Curriculum
● Detect the weaknesses and security and privacy vulnerabilities of digital environments, systems and services, which either by accident or on purpose (if exploited by malicious persons) may lead to cyber incidents, resulting in either data leakage or the collapse – malfunctioning of systems and services.
● Document the security and privacy requirements of digital environments, systems and services according to their operating model, international standards, as well as the international regulatory and legal framework.
● Have the ability to interpret, analyse and inform the public and professionals/scientists in other fields on cybersecurity and privacy issues.
● They can make a substantial contribution to the advancement of science, technology, the economy, the security of their society and their country
● Design, analyze, implement and apply cybersecurity and privacy processes and solutions in digital environments, systems and services.
● Calculate, manage and reduce the cybersecurity risk to which digital environments, systems and services are exposed.
● Confront and manage, dynamically, cyber incidents in order to reduce their impact and consequences.
● Understand the scientific, technological and economic developments related to or affecting the field of cybersecurity and privacy, and be able to intervene where necessary to achieve the tasks assigned to them.
● Ηave the capacity to conduct high-level research in the field of security and privacy.
Network Security (ΨΣ-ΚΑΦ-825)
The course focuses on wired networks based on Internet technology for computer communication and the provision of Internet services. It presents, analyses and evaluates the security requirements (from the users’ and networks’ point of view), the technologies, mechanisms, techniques and security protocols that protect the operation of the networks and the services provided, as well as the attacks that threaten these systems. Finally, it identifies the open issues in the area that are the subject of research.
Upon completion of the relevant lectures, students are expected to be able to:
– Define the security requirements of a network system.
– Analyze the potential threats/risks that may affect the operation, effectiveness, efficiency and privacy of a network system.
– Design security mechanisms and protocols that meet well-defined requirements and protect against specific threats.
– Evaluate the effectiveness and efficiency of a network security architecture by identifying potential weaknesses and limitations.
– Be aware of current research trends and assess the impact they may have on the field in the coming years.
Bibliography
– Willam , Stallings. Cryptography and Network Security: Principles and Practice (Global Edition –).Pearson Education, 2022.
– Orzach, Yoram, and Deepanshu Khanna. Network Protocols for Security Professionals: Probe and identify network based vulnerabilities and safe guard against network protocol breaches. Packt Publishing Ltd, 2022.
– Perlman, Radia, Charlie Kaufman, and Mike Speciner. Network security: private communication in a public world. Pearson Education, 2016.
– Teacher’s notes.
Evaluation
Exercises, Presentations, Written Examination
Tutor: Professor Christos Xenakis
Course Website: https://lefkippos.ds.unipi.gr/courses/CYBERSEC-AI101/
Weekly Teaching Hours: 3
Credits: 8
Applied Cryptography and Cryptanalysis (ΨΣ-ΚΑΦ-828)
The course introduces students to the world of cryptography, providing a comprehensive introductory background in the art and science of this specialized field. It extensively covers the basic types of cryptographic mechanisms and protocols, presenting a variety of algorithms and analyzing them. In addition, it explains how the various encryption mechanisms are used in practice, and provides a detailed analysis of the relationship between implementation performance and security for different types of algorithms. In this way, it provides students with a strong foundation for understanding and evaluating cryptographic methods in the broader context of computing and telecommunications.
Upon completion of the relevant lectures, students are expected to be able to:
– Explain exactly the role and importance of cryptography.
– Identify the limits of cryptography.
– Understand the differences between different types of cryptographic mechanisms and critically compare their properties.
– Select the most appropriate encryption mechanism in terms of performance and meeting the specified security requirements.
– Be aware of current research trends and assess the impact they may have on the field in the coming years.
Bibliography
– K. M. Martin. Everyday Cryptography. Oxford University Press.
– J. Katz, Y. Lindell. Introduction to Modern Cryptography: Principles and Protocols. Chapman &Hall/CRC Cryptography and Network Security Series.
– A. Menezes, P. Van Oorschot and S. Vanstone. The Handbook of Applied Cryptography. CRC Press.
– Teacher’s notes.
Evaluation
Exercises, Presentation, Written Examination.
