Google’s Security Conference/Journal ranking

Gogle Scholar just released their 2015 version of Metrics. It provides a ranking of journals and conferences in different fields, and uses the h5 metric, “the number n of papers that were released in the last 5 years, and had at least n citations”.

Based on the h5 metric, the following ranking for security conferences and journals is generated here:

  1. IEEE Symposium on Security and Privacy (58)
  2. ACM Symposium on Computer and Communications Security (58)
  3. IEEE Transactions on Information Forensics and Security (55)
  4. USENIX Conference on Security (50)
  5. Conference on Advances in cryptology (CRYPTO) 49
  6. Annual International Conference on Theory and Applications of Cryptographic Techniques (EUROCRYPT) (48)
  7. IEEE Transactions on Dependable and Secure Computing (48)
  8. Network and Distributed System Security Symposium (NDSS) (44)
  9. ArXiv (see discussion)
  10. International Conference on The Theory and Application of Cryptology and Information Security (ASIACRYPT) (35)

Some other honorable mentions where I published before:

  1. European Conference on Research in Computer Security (ESORICS) (24)
  2. Wireless Network Security (WISEC) (22)
  3. International Conference on Mobile systems, applications, and services (MOBICOM) (49)

There are some interesting observations I made from the ranking:

  1. Oakland and CCS are ranked higher than the best journal (Trans. Inf. Forens. & Sec.)
  2. There are only two journals in the top ten list.
  3. ArXiv is in the list, but can hardly be counted as “peer reviewed”.
  4. Several of the top 20 items have a strong crypto focus, further limiting the options for general security papers to be published at
  5. Google also publishes a h5-median score, which indicates the median citation count of the publications included in the h5 computation. This somewhat gives a nice indication on how many citations you could expect for your publications in the conference, after five years. For the top 10 venues, this is between 70 and 100, for top 10-20 between 40 and 70
  6. Clearly, for h5 it helps to accept more papers (see ArXiv rank). It would be great to award selectivity somehow.
  7. Based on the Google Metrics page, it is now easily possible to find how well a publication performed relatively to other publications at the same venue. I found it interesting to check for some of my publications (e.g. my GPS paper at CCS is within the Top40 papers of the last 5 years). My paper at the Workshop on Positioning, Navigation and Communication is the top 3 most cited in the last 5 years.

References to related rankings: LIPN, A*STAR. LIPN ranking of security conferences: CCS (A*), Advances in Crypto (A*), EUROCRYPT (A*), ACSAC (A), ASIACRYPT (A), CSF (A), ESORICS (A), Financial Cryptography (A), NDSS (A), S&P(A), SecureCom (A), Usenix Sec (A), AsiaCCS (B), IFIP Security (B)

Most other security conferences of level B or lower are not known to me, level C includes a lot of workshops as well. Notably, WiSec is not in the ranking (yet?)

Nils Ole Tippenhauer
Nils Ole Tippenhauer

I am interested in information security aspects of practical systems. In particular, I am currently working on security of industrial control systems and the Industrial Internet of Things.