFC and has had an impact. It’s not clear to me how prevalent client puzzles are as an implemented DoS mitigation?

   4.  One other paper we might consider is: A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities (918 cites). I’m not sure how much of an impact the work has had on today’s buffer overrun mitigation technologies?

Thanks,

-DB

From: Ndss-tot-award <ndss-tot-award-bounces at elists.isoc.org<mailto:ndss-tot-award-bounces at elists.isoc.org>> on behalf of "Jaeger, Trent Ray" <trj1 at psu.edu<mailto:trj1 at psu.edu>>

Reply-To: NDSS Test of Time Award <ndss-tot-award at elists.isoc.org<mailto:ndss-tot-award at elists.isoc.org>>

Date: Tuesday, January 15, 2019 at 8:14 PM

To: NDSS Test of Time Award <ndss-tot-award at elists.isoc.org<mailto:ndss-tot-award at elists.isoc.org>>

Subject: Re: [Ndss-tot-award] A couple Test of Time Award Nominations

Hi,

Shall we vote?

David nominated two papers.

2005 - Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software.

1749 cites

2003 - A Virtual Machine Introspection Based Architecture for Intrusion Detection.

1756 cites

Might we also want to consider networking/authentication papers.

1999 - Client Puzzles: A Cryptographic Countermeasure Against Connection Depletion Attacks

792 cites

2001 - Efficient and secure source authentication for multicast869 cites

So, the initial vote is:

(1) Do you accept David’s recommendations for ToT papers?

(2) If not do vote for either of his recommendations?

(3) Do you want to consider a third paper, such as the ones I selected above?

(4) Do you want to register a vote for any other paper?   Please identify those?

Regards,

Trent.

----------------------------------------------

Trent Jaeger

Professor, CSE Department

Pennsylvania State University

W359 Westgate Bldg, University Park, PA 16802

Email: tjaeger at cse.psu.edu<mailto:tjaeger at cse.psu.edu>

Ph: (814) 865-1042<tel:(814)%20865-1042>, Fax: (814) 865-3176<tel:(814)%20865-3176>

URL: http://www.trentjaeger.com<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.trentjaeger.com%2F&data=02%7C01%7Ctrj1%40psu.edu%7C83e2cc4e98854e03ba9b08d67bcb57c5%7C7cf48d453ddb4389a9c1c115526eb52e%7C0%7C0%7C636832510632419844&sdata=kvlRuoOYjNfn3%2Fm3V3Dg5TDReiTj2VmOkSW5fJNhQRs%3D&reserved=0>

Regards,

Trent.

----------------------------------------------

Trent Jaeger

Professor, CSE Department

Pennsylvania State University

W359 Westgate Bldg, University Park, PA 16802

Email: tjaeger at cse.psu.edu<mailto:tjaeger at cse.psu.edu>

Ph: (814) 865-1042, Fax: (814) 865-3176

URL: http://www.trentjaeger.com<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.trentjaeger.com&data=02%7C01%7Ctrj1%40psu.edu%7C83e2cc4e98854e03ba9b08d67bcb57c5%7C7cf48d453ddb4389a9c1c115526eb52e%7C0%7C0%7C636832510632419844&sdata=29tVNYiBAlDwZMGLtbYKH9QtMrfWuuKgHpDnfs0%2BAWo%3D&reserved=0>

--

Ndss-tot-award mailing list

Ndss-tot-award at elists.isoc.org<mailto:Ndss-tot-award at elists.isoc.org>

https://elists.isoc.org/mailman/listinfo/ndss-tot-award<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Felists.isoc.org%2Fmailman%2Flistinfo%2Fndss-tot-award&data=02%7C01%7Ctrj1%40psu.edu%7C83e2cc4e98854e03ba9b08d67bcb57c5%7C7cf48d453ddb4389a9c1c115526eb52e%7C0%7C0%7C636832510632419844&sdata=V7ARZAzRvg1LQPyOLcq4OIgGmKaotOWSDrwFEK81cxY%3D&reserved=0>

--

Ndss-tot-award mailing list

Ndss-tot-award at elists.isoc.org<mailto:Ndss-tot-award at elists.isoc.org>

https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Felists.isoc.org%2Fmailman%2Flistinfo%2Fndss-tot-award&data=02%7C01%7Ctrj1%40psu.edu%7C83e2cc4e98854e03ba9b08d67bcb57c5%7C7cf48d453ddb4389a9c1c115526eb52e%7C0%7C0%7C636832510632419844&sdata=V7ARZAzRvg1LQPyOLcq4OIgGmKaotOWSDrwFEK81cxY%3D&reserved=0

 

-- 

Ndss-tot-award mailing list

Ndss-tot-award at elists.isoc.org

https://elists.isoc.org/mailman/listinfo/ndss-tot-award

 

-- 

Ndss-tot-award mailing list

Ndss-tot-award at elists.isoc.org

https://elists.isoc.org/mailman/listinfo/ndss-tot-award

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://elists.isoc.org/pipermail/ndss-tot-award/attachments/20190116/1c6ee067/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4586 bytes
Desc: not available
URL: <http://elists.isoc.org/pipermail/ndss-tot-award/attachments/20190116/1c6ee067/attachment-0001.p7s>


More information about the Ndss-tot-award mailing list