Tutors: Rev. Professor Panagiotis Rysomyliotis, Professor Nikitas Marinos Sgouros
Course Website: https://lefkippos.ds.unipi.gr/courses/CYBERSEC-AI104/
Weekly Teaching Hours: 3
Credits: 7
Penetration Testing and Ethical Hacking (ΨΣ-ΚΑΦ-826)
The course provides practical experience on conducting security assessments and exploiting software vulnerabilities. Students will learn how to perform security assessments on information systems, using information gathering techniques to identify and enumerate targets that various operating systems and services have. Students will also practice laboratory exercises to gain hands-on experience using automated tools such as Metasploit and manually analyzing, correcting and modifying vulnerability exploitation code.
Upon completion of the relevant lectures, students are expected to be able to:
– Understand the assessment methodology and conduct a security assessment in depth and breadth (e.g. in web applications).
– Have an understanding of hacking techniques, experience with various open source hacking tools (e.g., Nmap, Metasploit) and be able to create their own tools.
– Understand the concept of memory overflow.
– Understand various vulnerabilities in the C/C++ programming language
– Understand the concept of shellcodes and remote code execution and write shellcodes.
– They analyze and evaluate source code to find vulnerabilities and exploit them.
Bibliography
– Hickey, Matthew, and Jennifer Arcuri. Hands on Hacking: Become an Expert at Next Gen Penetration Testing and Purple Teaming.
– John Wiley & Sons, 2020. Wiley Jon Erickson (2008): Hacking, The Art of Exploitation, 2nd Edition. No Starch Press.Course Notes.
– Hoffman, Andrew. Web Application security: exploitation and countermeasures for modern web applications. O’Reilly Media, 2020.
– Rahalkar, Sagar. Metasploit 5.0 for Beginners: Perform penetration testing to secure your IT environment against threats and vulnerabilities. Packt Publishing Ltd, 2020
– Teacher’s notes.
Evaluation
Laboratory Exercise, Multiple Choice Examination, Written Assignment.
Tutors: Assistant Professor Christoforos Dantoyan, Dr Evangelos Dragonas
Course Website: https://lefkippos.ds.unipi.gr/courses/CYBERSEC-AI102/
Weekly Teaching Hours: 3
Credits: 8
Information Security Management (ΨΣ-ΚΑΦ-827)
This course examines the terminology and principles of Information and Communication Systems Security. It explores the need for and scientific basis of ‘Risk Analysis’, focusing on best practices for Risk Management and identifying appropriate security measures. A detailed presentation of the CRAMM Risk Analysis and Risk Management Methodology is provided. The curriculum covers Identification and Certification mechanisms, Access Control mechanisms, principles, alternative approaches and required features of Security Policies.
Upon completion of the relevant lectures, students are expected to be able to:
– To understand in detail the basic concepts of the scientific area of “Information and Communication Systems Security”.
– Apply a Risk Analysis and Management methodology.
– Understand the structure and objectives of an organization’s Security Policy.
– Understand the mechanisms of identification, authentication and access control.
– Evaluate the usability of a security product.
– Assess the consequences of the risks they face in cyberspace.
Bibliography
– “Ασφάλεια Πληροφοριών και Συστημάτων στον Κυβερνο-χώρο”, Στέφανος Γκρίτζαλης Σωκράτης Κάτσικας Κωνστα-ντίνος Λαμπρινουδάκης, Εκδόσεις Νέων Τεχνολογιών, ISBN: 978-960-578-064-7, 2021
– Michael E. Whitman, Herbert J. Mattord, Management of Information Security, 6th edition, Cengage Learning, 2018
– Λαμπρινουδάκης Κ. & Μήτρου Λ. & Γκρίτζαλης Σ. & Κάτσι-κας Σ. (2009): Προστασία της Ιδιωτικότητας και Τεχνολο-γίες Πληροφορικής και Επικοινωνιών: Τεχνικά και Νομικά Θέματα, Εκδόσεις Παπασωτηρίου.
– Scientific publications, notes and/or books.
Evaluation
Exercises, Oral Examination.
Tutors: Professor Konstantinos Lambrinoudakis, Professor Stefanos Gritzalis
Course Website: https://lefkippos.ds.unipi.gr/courses/CYBERSEC-AI103/
Weekly Teaching Hours: 3
Credits: 7
Wireless and Mobile Networks Security (ΨΣ-ΚΑΦ-816)
The course provides a comprehensive exploration of mobile and wireless security, covering topics such as mobile internet security, security requirements and related challenges. It focuses on the security of Wireless Local Area Networks (WLANs), examining their security measures, major vulnerabilities, and potential attacks. The curriculum includes a detailed study of the IEEE 802.11i security standard, covering its key security mechanisms and services. The course also addresses security issues in wireless unorganized networks, including ad hoc networks and the Internet of Things (IoT). In addition, the course examines the security features of popular mobile operating systems.
