Steven M. Bellovin | Academic Influence

Steven M. Bellovin's AcademicInfluence.com Rankings

Steven M. Bellovin

Criminal Justice

#107

World Rank

#124

Historical Rank

#53

USA Rank

Cyber Security

#12

World Rank

#12

Historical Rank

#6

USA Rank

criminal-justice Degrees

Steven M. Bellovin

Computer Science

#240

World Rank

#250

Historical Rank

#144

USA Rank

Network Security

#1

World Rank

#1

Historical Rank

#1

USA Rank

Cybersecurity

#9

World Rank

#9

Historical Rank

#4

USA Rank

Database

#455

World Rank

#477

Historical Rank

#189

USA Rank

computer-science Degrees

Download Badge

Criminal Justice
Computer Science

Steven M. Bellovin's Degrees

PhD Computer Science Columbia University
Masters Computer Science Columbia University
Bachelors Physics Columbia University

Similar Degrees You Can Earn

Why Is Steven M. Bellovin Influential?

(Suggest an Edit or Addition)

According to Wikipedia, Steven M. Bellovin is a researcher on computer networking and security who has been a professor in the computer science department at Columbia University since 2005. Previously, Bellovin was a fellow at AT&T Labs Research in Florham Park, New Jersey.

(See a Problem?)

Steven M. Bellovin's Published Works

Number of citations in a given year to any of this author's works

Total number of citations to an author for the works they published in a given year. This highlights publication of the most important work(s) by the author

