The 14^th ACM Conference on Data and Application Security and Privacy

In the 1970s, there was suppression of cryptography research. In the US, intimidating letters were sent to researchers. In the EU, confidentiality protection was removed from the scope of a collaborative project (that then was called the RIPE project, RACE Integrity Primitives Evaluation). At EU level, this was only settled in the late 1990s. Strict export restrictions, and sometimes also import and usage restrictions, were put in place; the Wassenaar arrangement (1996) formalized those. There was never an open war, but there were quite some skirmishes in the background.

Prof. Bart Preneel is a full professor at the KU Leuven, where he leads the renowned COSIC research group, which has 100 members. With an extensive academic career, he has held visiting professor positions at five universities across Europe. His primary areas of expertise encompass cryptography, cybersecurity, and privacy. Prof. Preneel has been invited speaker at more than 150 conferences in 50 countries. He received the prestigious RSA Award for Excellence in the Field of Mathematics (2014), the ESORICS Outstanding Research Award (2017) and the Kristian Beckman award from IFIP TC11 (2016). He has served as president of the IACR (International Association for Cryptologic Research) and he is a fellow and Director of the IACR. Bart Preneel frequently consults for industry and government about cybersecurity and privacy technologies. His commitment to innovation extends to his roles as a co-founder and Board Member of the start-up nextAuth, a Board Member of the scale-up Approach Belgium, and an Advisory Board Member for Tioga Capital Partners and Nym Technologies. Additionally, Professor Preneel has actively participated in cybersecurity policy discussions, and is offering his expertise as a member of the Advisory Group for the European Union Agency for Cybersecurity (ENISA).

Researchers have worked on the analysis, detection, and classification of malicious software since the first early viruses in the 1980s. After more than 40 years of academic research and thousands of papers published on this topic, what have we learned about malware? Which problems and questions have attracted the interest of researchers? And for which of those did we find some answers so far? In this talk, I will go through some of these past achievements (shamelessly using some of my research as an example) and discuss past findings as well as open questions for the future.

Davide Balzarotti is a full Professor and the head of the Digital Security Department at EURECOM. He received his Ph.D. from Politecnico di Milano in 2006 and his research interests include most aspects of software and system security and in particular the areas of binary and malware analysis, fuzzing and vulnerability discovery, computer forensics, and web security. Davide authored more than 100 publications in leading conferences and journals. He has been the Program Chair Usenix Security 2024, ACSAC 2017, RAID 2012, and Eurosec 2014. Davide received in an ERC Consolidator and an ERC PoC Grants for his research in the analysis of compromised systems. Davide is also member of the "Order of the Overflow" team, which organized the DEF CON CTF competition between 2018 and 2021.