IT Security (VIHIAC01)

This course is delivered in the Computer Science BSc program in the 6th semester. The official syllabus is available on the faculty's web site. On this page, you will find the most recent administartive information related to the course, as well as the lecture slides, the homework description, and links to some recommended further readings. This site is continuously updated!

Lecturers

Előadók

Célkitűzés

Objectives

This course gives an overview of the different areas of IT security with the aim of increasing the security awareness of computer science students and shaping their attitude towards designing and using computing systems. The course prepares BSc students for security challenges that they may encounter during their professional carrier, and at the same time, it provides a basis for those student who want to comtinue their studies at MSc level. We put special emphasis on software security and the practical aspects of developing secure programs.

Követelmények

Requirements

During the semester

1 project assignment and 1 test.

Calculation of the grade

S = T + P, where T is the points obtained on the test (min 20, max 50 points) and P is the points obtained for the project result (min 20, max 50 points). Grading: excellent (5): S >= 85 points; good (4): S >= 70 points; satisfactory (3): S >= 55 points; pass (2): S >= 40 points; fail (1): P < 40 points.

Órák ideje és helye

Time and location of classes

Előadás

Lecture

  • Wednesday, 10:15-13:00, IE.223

Gyakorlat

Practise

  • N/A,

Konzultáció

Megbeszélés szerint, az előadóval előre egyeztetett időpontban.

Office hours

Please contact the lecturer to schedule an appointment.

Előadások

Lectures

Dátum Téma Előadó Fóliák
Date Topic Lecturer Slides
2017.02.08. Introduction and motivations Buttyán L. slides
2017.02.15. Cryptographic primitives Buttyán L. slides
2017.02.22. Cryptographic protocols Buttyán L. slides
2017.03.01. User authentication and access control basics Buttyán L. slides
2017.03.08. Memory corruption attacks and countermeasures Buttyán L. slides
2017.03.15. Cancelled (National Holiday)
2017.03.22. Secure software development Papp D. slides
2017.03.29. Web and browser security Gazdag A. slides
2017.04.05. Mobile and cloud security Gazdag A., Buttyán L. slides and slides
2017.04.12. Attacking networks and ethical hacking Bencsáth B. slides
2017.04.19. Defending networks (firewalls, IDS, honeypots) Bencsáth B. slides
2017.04.26. Privacy issues and PETs Ács G. slides
2017.05.03. Malware Bencsáth B. slides
2017.05.10. Economics of security and privacy Biczók G. slides

Házi feladat

Homework

Project assignment

The project assignment for the semester is available on the avatao.com platform. You should use this platform to access the challenges of the assignment, submit your solution, or in case of some challenges to launch the environment for the challenge. To be able to access and solve the challenges, you should first register with the avatao.com platform, join the 'BME IT Security' community, and take the path 'IT Security Homework'.

The path contains challenges that are related to the topics covered by the course. To fulfill the project assignment, you should solve these challenges. We recommend that you first try to solve every challenge on your own, without any help. However, if you get stuck, you can look at the hints available for each challenge and read part of the solution, or the whole solution, if you wish. The platform reduces the points available for a challenge if you access the hints, but we will not take that into account for this project assignment. In other words, you can access the hints, read them, and solve the challenge with that help. We expect you to spend some time on this and don't ask your mates for the solution, as you can read and understand it yourself. We also hope that some of you will take the challenges as real challenges and try to solve them without the hints. Remember that you can learn the most by DOING it, not just listening and reading about it.

Instead of the points given to you by the platform, we will track your activity: when you work on a challenge and how much time you spend with it. Every group of challenges on the path will have a deadline (see below), by which you should submit the solutions to those challenges if you want to get the max points for them. If you submit a solution after the deadline, you get only half of the points. If you don't submit any solution to a challenge, you don't get any points for that challenge. At the end, you project assignment points will be calculated based on your performance of submitting solutions in time.

Deadlines

Határidő

Introduction and motivations, IT security in practice, Cryptographic primitives: March 5, 2017
Cryptographic protocols: March 12, 2017
User authentication and access control basics: March 19, 2017
Memory corruption attacks and countermeasures: March 26, 2017
Secure software development: April 2, 2017
Web and browser security: April 16, 2017
Attacking networks and ethical hacking: April 23, 2017
Malware: May 10, 2017

Results

Eredmények

Results

Számonkérés

Exam

  • Test 1: May 12, 2017, 14:15 - 16:00 - Results, Grades
  • Test 2: May 18, 2017, 10:15 - 12:00 - CrySyS Lab (I building: IE.429)

Kiegészítő források

Readings