Upon completion of the relevant lectures, students are expected to be able to:
– Define the security requirements of a wireless/mobile network system.
– Analyze the potential threats/risks that may affect the operation, effectiveness, efficiency and privacy of a wireless network system.
– Design security mechanisms and protocols that meet well-defined requirements and protect against specific threats.
– Evaluate the effectiveness and efficiency of a wireless network security architecture by identifying potential weaknesses and limitations.
Bibliography
– Jim Doherty, Wireless and Mobile Device Security, 2nd Edition, Jones & Bartlett Learning, April 2021
– Sabhyata Soni, 5G Cyber Risks and Mitigation 1st Edition, CRC Press, April 2023
– Teacher’s notes.
Evaluation
Exercises, Presentations, Written Examination
Tutor: Professor Christos Xenakis
Course Website: https://lefkippos.ds.unipi.gr/courses/CYBERSEC-AI105/
Weekly Teaching Hours: 3
Credits: 8
Cyberdefense and Digital Forensics(ΨΣ-ΚΑΦ-830)
The course “Cyberdefence and Digital Forensics” introduces and analyses the most basic mechanisms for detecting and recognising attacks. Students will practice managing intrusions and responding to attacks in an effective and timely manner. This course examines defensive cybersecurity that allows students upon successful completion to be able to protect information systems and manage security incidents under real-world conditions.
Upon completion of the relevant lectures, students are expected to be able to:
– Test software security with automated tools and manually.
– Understand architectures for Security Information and Event Management (SIEM) systems.
– Install and deploy SIEM.
– Design and implement intrusion indicators and signatures for intrusion detection systems.
– Understand the ATT&CK framework and how it applies to threat detection.
– Study network traffic for findings.
– Understand the basic theory and techniques of malware and conduct static and dynamic analysis.
– Implement strategies for incident reporting (Incident Response playbooks).
– To study advanced digital forensics topics in Internet of Things and Nefutomatics technologies.
– Investigate attack scenarios and intercept cyber-attacks to recover the information system.
Bibliography
– Joshua Picolet, Operator Handbook: Red Team + OSINT + Blue Team Reference (2020), Inde-pendently published
– Kohnfelder, Loren. Designing Secure Software (2021): A Guide for Developers. No Starch.
– Teacher’s notes.
Evaluation
Laboratory Exercise, Multiple Choice Examination, Written Work.
Tutors: Assistant Professor Christoforos Dantoyan, Dr Evangelos Dragonas
Course Website: https://lefkippos.ds.unipi.gr/courses/CYBERSEC-AI106/
Weekly Teaching Hours: 3
Credits: 8
Legal Framework of Security and Privacy (ΨΣ-ΚΑΦ-832)
The course provides an introduction to Information Society Law, covering the context, the basic concepts, principles and the main institutions that shape the legal framework. It examines the critical aspects of security, confidentiality/secrecy, privacy and data protection, exploring the legal dimensions of information and systems security. The curriculum offers a global examination of Data Protection Law within the European and National Regulatory Framework, highlighting Privacy Enhancing Technologies, Privacy Design and Privacy by Design Principles.
Upon completion of the relevant lectures, students are expected to be able to:
– Gain an overview of the legal issues raised in relation to IPs and their applications.
– Gain knowledge of the key regulatory rules and principles that make up the regulatory framework.
– Identify the key legal issues related to the security of an information system in order to seek applications and solutions that comply with the regulatory framework.
– To integrate the knowledge gained from the core of their ICT studies in a broader social, economic and institutional context in order to acquire a global view of the issues they are called upon to address.
Bibliography
– Μήτρου Λ ., Πισκοπάνη Α Μ ., Τάσσης Σ ., Καρύδα Μ. Κοκολάκης Σ ., Facebook, Blogs και Δικαιώματα (2013)
– Λαμπρινουδάκης Κ . & Μήτρου Λ . & Γκρίτζαλης Σ . & Κάτσικας Σ . (2010): Προστασία της Ιδιωτικότητας και Τεχνολογίες Πληροφορικής και Επικοινωνιών : Τεχνικά και Νομικά Θέματα
– Μήτρου Λ . (2004): Προστασία Προσωπικών Δεδομένων σε Σ . Κάτσικας Δ Γκρίτζαλης Σ . Γκρίτζαλης επιμ .), «Ασ φάλεια Πληροφοριακών Συστημάτων»
– Συνοδινού Ε Τ , Πνευματική Ιδιοκτησία και Νέες Τεχνολογίες (2008)
– Καλλινίκου Δ . (2005): Προστασία της πνευματικής ιδιοκτησίας στο Διαδίκτυο
– Καράκωστας Ι . (2003): Δίκαιο και Internet.