Published Works

Encrypted key exchange: password-based protocols secure against dictionary attacks (1992) (1533)
Controlling high bandwidth aggregates in the network (2002) (875)
Firewalls and internet security - repelling the wily hacker (2003) (767)
A look back at "security problems in the TCP/IP protocol suite (1989) (738)
Implementing Pushback: Router-Based Defense Against DDoS Attacks (2002) (656)
ICMP Traceback Messages (2003) (652)
Augmented encrypted key exchange: a password-based protocol secure against dictionary attacks and password file compromise (1993) (531)
Implementing a distributed firewall (2000) (393)
Limitations of the Kerberos authentication system (1990) (374)
Blind Seer: A Scalable Private DBMS (2014) (247)
Facebook and privacy: it's complicated (2012) (223)
A technique for counting natted hosts (2002) (218)
A study of privacy settings errors in an online social network (2012) (194)
The Failure of Online Social Network Privacy Settings (2011) (183)
The risks of key recovery, key escrow, and trusted third-party encryption (1997) (179)
Problem Areas for the IP Security Protocols (1996) (175)
Using the Domain Name System for System Break-ins (1995) (164)
Automated Analysis of Privacy Requirements for Mobile Apps (2016) (162)
Defending Against Sequence Number Attacks (1996) (159)
Distributed Firewalls (1994) (158)
Network firewalls (1994) (152)
Just fast keying: Key agreement in a hostile internet (2004) (150)
Privacy-Enhanced Searches Using Encrypted Bloom Filters (2004) (142)
Privee: An Architecture for Automatically Analyzing Web Privacy Policies (2014) (135)
Reputation Systems for Anonymous Networks (2008) (120)
Insider Attack and Cyber Security - Beyond the Hacker (2008) (105)
On the Brittleness of Software and the Infeasibility of Security Metrics (2006) (98)
There Be Dragons (1992) (97)
Unconventional Wisdom (2006) (93)
Frank Miller: Inventor of the One-Time Pad (2011) (91)
Secure anonymous database search (2009) (89)
Packets found on an internet (1993) (84)
Malicious-Client Security in Blind Seer: A Scalable Private DBMS (2015) (80)
Sub-operating systems: a new approach to application security (2002) (73)
Measuring Security (2011) (73)
Guidelines for Cryptographic Key Management (2005) (66)
ICMP Traceback Message (2003) (63)
Worm Propagation Strategies in an IPv6 Internet (2006) (59)
Privacy and Synthetic Datasets (2018) (59)
PAR: Payment for Anonymous Routing (2008) (57)
Controlling High Bandwidth Aggregates in the Network (Extended Version) (2001) (56)
Privacy Enhanced Access Control for Outsourced Data Sharing (2012) (56)
A Privacy Analysis of Cross-device Tracking (2017) (56)
Deploying a New Hash Algorithm (2006) (53)
An attack on the Interlock Protocol when used for authentication (1994) (51)
On the Use of Stream Control Transmission Protocol (SCTP) with IPsec (2003) (49)
A Clean-Slate Design for the Next-Generation Secure Internet (2006) (48)
The Security Flag in the IPv4 Header (2003) (47)
Using Link Cuts to Attack Internet Routing (2003) (47)
Spamming, phishing, authentication, and privacy (2004) (44)
A Best-Case Network Performance Model (1992) (43)
Probable plaintext cryptanalysis of the IP security protocols (1997) (42)
Building a Secure Web Browser (2001) (42)
Risking Communications Security: Potential Hazards of the Protect America Act (2008) (41)
Privacy and Cybersecurity: The Next 100 Years (2012) (38)
Prerendered User Interfaces for Higher-Assurance Electronic Voting (2006) (37)
Slowing Routing Table Growth by Filtering Based on Address Allocation Policies (2001) (35)
Lawful Hacking: Using Existing Vulnerabilities for Wiretapping on the Internet (2013) (33)
Configuration management and security (2009) (32)
Security aspects of napster and gnutella (2001) (32)
Computer security—an end state? (2001) (30)
Private search in the real world (2011) (29)
Building Trustworthy Systems: Lessons from the PTN and Internet (1999) (29)
Firewall-Friendly FTP (1994) (29)
Laissez-faire file sharing: access control designed for individuals at the endpoints (2009) (27)
Security Implications of Applying the Communications Assistance to Law Enforcement Act to Voice over IP (2006) (26)
The Insider Attack Problem Nature and Scope (2008) (26)
AES Key Agility Issues in High-Speed IPsec Implementations (2000) (25)
