[Ndss-tot-award] A couple Test of Time Award Nominations

Paul Syverson paul.syverson at nrl.navy.mil
Thu Jan 17 11:07:51 PST 2019


Hi Dave,

Below is the list that you were asking about that I sent back in
October. I think many of these have merit, but I don't want to try to
argue for all of them. You asked about client puzzles, and I guess I
_will_ nominate (specifically add to the nomination list) a
recommendation for 

1999
Client Puzzles: A Cryptographic Countermeasure Against Connection
Depletion Attacks
Ari Juels and John Brainard

This paper introduced the concept of client puzzles to guard against
resource depletion, and has been widely cited as well as used
since. It was cited and its techniques used in the paper where Douceur
introduced sybil attacks, amongst others.

It is also loosely related to this thing you may have heard of called
bitcoin (not as much so as my not nearly adequately acknowledged
"Weakly Secret Bit Commitment: Applications to Lotteries and Fair
Exchange" that it doesn't even cite as prior work. I'm nominating it
despite the snub ;>) but it's primary
impact on resource management is unmistakable (and nearly 800
citations is none to shabby, while the top 3 papers citing it all
have over 1000 citations).

Another semi related paper with significant influence on network
security (NDSS's namesake after all) is

2002
Implementing Pushback: Router-Based Defense Against DDoS Attacks
John Ioannidis, Steven M. Bellovin

But I feel like I'm letting my views too much impact the list, so
I'll let others push for that one if they like.

aloha,
Paul
-------------------------------
List of somewhat-Paul-centric suggestions from October

1996
SKEME: A Versatile Secure Key Exchange Mechanism for Internet
Hugo Krawczyk

1999
Client Puzzles: A Cryptographic Countermeasure Against Connection
Depletion Attacks
Ari Juels and John Brainard

2002
Implementing Pushback: Router-Based Defense Against DDoS Attacks
John Ioannidis, Steven M. Bellovin

An Analysis of the Degradation of Anonymous Protocols
Matthew Wright, Micah Adler, Brian N. Levine, Clay Shields

2004
The Design and Implementation of Datagram TLS
Nagendra Modadugu and Eric Rescorla

Building an Encrypted and Searchable Audit Log
Brent R. Waters, Dirk Balfanz, Glenn Durfee, D. K. Smetters

2008
Corrupted DNS Resolution Paths: The Rise of a Malicious Resolution Authority
D. Dagon, N. Provos, C. Lee, W. Lee

2009
RAINBOW: A Robust and Invisible Non-Blind Watermark for Network Flows
Authors: A. Houmansadr, N. Kiyavash, N. Borisov
-------------------------------



