Google’s Security Conference/Journal ranking 2017

As a follow up to the previous post on the topic, here is the version with the newly released 2017 metrics data. It provides a ranking of journals and conferences in different fields, and uses the h5 metric, “the number n of papers that were released in the last 5 years, and had at least n citations”.

Based on the h5 metric, the following ranking for security conferences and journals is generated here:

1. ACM Symposium on Computer and Communications Security (62, +1 position)
2. IEEE Transactions on Information Forensics and Security (61, +2 positions)
3. IEEE Symposium on Security and Privacy (59, -2 positions)
4. USENIX Conference on Security (56)
5. Network and Distributed System Security Symposium (NDSS) (51)
6. International Conference on Cryptology (CRYPTO) (51)
7. Annual International Conference on Theory and Applications of Cryptographic Techniques (EUROCRYPT) (50)
8. ArXiv (see discussion)
9. IEEE Transactions on Dependable and Secure Computing (41)
10. Theory of cryptography (36)
11. International Conference on The Theory and Application of Cryptology and Information Security (ASIACRYPT) (36)
12. Workshop on Cryptographic Hardware and Embedded Systems (CHES) (33)
13. Computers & Security (32)
14. ACM Symposium on Information, Computer and Communications Security (ASIACCS) (31)

Some other honourable mentions where I published before, am involved, or consider submitting:

1. Conference of the IEEE Computer and Communications Societies (INFOCOM) (80)
2. Computer Networks (50)
3. International Conference on Mobile systems, applications, and services (MOBISYS) (46)
4. Annual International Conference on Mobile computing and networking (Mobicom) (44)
5. Annual Computer Security Applications Conference (ACSAC) (29)
6. International Conference on Dependable Systems and Networks (DSN) (28)
7. European Conference on Research in Computer Security (ESORICS) (26)
8. ACM conference on Data and Application Security and Privacy (CODASPY) (24)
9. Wireless Network Security (WISEC) (22)
10. Symposium on Research in Attacks, Intrusions and Defenses (RAID) (20)
11. Conference on Formal Engineering Methods (ICFEM) (15)
12. IFIP TC 11 International Conference on ICT Systems Security and Privacy Protection (IFIP Sec) (14)
13. Network and Systems Security (NSS) (14)
14. IEEE International Conferences on Internet of Things, and Cyber, Physical and Social Computing (CPSCom) (13)
15. IEEE High Assurance Systems Engineering Symposium, (HASE) (13)

There are some interesting observations I made from the ranking (updated from last iteration):

1. Oakland lost 2 positions to CCS and the best journal (Trans. Inf. Forens. & Sec.). NDSS gained 4 positions (with lots of Android themed publications it seems).
2. There are only two journals in the top ten list (like last year)
3. ArXiv is in the list, but can hardly be counted as “peer reviewed”.
4. 5 of the top 11 venues (w/o Arxiv) have a strong crypto focus, further limiting the options for general security papers to be published at.
5. Google also publishes a h5-median score, which indicates the median citation count of the publications included in the h5 computation. This somewhat gives a nice indication on how many citations you could expect for your publications in the conference, after five years. For the top 10 venues, this is between 60 and 100, for top 10-20 between 40 and 50
6. Clearly, for h5 it helps to accept more papers (see ArXiv and Infocom rank). It would be great to award selectivity somehow, for example by dividing by number of accepted papers. Unfortunately, that information is not directly available (see here).
7. Again, I checked for the placing of my papers in the conferences’ respective “last 5 year highscore”. My GPS paper at CCS is the venue’s top 27 paper of the last 5 years. My IFIP wireless days paper is the most cited of that venue for the last 5 years. Our Wireless signal manipulation paper is in Top 20 of Esorics.

See also: aminer conference ranking, CORE2014 conference ranking