Network Security



The main objective of this course is to study and analyse the security of computer networks. It focuses on wired networks based on the Internet technology for computer communication and the provision of networked services. The security requirements (from both users and network point of view), technologies, mechanisms and protocols that aim to safeguard the network and the provided services are presented, analysed and evaluated. Finally, the open research issues in this area are highlighted.

Upon completion of this course, the students will be able to:

  • Determine the security requirements of a networked system.
  • Analyse potential threats / risks that may affect the operation, effectiveness, efficiency and privacy of a networked system.
  • Design security mechanisms and protocols that meet well-defined requirements and protect against specific threats.
  • Evaluate the effectiveness and efficiency of a network security architecture identifying potential weaknesses and limitations.
  • Understand the current research trends and assess their impact in the forthcoming years.

Course Contents

  • Introduction to network security considering the security requirements as well as the attacks that aim at preventing the provided services. Description of the basic security services and mechanisms.
  • Fundamental network security tools. Confidentiality and conventional cryptography.
  • Asymmetric cryptography and the required public key infrastructure. Providing trust in networks and services.
  • Authentication services. Trust and reputation management for organizations and services.
  • Security mechanisms at the application level. Analysis of the Pretty Good Privacy.
  • Security mechanisms at the network level. Analysis of the IPsec.
  • Security mechanisms on the web. Analysis of the protocols SSL, SSH, SET, etc.
  • Protection against network attacks. Analysis, implementation and evaluation of security firewalls.
  • Presentation and analysis of malware (malicious software) that is found on the Internet.
  • Intrusion attacks and intrusion detection systems.
  • Denial of service attacks and countermeasures.
  • Attacks on Domain Name System (DNS) and Address Resolution Protocol (ARP)
  • Gritzalis S., Katsikas S., Gritzalis D., (2003): Network Security: Technologies and services in an environment of Electronic Business and Electronic Government, Publications Papassotiriou.
  • William Stallings, (2007): Network Security Essentials: Applications and Standards, 3 / E, Publisher: Prentice Hall.
  • Instructor Notes.