This course is delivered in the Computer Science BSc program in the 6th semester. The official syllabus is available on the faculty's web site. On this page, you will find operative information related to the course. Lecture slides are available in the Moodle system of the department.
This course gives an overview of the different areas of IT security with the aim of increasing the security awareness of computer science students and shaping their attitude towards designing and using computing systems. The course prepares BSc students for security challenges that they may encounter during their professional career, and at the same time, it provides a basis for those student who want to comtinue their studies at MSc level. We put special emphasis on software security and the practical aspects of developing secure programs.
1 homework assignment (consisting in multiple challenges) and 1 test.
P = T + H, where T is the points obtained on the test (min 20, max 50 points) and H is the points obtained for the
homework (min 20, max 50 points).
excellent (5): P >= 85 points;
good (4): P >= 70 points;
satisfactory (3): P >= 55 points;
pass (2): P >= 40 points;
fail (1): P < 40 points.
Megbeszélés szerint, az előadóval előre egyeztetett időpontban.
Please contact the lecturer to schedule an appointment.
|2019.02.07.||Introduction and motivations||Buttyán L.|
|2019.02.14.||History of cryptography||Buttyán L.|
|2019.02.21.||Cryptographic engineering||Buttyán L.|
|2019.02.28.||User authentication and access control basics||Buttyán L.|
|2019.03.07.||Memory corruption attacks and countermeasures||Gazdag A.|
|2019.03.14.||Secure software development||Futóné Papp D.|
|2019.03.21.||--- Spring Break ---|
|2019.03.28.||Web and browser security||Gazdag A.|
|2019.04.11.||Mobile and cloud security||Gazdag A., Ládi G.|
|2019.04.18.||Attacking networks (ethical hacking)||Bencsáth B.|
|2019.04.25.||Defending networks (firewalls, IDS, honeypots)||Bencsáth B.|
|2019.05.02.||Privacy issues and PETs||Ács G.|
|2019.05.09.||Economics of security and privacy||Biczók G.|
The homework assignment for the semester is available on the avatao.com platform.
You should use this platform to access the challenges of the assignment, submit your solution, or in case of some
challenges to launch the environment for the challenge. To be able to access and solve the challenges, you must have
received an invitation to the 'BME IT Security 2019' community, and now you should take the path 'BME IT Security
The path contains challenges that are related to the topics covered by the course. To fulfill the assignment, you should solve these challenges. We recommend that you first try to solve every challenge on your own, without any help. However, if you get stuck, you can look at the hints available for each challenge and read part of the solution, or the whole solution, if you wish. The platform reduces the points available for a challenge if you access the hints, but we will not take that into account for this project assignment. In other words, you can access the hints, read them, and solve the challenge with that help. We expect you to spend some time on this and don't ask your classmates for the solution, as you can read and understand it yourself. We also hope that some of you will take the challenges as real challenges and try to solve them without the hints. Remember that you can learn the most by DOING it, not just listening and reading about it.
Instead of the points given to you by the platform, we will track your activity: when you work on a challenge and how much time you spend with it. Every group of challenges on the path will have a deadline (see below), by which you should submit the solutions to those challenges if you want to get the max points for them. If you submit a solution after the deadline, you get only half of the points. If you don't submit any solution to a challenge, you don't get any points for that challenge. At the end, your homework assignment points will be calculated based on your performance of submitting solutions in time.
Introduction: February 28, 2019
Cryptography: March 7, 2019
User authentication and access control: March 14, 2019
Memory corruption attacks: March 28, 2019
Secure software development: April 4, 2019
Web security: April 11, 2019
Malware: April 18, 2019
Network security: May 2, 2019