Computer Security and Data Protection

Short Description:
This course introduces the fundamental principles of information security, emphasizing the concepts of Confidentiality, Integrity, and Availability (CIA). It covers cryptographic techniques, secure communications, access control mechanisms, and password management. Cyber threats and malware are analyzed, along with countermeasures such as antivirus systems, firewalls, and IDS/IPS technologies. Students perform security log analysis and system hardening exercises while developing skills in risk assessment, cybersecurity strategy implementation, and the use of modern tools for protecting information infrastructures.

Objectives - Learning Outcomes:
Upon successful completion of the course, students will: Understand the core principles of information security and data protection, as well as key cyber threats. Apply cryptographic techniques, access control policies, and secure communication measures to ensure data confidentiality, integrity, and availability. Analyze security incidents using log data and implement appropriate countermeasures such as firewalls, antivirus tools, and IDS/IPS systems. Develop skills in risk assessment, vulnerability detection, and the design of cybersecurity strategies. Strengthen the protection of information infrastructures through practical and real-world applications.

Syllabus:

• Introduction to Computer Security and Data Protection: Overview of basic concepts and principles of computer security. Analysis of threats and attacks on information systems and protection strategies. Application of the CIA model (Confidentiality, Integrity, Availability) for security policy development. Historical examples and regulatory frameworks are also presented.
• Cryptography and Encryption Algorithms: Study of symmetric and asymmetric cryptography techniques. Explanation of hash functions for data integrity protection. Introduction to digital certificates, digital signatures, and the SSL/TLS protocol, along with practical examples of their implementation.
• Secure Communications: Application of SSL/TLS and HTTPS protocols for secure data transmission. Study of VPN and IPSec technologies for securing remote connections. Analysis of man-in-the-middle attacks and related mitigation techniques.
• Access Control and Permissions: Presentation of DAC, MAC, and RBAC models and their implementation in systems. Study of identity management, privilege minimization, and access control policies for enhanced system security.
• Password Security: Best practices for password creation, storage, and protection. Examination of brute-force and dictionary attacks and application of password defense strategies through laboratory exercises.
• Fundamentals of Software Security and Vulnerability Detection: Principles of secure programming and analysis of common vulnerabilities such as buffer overflow, SQL injection, and cross-site scripting (XSS). Use of vulnerability detection tools and prevention techniques.
• Countermeasures: Study of countermeasures, including antivirus software, firewalls, and IDS/IPS systems. Analysis of their operation and implementation of defense strategies against DDoS and related attacks.
• Malware: Classification of malware types (viruses, trojans, ransomware, spyware). Study of their propagation mechanisms and methods for detection, mitigation, and system recovery.
• Threat Profiles and Attacks: Analysis of threat profiles and attacks such as Advanced Persistent Threats (APT), phishing, and insider threats. Introduction to the Cyber Kill Chain model for understanding attack phases and designing prevention and detection strategies.
• Log Analysis: The importance of log data in identifying suspicious activities. Techniques for log analysis, storage, and management according to compliance and regulatory standards.
• System Security: System hardening strategies and patch management techniques. Continuous monitoring and adaptive protection measures aligned with organizational cybersecurity needs.

Suggested Bibliography:

• Information Systems Security, K. Katsikas, D. Gritzalis, S. Gritzalis, Neon Technologies, 2004.
• Principles of Network Security, W. Stallings, M. Sipser, Klidarithmos, 2009. Relevant Scientific Journals:
• IEEE Transactions on Information Forensics and Security
• IEEE Transactions on Dependable and Secure Computing
• Proceedings on Privacy Enhancing Technologies
• Journal of Internet Services and Applications (Springer)
• International Journal of Information Security (Springer)
• Journal of Network and Systems Management (Springer)
• IEEE Security & Privacy
• Computers & Security (Elsevier)
• Taylor & Francis Information and Computer Security
• Emerald International Journal of Information Security

Teaching Methods:
The course combines lectures presenting the fundamental concepts and standards of digital forensics and threat analysis with laboratory exercises conducted in virtual environments using specialized tools. Simulated cyberattack scenarios and a final project or exam enable students to integrate theoretical knowledge with practical cybersecurity skills.

New Technologies:
Digital platforms are used for course management, material distribution, assignment submission, and communication. Laboratory activities take place in virtual environments employing open-source software and specialized analysis tools.

Evaluation Methods:
30% – Coursework (Individual or Group Project): Evaluates analytical ability, tool application, and result presentation. 70% – Written Examination: Assesses theoretical understanding, critical thinking, and problem-solving abilities. This structure ensures a balanced evaluation of both theoretical knowledge and applied cybersecurity competence.