Specializations

IT Security (MSc minor specialization in the Computer Science program)

The IT Security minor specialization introduces the main security problems of IT systems and the approaches, methods, and tools used to solve those problems. We put the emphasis on practical applications, while students also get familiar with the security analysis techniques and design principles through the analysis of different security solutions. Those who complete the IT Security minor specialization are able to identify security problems in practical IT systems, analyze and understand such problems, and design and develop appropriate security solutions. The students also learn when and how to apply cryptography to practical security problems.

The IT Security minor specialization consists of three courses (Cryptographic Protocols, Computer Security, and Network Security) and an IT Security Lab. We also supervise student semester and diploma projects.

Courses

IT Security (VIHIAC01)

This BSc course gives an overview of the different areas of IT security with the aim of increasing the security awareness of computer science students and shaping their attitude towards designing and using secure computing systems. The course prepares BSc students for security challenges that they may encounter during their professional carrier, and at the same time, it provides a basis for those students who want to continue their studies at MSc level (taking, for instance, our IT Security minor specialization). We put special emphasis on software security and the practical aspects of developing secure programs.

Topics: IT security in practice; user authentication and access control basics; basic memory corruption attacks; secure programing methods and security testing of software; malware and malware detection; browser and web security; mobile and cloud security; network security, firewalls, and IDS systems; introduction to cryptography; cryptographic protocols; privacy protection; risk analysis and economics of security.

IT Security (in English) (VIHIAC01)

This BSc course gives an overview of the different areas of IT security with the aim of increasing the security awareness of computer science students and shaping their attitude towards designing and using secure computing systems. The course prepares BSc students for security challenges that they may encounter during their professional carrier, and at the same time, it provides a basis for those students who want to continue their studies at MSc level (taking, for instance, our IT Security minor specialization). We put special emphasis on software security and the practical aspects of developing secure programs.

Topics: IT security in practice; user authentication and access control basics; basic memory corruption attacks; secure programing methods and security testing of software; malware and malware detection; browser and web security; mobile and cloud security; network security, firewalls, and IDS systems; introduction to cryptography; cryptographic protocols; privacy protection; risk analysis and economics of security.

IT Security Bootcamp (VIHIAL00)

This BSc course introduces problems related to general IT security.

Topics: IT security in practice; web security, memory corruption, reverse engineering, practical cryptography

Computernetzwerke (in German) (VIHIAB01)

Das Ziel des Kurses ist einen umfassenden Überblick über die Design-Prinzipien von Computernetzwerke und die Protokolle, die die heutige Internet-Kommunikation ermöglichen. Wir analysieren die wichtigsten Komponenten des TCP/IP Protokoll-Stack und wir diskutieren weit verbreiteten Internet-Anwendungen. Das Kurssyllabus enthält zusätzliche wichtige Themen wie Multimedia-Kommunikation und Sicherheit.

Topics: Internet structure, purpose, basic ideas; protocol layers and reference model; web, HTTP and other applications; email; domain - name system; transport protocols, congestion control; datagrams; packet forwarding, Internet Protocol; routing; medium access control (MAC) principles and protocols; Ethernet; wireless networks, Wifi and cellular networks; security of applications, SSL and IPSec; multimedia communication.

In the past

  • Information Security (VIHIM100 and VIHIM102)
  • Security Protocols (VIHIM132)
  • Cryptography and its Applications (VIHIM133)
  • Foundations of Secure Electronic Commerce (VIHIM219)
  • Network Security in Practice (VIHIM327)
  • Security labs (VIHIM220 and VIHIM305)
  • Economics of Security and Privacy (VIHIAV15)

Semester and diploma projects

We offer semester and diploma projects that are related to the research activities in the lab, or proposed by our industrial partners, therefore, they provide the opportunity for the students to join our research and development projects, or collaborate with our industrial partners.

If you are a student interested in any of our current project proposals, please, get in touch with the given contact person of the project before officially applying. The contact person will let you know the necessary steps for taking the project officially.

Talent management

We pay special attention to attract and work with students interested in IT security. To discover talented students, we organize the annual CrySyS Security Challenge, which is a hacking contest with exciting problems to solve. For students, the Sec Challenge provides a platform for "learning by doing"; for us, it is a vehicle to discover students talented in hacking.

Those who achieve an outstanding result in the Sec Challenge are invited to join the CrySyS Student Core, which is an invite-only group of exceptionally talented people who proved their ability to solve security problems in a wide range of setups. Core members meet once a week to expand their knowledge by discussing specific topics in system and network security, to prepare for CTF competitions, to socialize, and in general, to have fun by spending time with other geeks of similar interest.

To help students preparing for the Sec Challenge and bootstrapping their IT security activity, we organize an IT Security Bootcamp. Interested in joining and becoming part of a live community? Contact Gábor Pék, CrySyS Student Core leader, or Levente Buttyán, head of the CrySyS Lab.

Members of the CrySyS Student Core formed the !SpamAndHex CTF team to participate at international hacking competitions. However, the team welcomes non-Core members as well. If you are a student, then this can be a great way to learn from Core members, improve your hacking skills, prove your talent, and ultimately, get invited to the CrySyS Student Core. Interested in joining the !SpamAndHex team? Contact Gábor Pék, CrySyS Student Core leader.

Avatao platform

Avatao is an online e-learning platform offering IT security challenges for everyone interested in improving their skills in computer security, web security, applied cryptography, and many more sub-domains of IT security. The development of the platform was started in the CrySyS Lab before it was spun off into a standalone company. However, we continue to use the Avatao platform in our teaching as the infrastructure for the CrySyS Security Challenge, as well as for course homeworks and lab exercises. If you are interested in avatao, please contact Mark Felegyhazi or Gabor Pek.