"I don't have a photograph, but you can have my footprints.": Revealing the Demographics of Location Data (2015) (24)
Cryptographic Modes of Operation for the Internet (2001) (23)
Usable, Secure, Private Search (2012) (23)
Security Requirements for BGP Path Validation (2014) (22)
Security by Checklist (2008) (22)
Virtual machines, virtual security? (2006) (22)
Design and implementation of virtual private services (2003) (21)
An Algebra for Integration and Analysis of Ponder2 Policies (2008) (21)
Information Security Management System (2014) (21)
Security Mechanisms for the Internet (2003) (20)
ROFL: routing as the firewall layer (2009) (20)
Cryptography and the Internet (1998) (19)
Just Fast Keying (JFK) (2002) (18)
Policy refinement of network services for MANETs (2011) (18)
Report of the IAB Security Architecture Workshop (1998) (18)
High Performance Firewalls in MANETs (2010) (17)
Report on Dimacs * Workshop on Large-scale Internet Attacks (17)
Iso/iec 27001 (2011) (16)
Cryptographic Engineering (2009) (16)
When Enough is Enough: Location Tracking, Mosaic Theory, and Machine Learning (2014) (15)
It's Too Complicated: How the Internet Upends Katz, Smith, and Electronic Surveillance Law (2016) (15)
A Better Approach than Carrier-Grade-NAT (2008) (15)
The A+P Approach to the IPv4 Address Shortage (2011) (14)
Going Bright: Wiretapping without Weakening Communications Infrastructure (2013) (14)
Limiting the undesired impact of cyber weapons: technical requirements and policy implications (2016) (14)
A Better Key Schedule for DES-like Ciphers (1996) (14)
Guidelines for Specifying the Use of IPsec Version 2 (2009) (13)
Encrypted Key Exchange (2006) (12)
A "bump in the stack" encryptor for MS-DOS systems (1996) (12)
Bugs in our Pockets: The Risks of Client-Side Scanning (2021) (12)
Tapping on my network door (2000) (11)
Perceptions and Reality (2010) (11)
Identity and Security (2010) (11)
Policy Algebras for Hybrid Firewalls (2007) (11)
Key Change Strategies for TCP-MD5 (2007) (11)
Aggregate-Based Congestion Control (2002) (11)
APOD: Anonymous Physical Object Delivery (2009) (10)
Security Concerns for IPng (1994) (10)
An Anonymous Credit Card System (2009) (10)
Can It Really Work? Problems with Extending EINSTEIN 3 to Critical Infrastructure (2011) (10)
Toward the PSTN/Internet Inter-Networking-Pre-PINT Implementations (1998) (10)
Transport-Friendly ESP (1999) (10)
Toward the PSTN/Internet Inter-Networking--Pre-PINT Implementations (1998) (10)
A DNS filter and switch for packet-filtering gateways (1996) (10)
Computer Security Research with Human Subjects: Risks, Benefits and Informed Consent (2011) (10)
Aggregate congestion control (2002) (9)
Financial incentives for route aggregation and efficient address utilization in the Internet (1997) (9)
The real national-security needs for VoIP (2005) (9)
Standards Maturity Variance Regarding the TCP MD5 Signature Option (RFC 2385) and the BGP-4 Specification (2006) (9)
Moat: a Virtual Private Network Appliance and Services Platform (1999) (8)
Results of the Security in ActiveX Workshop, Pittsburgh, Pennsylvania USA, August 22-23, 2000 (2000) (8)
Virtual Private Services: Coordinated Policy Enforcement for Distributed Applications (2007) (8)
Pseudo-Network Drivers and Virtual Networks (1990) (8)
Transient Addressing for Related Processes: Improved Firewalling by Using IPV6 and Multiple Addresses per Host (2001) (8)
Network and Internet Security (1997) (8)
Clouds from Both Sides (2011) (8)
Security and Privacy: Enemies or Allies? (2005) (7)
Vernam, Mauborgne, and Friedman: The One-Time Pad and the Index of Coincidence (2015) (7)
Wiretapping the Net (2000) (7)
Permissive Action Links, Nuclear Weapons, and the History of Public Key Cryptography (2006) (7)
On Many Addresses per Host (1994) (7)
Critical Infrastructures You Can Trust: Where Telecommunications Fits (1998) (6)
Simple-VPN: Simple IPsec Configuration (2010) (6)
Two-Person Control Administation: Preventing Administation Faults through Duplication (2009) (6)
PATHALIAS or The Care and Feeding of Relative Addresses (1986) (6)
Information Assurance Technology Forecast 2008 (2008) (6)
Source Prefix Filtering in ROFL (2009) (5)
The dynamic community of interest and its realization in ZODIAC (2009) (5)
Problem Statement and Requirements for a TCP Authentication Option (2007) (5)
