Dr. Gergely Biczók

Assistant Professor
e-mail: biczok (at) crysys.hu

web: www.crysys.hu/~biczok/
office: I.E. 430
tel: +36 1 463 2047
fax: +36 1 463 3263

Short Bio

Gergely is an assistant professor at the CrySyS Lab. He received the PhD (2010) and MSc (2003) degrees in Computer Science from the Budapest University of Technology and Economics. He was a postdoctoral fellow at the Norwegian University of Science and Technology from 2011 to 2014. He was a Fulbright Visiting Researcher to Northwestern University between 2007 and 2008. He also held a researcher position at Ericsson Research Hungary from 2003 to 2007.

Current Courses

IT Security (VIHIAC01)

This BSc course gives an overview of the different areas of IT security with the aim of increasing the security awareness of computer science students and shaping their attitude towards designing and using secure computing systems. The course prepares BSc students for security challenges that they may encounter during their professional carrier, and at the same time, it provides a basis for those students who want to continue their studies at MSc level (taking, for instance, our IT Security minor specialization). We put special emphasis on software security and the practical aspects of developing secure programs.

IT Security (in English) (VIHIAC01)

This BSc course gives an overview of the different areas of IT security with the aim of increasing the security awareness of computer science students and shaping their attitude towards designing and using secure computing systems. The course prepares BSc students for security challenges that they may encounter during their professional carrier, and at the same time, it provides a basis for those students who want to continue their studies at MSc level (taking, for instance, our IT Security minor specialization). We put special emphasis on software security and the practical aspects of developing secure programs.

Security and Privacy: an Economic Approach (in English) (VIHIAV34)

Information security is as much an economic problem as it is technical. Even given flawless cryptographic protocols and the availability of perfectly secure software, the misaligned economic incentives of different stakeholders in a system often result in a (very) sub-optimal security level. By guiding you through the jungle of asymmetric information, interdependent security, correlated risk and other concepts characteristic for system security, this elective course will enable you to make better decisions in risk management, security investment and policy design on a system level. Furthermore, the course touches upon the economic aspects of data privacy, an emerging area of interest for users and companies in the big data era.

Student Project Proposals

Interdependent privacy

Privacy concerns arise naturally along with sharing or releasing personal data. Due to logical connections among individuals (e.g., online social networks) and/or correlation between individuals' data stemming from similar personal (e.g., DNA) or behavioral traits (e.g., individual mobility), privacy breaches and data holder malpractice could potentially jeopardize the privacy of many who may not even be aware of the act of sharing and its impact; not to mention consenting to the sharing. We refer to this phenomenon as interdependent privacy [1].

Incentives in cybersecurity

As evidenced in the last 10-15 years, cybersecurity is not a purely technical discipline. Decision-makers, whether sitting at security providers (IT companies), security demanders (everyone using IT) or the security industry, are mostly driven by economic incentives. Understanding these incentives are vital for designing systems that are secure in real-life scenarios [1].