Four decades of security and privacy research: evolution of topics, impact, and the communi - Prof. Dr. Norbert Pohlmann

Four decades of security and privacy research: evolution of topics, impact, and the community

C. Böttger, N. Demir, M. Demir, H. Hosseini, Prof. Norbert Pohlmann (Institut für Internet-Sicherheit), T. Urban, C. Wressneger:
“Four decades of security and privacy research: evolution of topics, impact, and the community”,
Journal of Cybersecurity, Volume 12, Issue 1, 2026

Abstract
As digital technologies become increasingly embedded in societal infrastructure, IT security and privacy (S&P) have become critical for protecting sensitive information and preserving trust. These domains have evolved from foundational security measures to address complex challenges introduced by artificial intelligence, regulatory frameworks, and decentralized technologies. This paper presents a longitudinal analysis of the evolution of IT S&P research from 1980 to 2023, analyzing over 13k papers from the most relevant venues. Employing the frameworks of established theories from social sciences, i.e. Latour’s actor–network theory, and Bourdieu’s forms of capital, along with Leydesdorff’s key dimensions in scientometrics, we discuss the evolution of research topics and highlight research priorities in the past and today. We apply modern natural language processing techniques to build a taxonomy of research topics within the S&P community. Using this taxonomy, we analyze the community’s thematic development, tracing its growth from 5 topics in the 1980s to 100 distinct research topics, reflecting the field’s expanding scope and complexity. Analyzing 0.5M authors, we demonstrate strong collaboration networks in the IT S&P community. We also demonstrate that the proportion of female authors in this community has remained relatively constant over the decades, despite an increase in their research activity in recent years. Finally, we assess factors impacting paper citations, author networks, and the linguistic evolution of the community. This study enhances the understanding of the S&P research community, providing valuable insights into future directions. The data underlying this article, including the analysis code and data processing pipeline, are available in the repository at: https://pulse- of- cybersecurity.com/, which also provides an interactive webpage for exploring our results.
Keywords: cybersecurity, scientometrics, bibliometrics, science of science, topic modeling, coauthorship networks, metascience, IT security and privacy taxonomy

Introduction
The evolution of IT security and privacy (S&P) research has closely mirrored advancements in computing and digital communication [1]. In the 1960s, as computers became more widespread, research focused on securing them against unauthorized access [2]. Concurrently, the digital landscape began to present new challenges and threats. The growth of specialized IT S&P venues signals the field’s advancement, leading to a notable increase in scholarly papers. Initially, related work appeared at general computing conferences [2]. The establishment of specialized platforms, such as the IEEE Symposium on Security and Privacy (IEEE S&P) in 1980 and the Annual Computer Security Applications Conference (ACSAC) in 1985, signified a pivotal change in the field. The continual growth of specialized venues, such as the USENIX Security Symposium and the Network and Distributed System Security Symposium (NDSS), has facilitated this diversification, allowing researchers to delve deeper into the nuances of emerging threats, reflecting the field’s dynamic nature.
In this work, we utilize a novel approach by combining the the-oretical framing of Latour’s actor–network theory (ANT) [3] and Bourdieu’s field theory [4] to assess the S&P research community along three dimensions: (1) cultural capital (i.e. research topics and published papers) (2) symbolic capital (i.e. citation counts), and (3) social capital (i.e. collaboration in the community). This scientometric and metascientific (science-of-science) study contributes to understanding the S&P research landscape and provides insights into collaboration patterns. The objective of this pa- per is to examine the evolution of the community from its origins as a niche topic to its current status as a specialized and rapidly expanding field. For this purpose, we examine the growth and evolution of IT S&P research since 1980. Our empirical observation is based on a large-scale analysis of 13k papers from the 11 most relevant S&P venues. We assign a topic to each paper using BERTopic [5] and use additional meta-information (e.g. authors, venues, and citation counts) to perform an in-depth analysis of the S&P research community. With our study, we aim to provide an in-depth overview of the evolution and current state of the S&P research community. Thus, we do not aim to identify governance failures or epistemic blind spots, nor to provide normative directions for the S&P community. On the contrary, this work is a starting point for future science-of-science work in the S&P arena to analyze, for example, why gender imbalances persist in the community or how funding bodies can impact innovation in this field.
The main contributions of this paper are:

Taxonomy of S&P research topics: We build a taxonomy of research topics in the S&P community (i.e. cultural capital). Based on the taxonomy, we present an overview of the evolution of these topics within the community from a mere handful to over 100 over the past four decades, reflecting the expanding scope and complexity of S&P challenges.
Revelation of citation factors: We provide an overview of the factors that impact citation counts (i.e. symbolic capital). Our analysis indicates that key factors, including publication in A∗ venues, the number of coauthors, and engagement with popular or emerging topics, significantly impact citation counts. In contrast, broader topic diversification negatively affects these counts.
Insight into the collaboration in the community: We provide an overview of the evolution of gender diversity and collaboration networks in the community (i.e. social capital). The findings reveal that the S&P community has been, and remains, male-dominated, with little change over time. Furthermore, we shed light on career longevity patterns and topic migration trends.

…

kostenlos downloaden