Seeking the Source: Criminal Defendants’ Constitutional Right to Source Code (2020) (5)
A Secure and Privacy-Preserving Targeted Ad-System (2010) (5)
That Was Close! Reward Reporting of Cybersecurity 'Near Misses' (2017) (5)
Why Joanie Can Encrypt: Easy Email Encryption with Easy Key Management (2019) (5)
A Programmable Plaintext Recognizer (1994) (4)
The Major Cyberincident Investigations Board (2012) (4)
Insecure Surveillance: Technical Issues with Remote Computer Searches (2016) (4)
Security and software engineering (1995) (4)
Inside risks: evolving telephone networks (1999) (4)
A privacy preserving ecommerce oriented identity management architecture (2011) (4)
It's Too Complicated: The Technological Implications of IP-Based Communications on Content/Non-Content Distinctions and the Third Party Doctrine (2016) (4)
Encrypted cloud photo storage using Google photos (2021) (4)
Attack Surfaces (2016) (4)
Evolving Telephone Networks (1999) (3)
By Any Means Possible: How Intelligence Agencies Have Gotten Their Data (2014) (3)
Client Certificate and Key Retrieval for IKE (2000) (3)
Seers and Craftspeople (2007) (3)
DRM, Complexity, and Correctness (2007) (3)
As simple as possible---but not more so (2011) (3)
Cybersecurity through an Identity Management System (2009) (3)
Session-Layer Encryption (1995) (3)
Differential Privacy and Swapping: Examining De-Identification’s Impact on Minority Representation and Privacy Preservation in the U.S. Census (2022) (3)
Security Through Obscurity Considered Dangerous (2002) (3)
The Zodiac Policy Subsystem: A Policy-Based Management System for a High-Security MANET (2009) (3)
Proceedings of the 3rd USENIX workshop on Steps to reducing unwanted traffic on the internet (2007) (3)
Military Cybersomethings (2013) (3)
Using Bloom Filters for Authenticated Yes/No Answers in the DNS (2001) (3)
Voluntary disclosures (2019) (3)
IMRG workshop on application classification and identification report (2008) (3)
The "Session Tty" Manager (1988) (2)
Walls and Gates (2013) (2)
Where the Wild Things are: BGP Threats (2003) (2)
Jurisdiction and the Internet (2017) (2)
Layered Insecurity (2019) (2)
Toward a National Cybersecurity Policy (2018) (2)
Fighting the Last War (2012) (2)
Thinking about security (2001) (2)
Security as a Systems Property (2009) (2)
The big picture (2018) (2)
TCP Compression Filter (1999) (1)
What a Real Cybersecurity Bill Should Address (2015) (1)
The Government and Cybersecurity (2009) (1)
RUST: The Reusable Security Toolkit (2008) (1)
The Key to the Key (2015) (1)
Information Integrity (2011) (1)
The Puzzle of Privacy (2008) (1)
What Do We Owe? (2022) (1)
Proceedings of the Third international conference on Applied Cryptography and Network Security (2005) (1)
Security and Uses of the Internet (1996) (1)
RUST: A Retargetable Usability Testbed for Web Site Authentication Technologies (2008) (1)
Intrusion Tolerant Systems Workshop (2002) (1)
Near Misses (2019) (1)
Algorithmic Foundations of Robotics XV - Proceedings of the Fifteenth Workshop on the Algorithmic Foundations of Robotics, WAFR 2022, College Park, MD, USA, 22-24 June, 2022 (2023) (1)
Easy Email Encryption (2016) (1)
Compression, Correction, Confidentiality, and Comprehension: A Modern Look at Commercial Telegraph Codes (2009) (1)
– Revealing the Demographics of Location Data (2015) (1)
Anonymous Publish-Subscribe Systems (2014) (1)
News Need Not Be Slow (2002) (1)
IP Traceback (2011) (1)
A "Reason" Field for ICMP "Administratively Prohibited" Messages (2001) (1)
A Real World Identity Management System with Master Secret Revocation (2010) (0)
Unnoticed Consent [Last Word] (2018) (0)
OpenTor: Anonymity as a Commodity Service (2007) (0)
USENIX Association Proceedings of the FREENIX Track : 2002 USENIX Annual (2001) (0)
Privacy & Cryptography (2006) (0)
Security Assurance for Web Device APIs (2008) (0)
Newspeak: A Secure Approach for Designing Web Applications (2008) (0)
Policies on Privacy (2020) (0)
Compression , Correction , Confidentiality , and Comprehension : A Look at Telegraph Codes (2009) (0)
Comments on Privacy (2018) (0)
The physical world and the real world (2008) (0)
Reports Conference Reports 23rd Usenix Security Symposium Opening Remarks (2014) (0)
Open Source and Trust (2020) (0)
Network Working Group Russell Housley Expires in Six Months Vigil Security Guidelines for Cryptographic Key Management (2005) (0)