– Μανιάτης Α . (2010): Δίκαιο Πληροφορικής και Τηλεπικοινωνιών
– Μήτρου Λ . (2002): Το δίκαιο στην Κοινωνία της Πληροφορίας
– Παπαχρίστου Θ ., Βιδάλης Τ ., Μήτρου Λ ., Τάκης , Α .(2006): Το δικαίωμα συμμετοχής στην Κοινωνία τηςΠληροφορίας
– Teacher’s notes.
Evaluation
Written work, Presentations
Tutors: Professor Lillian Mitrou, Professor Konstantinos Lambrinoudakis, Professor Stefanos Gritzalis
Course Website: https://lefkippos.ds.unipi.gr/courses/CYBERSEC-AI108/
Weekly Teaching Hours: 3
Credits: 6,5
Advanced Cybersecurity Topics and Artificial Ιntelligence (ΨΣ-ΚΑΦ-831)
This course provides an extensive introduction to cloud computing and security, focusing on Docker and Kubernetes technologies for building and managing applications in container environments. It includes an analysis of Docker and Kubernetes security, and extends its scope to cybersecurity, with modules on Active Directory attacks. Students explore training methodologies in artificial intelligence and model implementation. In addition, applications of artificial intelligence in cybersecurity are examined. The course concludes with an analysis of blockchain and smart contracts, examining techniques for attacking them. It offers a balanced approach between theoretical concepts and practical experience, preparing students for challenges in cybersecurity.
Upon completion of the relevant lectures, students are expected to be able to:
– Understanding of Cloud computing security principles.
– Gain knowledge of virtualization technologies and their security.
– Understanding how AI can be applied to the detection of malicious activities (e.g., malware, network attacks).
– Identify weaknesses in AI models and enhance their resilience.
– Active Directory Security Management.
– Understanding Active Directory attacks and responding to them.
– Understanding the operation of blockchain technology.
– Implementation of smart contracts and their corresponding security (attacks and protection on smart contracts).
Bibliography
– Chris Dotson (2019), Practical Cloud Security: A Guide for secure Design and Deployment
– Liz Rice (2020), Container Security: Fundamental Technology Concepts that Protect Containerized Applications
– Muhammad Nafees (2022), AD Attack Vectors: Top Active Directory Vulnerabilities
– Fei Hu, Xiali Hei (2023), AI, Machine Learnin g and Deep Learning: A Security Perspective
– Reza Montasari (2022), Artificial Intelligence and National Security
– Rajneesh Gupta (2018), Hands On Cybersecurity with Blockchain
– Hasan YILDIZ, Solididty Academy (2023), Smart Contract Security Fundamentals, Vulnerabilities and Best Practices
– Teacher’s notes.
Evaluation
Exercises, Written Examination.
Tutors: Professor Christos Xenakis, Dr. Apostolos Zarras, Professor Georgios Vouros
Course Website: https://lefkippos.ds.unipi.gr/courses/CYBERSEC-AI107/
Weekly Teaching Hours: 3
Credits: 7,5
Thesis (ΨΣ-ΚΑΦ-888)
In the third semester of the programme, a postgraduate thesis (30 ECTS) is foreseen. The candidate submits an application form, in which the proposed title of the thesis and the proposed supervisor are indicated. The Coordinating Committee recommends to the Assembly the three-member examination committee and the supervisor. The Assembly shall set up the three-member examination committee for the approval of the thesis and appoint the supervisor.
The language of the postgraduate thesis may be in Greek or in English.
The postgraduate theses, if approved by the examination committee, are posted by the student himself/herself in the Institutional Repository DIONI of the University of Piraeus Library.
Evaluation
Presentation
Tutors: Teachers of the MSc
Course Website: https://lefkippos.ds.unipi.gr/courses/CYBERSEC-AI109/
Weekly Teaching Hours: –
Credits: 30