• Introduction to Computer Network Security: Terminology, Threats, Vulnerabilities, Countermeasures, Assurance.
• PKI Technologies and Services.
• OSI/ISO Network Security Architecture: Security Services, Security Mechanisms, Security Management. Internet Model
• Security Architecture: Network layer security, Internet layer Security, Transport layer Security, Application layer Security.
• Firewalls: Capabilities and Limitations, Design issues, Firewalls Architectures, Network level Firewalls, Application level Firewalls, Hybrid Firewalls.
• Distributed Authentication Systems: Kerberos.
• Intorduction to Intrusion Detection Systems.
• Privacy Enhancing Technologies: Censhorship on the Web. Secure Electronic Payment Systems. Security Services and Products Assurance and Evaluation.

This course provides a broad-spectrum introduction to the fundamental principles of network security and privacy enhancing technologies. The structure of this course follows the OSI/ISO architecture of network security and more specifically that of the TCP/IP model.The main learning objectives of the course are as follows:

• To provide a deep understanding of network security and its changing nature.
• To explain and demonstrate how network security is perceived and carried out.
• To analyze the various categories of threats, vulnerabilities, countermeasures and repelling strategies
• To conceptualize the challenges of network security.
• To familiarize the students with the basic terminology and technologies of data privacy in networking environment and examine typical anonymity networks (Tor, I2P), applications, and use-cases.

The aim of the laboratory projects is to provide students with the knowledge and skills necessary to design and support network security and privacy. The aforementioned objectives are met through course lectures, paper readings, and laboratory exercises.

Not required.

- Stallings W., Network Security Essentials: Applications and Standards, 6th Edition, 2016.
- Stallings W., Brown, L., Computer Security: Principles and Practice, 3rd edition, 2014.
- Gritzalis S., Katsikas S., Gritzalis D., Computer Network Security, Papasotiriou pubs, 2004 (in Greek).
- Lambrinoudakis K., Mitrou L., Gritzalis S.., Katsikas S., (Eds.), Privacy and Information and Communication Technologies: Technical and Legal Issues, Papasotiriou pubs, 2009 (in Greek).
- Stallings W., Network Security Essentials Applications and Standards, Prentice Hall, 2013.
- S.Furnell, S.Katsikas, J.Lopez, A.Patel (Eds.), Securing Information and Communication Systems, Artech House Pubs., 2008.
- Acquisti, A., Gritzalis, S., Lambrinoudakis, C., De Capitani di Vimercati, S. (Eds.), Digital Privacy: Theory, Technologies, and Practices, Auerbach - Taylor and Francis, 2007.
- Oppliger R., Internet & Intranet Security, Artech House, 2007.
- Stewart J. M., Network Security, Firewalls, and VPNs, Jones & Bartlett Learning, 2010.
- Davidoff S., Ham, J., Network Forensics: Tracking Hackers through Cyberspace, Prentice Hall, 2012.
- Anderson R. J., Security Engineering: A Guide to Building Dependable Distributed Systems, Wiley, 2008.
- Stallings W., Cryptography and Network Security: Principles and Practice, Prentice Hall, 2010.
- W. Stallings, L. Brown, Ασφάλεια Υπολογιστών: Αρχές και Πρακτικές, Έκδοση 3η Αμερικανική, ISBN 978-960-461-668-8, Εκδόσεις Κλειδάριθμος, 2016.
- Jon Erickson, Hacking: The Art of exploitation, 2nd edition, 2008.
- Edward Skoudis, Tom Liston, Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses, 2nd Ed., 2006.
- David Kennedy, Jim O'Gorman, Devon Kearns, Mati Aharoni, Metasploit: The Penetration Tester's Guide, 2011, ISBN: 978-1-59327-288-3.
- Michael Sikorski, Andrew Honig, Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software, 2012.
- Bill Blunden, The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System, 2012.
- P. Kim, The Hacker Playbook: Practical Guide to Penetration Testing, 2014, ISBN: 978-1494932633.
- D. Stuttard, M. Pinto, The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws, 2011, ISBN: 978-1118026472.
- N. Ferguson, Cryptography Engineering: Design Principles and Practical Applications, 2010, ISBN: 978-0470474242.
- Michal Zalewski, The Tangled Web: A Guide to Securing Modern Web Applications, 2011, ISBN: 978-1593273880.
- OWASP Testing Guide v4.
- Ben Clark, Rtfm: Red Team Field Manual, 2014, ISBN: 978-1494295509.
- PTES Technical Guidelines, http://www.pentest-standard.org/index.php/PTES_Technical_Guidelines.
- Georgia Weidman, Penetration Testing - A hands-on introduction to Hacking, 2014, ISBN: 978-1-59327-564-8.
- Colin McGinn, Mindfucking: A Critique of Mental Manipulation, 2014, ISBN: 978-1844651146.

- ACM Transactions on Privacy and Security.
- IEEE Transactions on Dependable and Secure Computing.
- IEEE Security and Privacy Magazine.
- Computers & Security, Elsevier.
- International Journal of Information Security, Springer.
- Security and Communication Networks, Wiley.
- IET Information Security, IET.
- Journal of Information Security and Applications, Elsevier.

Lectures, resolving exercises, Laboratory Exercises.

I. Written examination (45%) which includes:

- Multiple choice questions.
- Short-answer questions.

II. Laboratory examination (40%) which includes:

- Two or three projects.
- Oral examination.

III. Class presentation (15%).

 Face-to-face.