Why Do We Need More Research? (1999) (0)
Mysterious Checks from Mauborgne to Fabyan (2014) (0)
Applicability Statement for SNMPv3 Cryptographic Algorithms (2002) (0)
O Wiretapping the Net (2000) (0)
The advantages of many addresses per host (1996) (0)
Program Twenty-Second Annual Computer Security Applications Conference ( ACSAC ) Practical Solutions (0)
Nuclear Weapons, Permissive Action Links, and the History of Public Key Cryptography (2004) (0)
Program Twenty-Second Annual Computer Security Applications Conference ( ACSAC ) Practical Solutions (0)
Identity Proof (2011) (0)
Security Risks Of Peer-To-Peer Networking (2001) (0)
Internet Engineering Task Force (ietf) Defending against Sequence Number Attacks (0)
Session details: Security (2005) (0)
Comments on Proposed Remote Search Rules (2014) (0)
Research Projects Agency and Space and Naval (0)
Security Analysis of Accountable Anonymous Group Communication in Dissent Preliminary Draft - Not for Public Release (2010) (0)
ControllingHigh BandwidthAggregatesin theNetwork (2001) (0)
Further Information on Miller's 1882 One-Time Pad (2016) (0)
Coalition Letter to Senate Committee Leadership Opposing Inclusion of “Data Retention” Mandate in USA Freedom Act (2014) (0)
A Novel Strategy for Internetwork Segmentation and Zoning by (2010) (0)
The Economics of Cyberwar (2014) (0)
Session details: Security (2005) (0)
Applied Cryptography and Network Security, 6th International Conference, ACNS 2008, New York, NY, USA, June 3-6, 2008. Proceedings (2008) (0)
CSRIC III WORKING GROUP 4 Network Security Best Practices FINAL Report – BGP Security Best Practice (2013) (0)
Easy Email Encryption with Easy Key Management CUCS-004-18 (2018) (0)
What Should Crypto Look Like? (2014) (0)
Data Hemorrhage, Inequality, and You: How Technology and Data Flows are Changing the Civil Liberties Game (2017) (0)
Special Thanks to S&P's Reviewers (2005) (0)
Computer security is a hard problem. Security on networked computers is much harder. Firewalls (barriers between two networks), when used properly, can provide a significant increase in computer security. (1994) (0)
Deploying New Hash Functions (2005) (0)
Policy Management for E-Health Records (2010) (0)
Author index (1990) (0)
Security implications for IPng (1996) (0)
Guidelines for Cryptographic Key Management Status of This Memo This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements. Distribution of this memo is unlimited. (2005) (0)
Internal surveillance, external risks (2007) (0)
Method and apparatus for limiting the access to private information in domain name systems by rerouting query requests (1997) (0)
RFC 8374 - BGPsec Design Choices (2018) (0)
Access Control Prefix Router Advertisement Option for IPv6 (2003) (0)
Applied Cryptography and Network Security (2006) (0)
Large Scale System Defense (2008) (0)
Just out "It's Too Complicated: Implications of IP-Based Communications..." (2016) (0)
Cybersecurity Research Needs (2003) (0)
A Report by an Ad Hoc Group of Cryptographers and Computer Scientists & Trusted Third Party Encryption (1998) (0)
The Law and Lawful Hacking (2021) (0)
Dr. Strangecode (2014) (0)
A method for overload reduction in packet switching networks (2000) (0)
Network Working Group (1991) (0)
Security Think (2011) (0)
Key Recovery (2011) (0)
Making It Easier to Encrypt Your Emails (2019) (0)
Method and apparatus for restricting access to private information in domain name systems by information filtering (1997) (0)
Privacy-Preserving, Taxable Bank Accounts (2010) (0)
Lisa '09: 23rd Large Installation System Administration Conference (2010) (0)
System for the transmission of network traffic in a communication network (1997) (0)
An IBE-based Signcryption Scheme for Group Key Management (2016) (0)
Protocol and device for safe communication (1992) (0)
INFOSEC Research Council (IRC) (2005) (0)
Trade-offs in Private Search (2010) (0)
Security, Privacy, and Scale (2020) (0)
Who Are You? (2017) (0)
Position Paper : Security and Simplicity (2014) (0)

This paper list is powered by the following services:

Other Resources About Steven M. Bellovin

en.wikipedia.org

What Schools Are Affiliated With Steven M. Bellovin?

Steven M. Bellovin is affiliated with the following schools:

Image Attributions

Image Source for Steven M. Bellovin