Assistant Professor
agazdag (at) crysys.hu
twitter: @AndrisGazdag
office: I.E. 419
tel: +36 1 463 2047
Andras Gazdag was born in 1990 in Budapest. He received his BSc degree in Computer Science in 2013 and his MSc degree in Computer Science Engineering in 2015 from the Budapest University of Technology and Economics (BME). During his B.Sc. studies, András took part in a German speaking education between 2009-2012 (Deutschsprachige Ingenieurausbildung, DIA). He received a DAAD scholarship to the Karlsruhe Institute of Technology (KIT) in 2011-2012. Since 2011 he has been working in the Laboratory of Cryptography and System Security (CrySyS), Department of Networked Systems and Services (HIT), BME under the supervision of Prof. Levente Buttyán. He has done research on security of mobile platforms focusing on Android malwares. Currently, his research interests are in embedded systems security (a.k.a. security for Internet of Things) and embedded systems forensics.
This BSc course gives an overview of the different areas of IT security with the aim of increasing the security awareness of computer science students and shaping their attitude towards designing and using secure computing systems. The course prepares BSc students for security challenges that they may encounter during their professional career, and at the same time, it provides a basis for those students who want to continue their studies at MSc level (taking, for instance, our IT Security minor specialization). We put special emphasis on software security and the practical aspects of developing secure programs.
This BSc course introduces problems related to general IT security. It focuses on offensive security to demonstrate the mindset of an attacker. This is good motivational first course for IT security enthusiasts.
This BProf course gives an overview of the different areas of IT security with the aim of increasing the security awareness of computer science students and shaping their attitude towards designing and using secure computing systems. The course also gives an introduction to source coding and channel coding.
The course introduces security problems in computing systems, as well as the principles, practical mechanisms, and tools used to solve them. The term computer is interpreted in a broad sense, and it includes personal computers, servers, mobile devices, and embedded computers. The course covers physical security and OS level security of computers, software security issues at the application level, secure programming, and the problem of malicious software (malware).
This laboratory extends and deepens the knowledge and skills obtained in the courses of the IT Security minor specialization by solving practical, hands-on exercises in real, or close-to-real environments.
This course gives an introduction into the security problems of computer networks, and it gives an overview of the possible solutions to those problems. It also covers issues related to secure operation of networks in practice, including modern tools and techniques used to ensure security. Students get theoretical knowledge and practical skills that form the basis of secure network operations.
This laboratory extends and deepens the knowledge and skills obtained in the Network Security in Practise and Computer Security in Practise courses by solving practical, hands-on exercises in real, or close-to-real environments.
This course fills an important gap in the education of software engineers, - namely developing secure software applications. During this course, students will learn the most common mistakes in software development and how attackers exploit those mistakes (offensive security). Then, students get to know how to mitigate attacks and write secure software applications.
Webes alkalmazások fejlesztése egy mindenhol előforduló probléma. Az internet elterjedése óta az alkalmazásfejlesztés folyamatosan tolódik el böngészőben futó alkalmazások irányába, a megoldás számtalan előnye miatt. Az érzékeny adatok kezelése is rövid idő alatt megjelent az ígények között, így a biztonság fontos kérdéssé vált.
A projekt során a feladat, a labor weboldalához újabb funkciók fejlesztése. A meglévő vagy újonnan elkészülő komponenseknek az eddigi megoldásokhoz kell illeszkednie, így a felhasznált technológiák kötöttek: frontend fejlesztés Angular alapon, backend fejlesztés python vagy nodejs segítségével. Az alkalmazásnak konténerizált környezetben kell működnie a fejlesztés során folyamatosan CI/CD módszereket és biztonsági tesztelést kell alkalmazni.
A projekt során a hallgató a webes komponensek fejlesztésében vehet részt, úgy mint:
Euro-CYBERSEC, Nice, France, 2021.
@conference {
author = {András Gazdag, György Lupták, Levente Buttyán},
title = {Correlation-based Anomaly Detection for the CAN Bus},
booktitle = {Euro-CYBERSEC, Nice, France},
year = {2021}
}
Proceedings of the 7th International Conference on Vehicle Technology and Intelligent Transport Systems, 2021.