On Wed, Jan 16, 2019 at 11:41:47PM +0000, David Balenson wrote:
> Hi Paul,
> 
>  
> 
> The list I sent as a Word file was all the papers (some with citation counts) presented at / published by NDSS during the years under consideration, 1995-2009. It was intended to provide a single source for people to consider. 
> 
>  
> 
> I also nominated two papers at that time (taint analysis and VMI) and this morning I suggested a third paper (buffer overrun). I also liked Trent’s suggestion of TESLA. I’m not sure about client puzzles. And, I happen to like your suggestion of SKEME – the kind of impact you described is exactly what we should ultimately be looking for.
> 
>  
> 
> I don’t recall your initial nominations. I think they may have come when we were still discussing the idea of having the ToT award. Perhaps you could resend them to be sure?
> 
>  
> 
> Thanks,
> 
> -DB
> 
>  
> 
>  
> 
> From: Ndss-tot-award <ndss-tot-award-bounces at elists.isoc.org> on behalf of Paul Syverson <paul.syverson at nrl.navy.mil>
> Reply-To: NDSS Test of Time Award <ndss-tot-award at elists.isoc.org>
> Date: Wednesday, January 16, 2019 at 6:06 PM
> To: NDSS Test of Time Award <ndss-tot-award at elists.isoc.org>
> Subject: Re: [Ndss-tot-award] A couple Test of Time Award Nominations
> 
>  
> 
> I know we already have a bunch of candidates. I had suggested a bunch
> 
> way back when, some of which are on the list of highly cited papers
> 
> Dave Balenson sent. I'll limit myself to arguing for just one
> 
> addition.  It's sort of reminiscent of Karen's point.
> 
>  
> 
> 1996
> 
> SKEME: A Versatile Secure Key Exchange Mechanism for Internet
> 
> Hugo Krawczyk
> 
>  
> 
> It only has 361 citations but it is the
> 
> underlying protocol for IKE (whose RFC has 2453 citations besides
> 
> being a major influential Internet standard).
> 
>  
> 
> The only other 1996 candidate I see mentioned is Mixing Email with
> 
> Babel.  Ironically that is a paper that I'm sure I have cited more
> 
> than the SKEME paper, and it has had a bigger influence on my own
> 
> work. But if I am being honest with myself, SKEME is a much more
> 
> influential paper on modern computer security and on research, whether
> 
> the citations show it or not.
> 
>  
> 
> More broadly, I've lost the forest for the trees. Trent has asked for
> 
> people to submit votes by Friday. But I don't have a clear idea of the
> 
> specific list of nominations, and we were told we had until today to
> 
> make further nominations so how could we be voting already?  And are
> 
> all the papers that Dave gave in the citation count list nominated, or
> 
> were those just suggestions to consider and only the ones he called
> 
> out specifically nominated? If they're not all nominated, I might want
> 
> to argue to add a few of them as well (Client Puzzles  comes to mind).
> 
>  
> 
> Could someone provide a list of what exactly is currently nominated
> 
> and where we stand in the process?
> 
>  
> 
> aloha,
> 
> Paul
> 
>  
> 
>  
> 
> On Wed, Jan 16, 2019 at 05:20:49PM +0000, Jaeger, Trent Ray wrote:
> 
> I am also hoping not to vote - a few more folks need to submit their votes.  Either to me alone or the list.  Also, can adjust your vote, if you want, until voting closes - say Fr Jan 18.
> 
> A modest concern with TESLA paper is that that will result in one person being on two of the inaugural ToT papers, but  I do not think that is a huge deal.
> 
> Otherwise, I am supportive of that paper, as the domain is quite different than the other two.  The First Step paper is more of a static analysis paper (rather than a dynamic analysis or dynamic monitoring paper, but still in the software security domain).
> 
> Regards,
> 
> Trent.
> 
> ----------------------------------------------
> 
> Trent Jaeger
> 
> Professor, CSE Department
> 
> Pennsylvania State University
> 
> W359 Westgate Bldg, University Park, PA 16802
> 
> Email: tjaeger at cse.psu.edu<mailto:tjaeger at cse.psu.edu>
> 
> Ph: (814) 865-1042, Fax: (814) 865-3176
> 
> URL: http://www.trentjaeger.com
> 
> On Jan 16, 2019, at 10:57 AM, Karen O'Donoghue <odonoghue at isoc.org<mailto:odonoghue at isoc.org>> wrote:
> 
> I am not on the committee and don’t really have a vote. However, in line with my original desire to show the impact of the paper beyond the number of academic citations, I’d like to see some details on the impact of each of these papers.
> 
> As such, I would strongly support the TESLA work and its impact on IETF standards. I know of a couple of activities that are currently ongoing that are leveraging TESLA.
> 
> Also, in putting out the announcement for the award, I’d like to be able to have a paragraph writeup about the impact of the paper beyond just the number of citations - so we are going to need to be able to articulate this information in the case of the awarded paper in any event.
