Dorottya Papp

PhD student
e-mail: dpapp (at) crysys.hu

web: www.crysys.hu/~dpapp/
office: I.E. 429
tel: +36 1 463 2063
fax: +36 1 463 3263

Short Bio

Dorottya Papp was born in 1992 in Budapest. She received her BSc degree in Computer Science in 2014 and her MSc degree in Computer Science Engineering in 2016 from the Budapest University of Technology and Economics (BME). Since 2013 she has been working in the Laboratory of Cryptography and System Security (CrySyS), Department of Networked Systems and Services, Budapest University of Technology and Economics.

Current Courses

IT Security (VIHIAC01)

This BSc course gives an overview of the different areas of IT security with the aim of increasing the security awareness of computer science students and shaping their attitude towards designing and using secure computing systems. The course prepares BSc students for security challenges that they may encounter during their professional carrier, and at the same time, it provides a basis for those students who want to continue their studies at MSc level (taking, for instance, our IT Security minor specialization). We put special emphasis on software security and the practical aspects of developing secure programs.

IT Security (in English) (VIHIAC01)

This BSc course gives an overview of the different areas of IT security with the aim of increasing the security awareness of computer science students and shaping their attitude towards designing and using secure computing systems. The course prepares BSc students for security challenges that they may encounter during their professional carrier, and at the same time, it provides a basis for those students who want to continue their studies at MSc level (taking, for instance, our IT Security minor specialization). We put special emphasis on software security and the practical aspects of developing secure programs.

Computer Security (VIHIMA06)

The course introduces security problems in computing systems, as well as the principles, practical mechanisms, and tools used to solve them. The term computer is interpreted in a broad sense, and it includes personal computers, servers, mobile devices, and embedded computers. The course covers physical security and OS level security of computers, software security issues at the application level, secure programming, and the problem of malicious software (malware).

IT Security Laboratory (VIHIMB01)

This laboratory extends and deepens the knowledge and skills obtained in the courses of the IT Security minor specialization by solving practical, hands-on exercises in real, or close-to-real environments.

Secure Software Development (VIHIAV33)

This course fills an important gap in the education of software engineers, namely developing secure software applications. During this course, students will learn the most common mistakes in software development and how attackers exploit those mistakes (offensive security). Then, students get to know how to mitigate attacks and write secure software applications.

Student Project Proposals

Detecting Trigger-Based Behavior in C code

Trigger-based behavior is a hidden functionality in programs which is executed only when the program receives very specific inputs. The specific input (trigger) may be a password, the system date and time, and even the ports used for a successful portknocking can be thought of as a trigger. Symbolic execution of the source code is a promising method to automate detection, but it is resource-exhaustive. Current tools for symbolic execution require a human analyst to mark parts of the code for symbolic execution by manually instrumenting said source.