@inproceedings {
author = {Irina Chiscop, András Gazdag, Joost Bosman, Gergely Biczók},
title = {Detecting Message Modification Attacks on the CAN Bus with Temporal Convolutional Networks},
booktitle = {Proceedings of the
7th International Conference on
Vehicle Technology and Intelligent Transport Systems},
year = {2021}
}
Proceedings of the 1st Conference on Information Technology and Data Science, 2020, pp. 115-130.
@inproceedings {
author = {András Gazdag, , Levente Buttyán},
title = {Development of a Man-in-the-Middle Attack Device for the CAN Bus},
booktitle = {Proceedings of the 1st Conference on Information Technology and Data Science},
year = {2020},
pages = {115-130}
}
International Workshop on Cyber Security for Intelligent Transportation Systems, Held in Conjunction with ESORICS 2018, Springer, 2018.
@inproceedings {
author = {András Gazdag, Dóra Neubrandt, Levente Buttyán, Zsolt Szalay},
title = {Detection of Injection Attacks in Compressed CAN Traffic Logs},
booktitle = {International Workshop on Cyber Security for Intelligent Transportation Systems, Held in Conjunction with ESORICS 2018},
publisher = {Springer},
year = {2018}
}
Vehicle and Automotive Engineering 2, Lecture Notes in Mechanical Engineering, University of Miskolc, Miskolc, Hungary, 2018.
@inproceedings {
author = {András Gazdag, Tamas Holczer, Levente Buttyán, Zsolt Szalay},
title = {Vehicular Can Traffic Based Microtracking for Accident Reconstruction},
booktitle = {Vehicle and Automotive Engineering 2, Lecture Notes in Mechanical Engineering},
publisher = {University of Miskolc, Miskolc, Hungary},
year = {2018}
}
IT-SECX 2017, 2017, FH St. Pölten.
@conference {
author = {András Gazdag},
title = {CAN compression based IDS},
booktitle = {IT-SECX 2017},
year = {2017},
publisher = {FH St. Pölten}
}
IEEE Conference on Software, Telecommunications and Computer Networks (SoftCom), IEEE, 2017.
@inproceedings {
author = {Zsolt Szalay, Levente Buttyán, András Gazdag},
title = {Efficient Lossless Compression of CAN Traffic Logs},
booktitle = {IEEE Conference on Software, Telecommunications and Computer Networks (SoftCom)},
publisher = {IEEE},
year = {2017}
}
Scientific Letters of the University of Zilina, 2017.
@article {
author = {András Gazdag, Levente Buttyán, Zsolt Szalay},
title = {Forensics aware lossless compression of CAN traffic logs},
journal = {Scientific Letters of the University of Zilina},
year = {2017}
}
34th International Colloquium on Advanced Manufacturing and Repairing Technologies in Vehicle Industry, 2017.
@inproceedings {
author = {Zsolt Szalay, Levente Buttyán, András Gazdag},
title = {Towards Efficient Compression of CAN Traffic Logs},
booktitle = {34th International Colloquium on Advanced Manufacturing and Repairing Technologies in Vehicle Industry},
year = {2017}
}
Proceedings of 16th European Conference on Cyber Warfare & Security, Academic conferences, 2016.
@inproceedings {
author = {András Gazdag, Tamas Holczer, Gyorgy Miru},
title = {Intrusion detection in Cyber Physical Systems Based on Process Modelling},
booktitle = {Proceedings of 16th European Conference on Cyber Warfare & Security},
publisher = {Academic conferences},
year = {2016}
}
Annual Scientific Conference of the Hungarian National Coordinating Center for Infocommunications (NIKK), Springer, 2014.
@inproceedings {
author = {Levente Buttyán, András Gazdag},
title = {Android Malware Analysis Based On Memory Forensics},
booktitle = {Annual Scientific Conference of the Hungarian National Coordinating Center for Infocommunications (NIKK)},
publisher = {Springer},
year = {2014}
}
Hacktivity 2014., 2014.
@conference {
author = {András Gazdag},
title = {Android Memory Forensics Hello Workshop},
booktitle = {Hacktivity 2014.},
year = {2014}
}