> 
> Karen
> 
> On Jan 16, 2019, at 9:58 AM, David Balenson <david.balenson at sri.com<mailto:david.balenson at sri.com>> wrote:
> 
> Hi Trent,
> 
>    1.  I accept my recommendations ;-)
> 
>    2.  I vote for both my recommendations
> 
>    3.  I’m willing to support a third paper, esp. the one on source authentication, since I believe TESLA is specified in an Internet RFC and has had an impact. It’s not clear to me how prevalent client puzzles are as an implemented DoS mitigation?
> 
>    4.  One other paper we might consider is: A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities (918 cites). I’m not sure how much of an impact the work has had on today’s buffer overrun mitigation technologies?
> 
> Thanks,
> 
> -DB
> 
> From: Ndss-tot-award <ndss-tot-award-bounces at elists.isoc.org<mailto:ndss-tot-award-bounces at elists.isoc.org>> on behalf of "Jaeger, Trent Ray" <trj1 at psu.edu<mailto:trj1 at psu.edu>>
> 
> Reply-To: NDSS Test of Time Award <ndss-tot-award at elists.isoc.org<mailto:ndss-tot-award at elists.isoc.org>>
> 
> Date: Tuesday, January 15, 2019 at 8:14 PM
> 
> To: NDSS Test of Time Award <ndss-tot-award at elists.isoc.org<mailto:ndss-tot-award at elists.isoc.org>>
> 
> Subject: Re: [Ndss-tot-award] A couple Test of Time Award Nominations
> 
> Hi,
> 
> Shall we vote?
> 
> David nominated two papers.
> 
> 2005 - Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software.
> 
> 1749 cites
> 
> 2003 - A Virtual Machine Introspection Based Architecture for Intrusion Detection.
> 
> 1756 cites
> 
> Might we also want to consider networking/authentication papers.
> 
> 1999 - Client Puzzles: A Cryptographic Countermeasure Against Connection Depletion Attacks
> 
> 792 cites
> 
> 2001 - Efficient and secure source authentication for multicast869 cites
> 
> So, the initial vote is:
> 
> (1) Do you accept David’s recommendations for ToT papers?
> 
> (2) If not do vote for either of his recommendations?
> 
> (3) Do you want to consider a third paper, such as the ones I selected above?
> 
> (4) Do you want to register a vote for any other paper?   Please identify those?
> 
> Regards,
> 
> Trent.
> 
> ----------------------------------------------
> 
> Trent Jaeger
> 
> Professor, CSE Department
> 
> Pennsylvania State University
> 
> W359 Westgate Bldg, University Park, PA 16802
> 
> Email: tjaeger at cse.psu.edu<mailto:tjaeger at cse.psu.edu>
> 
> Ph: (814) 865-1042<tel:(814)%20865-1042>, Fax: (814) 865-3176<tel:(814)%20865-3176>
> 
> URL: http://www.trentjaeger.com<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.trentjaeger.com%2F&data=02%7C01%7Ctrj1%40psu.edu%7C83e2cc4e98854e03ba9b08d67bcb57c5%7C7cf48d453ddb4389a9c1c115526eb52e%7C0%7C0%7C636832510632419844&sdata=kvlRuoOYjNfn3%2Fm3V3Dg5TDReiTj2VmOkSW5fJNhQRs%3D&reserved=0>
> 
> Regards,
> 
> Trent.
> 
> ----------------------------------------------
> 
> Trent Jaeger
> 
> Professor, CSE Department
> 
> Pennsylvania State University
> 
> W359 Westgate Bldg, University Park, PA 16802
> 
> Email: tjaeger at cse.psu.edu<mailto:tjaeger at cse.psu.edu>
> 
> Ph: (814) 865-1042, Fax: (814) 865-3176
> 
> URL: http://www.trentjaeger.com<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.trentjaeger.com&data=02%7C01%7Ctrj1%40psu.edu%7C83e2cc4e98854e03ba9b08d67bcb57c5%7C7cf48d453ddb4389a9c1c115526eb52e%7C0%7C0%7C636832510632419844&sdata=29tVNYiBAlDwZMGLtbYKH9QtMrfWuuKgHpDnfs0%2BAWo%3D&reserved=0>
> 
> --
> 
> Ndss-tot-award mailing list
> 
> Ndss-tot-award at elists.isoc.org<mailto:Ndss-tot-award at elists.isoc.org>
> 
> https://elists.isoc.org/mailman/listinfo/ndss-tot-award<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Felists.isoc.org%2Fmailman%2Flistinfo%2Fndss-tot-award&data=02%7C01%7Ctrj1%40psu.edu%7C83e2cc4e98854e03ba9b08d67bcb57c5%7C7cf48d453ddb4389a9c1c115526eb52e%7C0%7C0%7C636832510632419844&sdata=V7ARZAzRvg1LQPyOLcq4OIgGmKaotOWSDrwFEK81cxY%3D&reserved=0>
> 
> --
> 
> Ndss-tot-award mailing list
> 
> Ndss-tot-award at elists.isoc.org<mailto:Ndss-tot-award at elists.isoc.org>
> 
> https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Felists.isoc.org%2Fmailman%2Flistinfo%2Fndss-tot-award&data=02%7C01%7Ctrj1%40psu.edu%7C83e2cc4e98854e03ba9b08d67bcb57c5%7C7cf48d453ddb4389a9c1c115526eb52e%7C0%7C0%7C636832510632419844&sdata=V7ARZAzRvg1LQPyOLcq4OIgGmKaotOWSDrwFEK81cxY%3D&reserved=0
> 
>  
> 
> -- 
> 
> Ndss-tot-award mailing list
> 
> Ndss-tot-award at elists.isoc.org
> 
> https://elists.isoc.org/mailman/listinfo/ndss-tot-award
> 
>  
> 
> -- 
> 
> Ndss-tot-award mailing list
> 
> Ndss-tot-award at elists.isoc.org
> 
> https://elists.isoc.org/mailman/listinfo/ndss-tot-award
> 
>  
> 



> -- 
> Ndss-tot-award mailing list
> Ndss-tot-award at elists.isoc.org
> https://elists.isoc.org/mailman/listinfo/ndss-tot-award



More information about the Ndss-tot-award mailing list