NDSS Symposium Test of Time Award
An award that recognizes the most influential papers that have been published in past NDSS Symposia.
Test of Time Award Nominations
The NDSS Test of Time (ToT) Award recognizes the most influential papers published in past NDSS Symposia with respect to research and/or industrial impact on computer and network security.
Each year papers are reviewed by the NDSS Test of Time Award committee for consideration. Papers nominated must be published at least ten years prior to the current conference year.
Anyone can submit a nomination via email to [email protected]. Nominations may be submitted at any time and are considered by the NDSS ToT committee during the selection period in which they are received. You can check the previous NDSS Symposia pages for inspiration.
Each nomination must include:
1. The title, the author list, and publication year of the nominated paper
2. A 100-word (maximum) nomination statement, describing why the paper deserves the Test of Time Award
3. The name, title, affiliation of the nominator, and if appropriate, the relationship of the nominator to the authors.
Test of Time Award Winner 2022
Automated Whitebox Fuzz Testing (NDSS 2008) is one of the seminal papers on program testing. The paper was an early demonstration of how to make symbolic execution practical and useful at scale. Building on previous advances in dynamic symbolic execution and in fuzz testing, this paper contributed both deep conceptual and practical insights and showed how to effectively achieve high code coverage when fuzzing real software. These insights were leveraged to create a tool, SAGE, that was used to find many bugs in Microsoft applications that couldn’t be found by previous tools. The paper has been enormously influential both in the design of practical tools and in inspiring follow-up research, as evidenced by its more than 1500 citations.
Test of Time Awards Winners 2020
A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities, David Wagner, Jeffrey S. Foster, Eric A. Brewer, Alexander Aiken (2000)
This paper introduced the use of static analysis for finding potential buffer overrun vulnerabilities in security-critical C code before it is deployed. It spawned an entire industry of security testing tools and practices. Today, static analysis security testing is a cornerstone technique for automated testing and analysis of program source code to identify and resolve security flaws early in the software development life cycle and is an integral part of modern DevOps environments and AppSec programs. The paper is one of the most highly cited NDSS papers from the period 1995-2010.
This paper introduced the Datagram Transport Layer Protocol (DTLS), which is based on and provides equivalent security guarantees as TLS for datagram protocols. DTLS is defined as a Proposed Standard for use with User Datagram Protocol (UDP) as well as a number of other IETF protocols, and it is implemented in and supported by many popular TLS implementations. The IETF is actively updating DTLS and other IETF protocol efforts are looking to leverage it for their own security.
Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software, James Newsome and Dawn Song (2005)
This paper introduced dynamic taint analysis, a new approach for the automatic detection, analysis, and signature generation of exploits on commodity software. The technique reliably detects overwrite attacks which cause a sensitive value (such a return addresses, function points, and format strings) to be overwritten with an attacker’s data. It has seen widespread application in many areas, including malware analysis, vulnerability discovery, and test case generation. The paper is the second most highly cited NDSS paper (1759) from the period 1995-2010.
Client Puzzles: A Cryptographic Countermeasure Against Connection Depletion Attacks, Ari Juels and John Brainard (1999)
The paper introduced the use of “client puzzles” to protect against connection depletion attacks (a form of denial of service) in connection-oriented protocols, such as TCP Syn flooding. The paper led to a number of other efforts to develop different forms of client puzzles and to apply them to various other protocols and systems. The paper is the 6th most highly cited NDSS paper (792) from the period 1995-2009.
A Virtual Machine Introspection Based Architecture for Intrusion Detection, Tal Garfinkel and Mendel Rosenblum (2003)
This paper introduced the use of VMI for cybersecurity and opened the floodgates on a tremendous amount of research and derivative tools that took VM technology beyond simple resource multiplexing and leveraged it for intrusion detection, intrusion prevention, forensics, isolation, and other cybersecurity protections. The paper is the most highly cited NDSS paper (1751) from the period 1995-2009.