Network and Communications Security

The course offers a practice-oriented education in network and application security. Topics include analysis of and attacks against TCP/IP protocols, ARP/DNS/TCP attacks, DDoS, replay attacks and BGP hijacking. The syllabus covers operational cryptography topics (TLS/PKI, digital certificates), security of wireless and mobile networks, and security for cloud-native environments and containers. Detection techniques—including firewall-based defenses—and the use of artificial intelligence for network anomaly and attack detection are examined. Additionally, the course addresses contemporary network-security topics such as blockchain and quantum cryptography, and covers attacks on machine-learning models, e.g. dataset-poisoning.

Upon successful completion of the course, students will be able to analyze and assess the security of TCP/IP protocols and related attacks (ARP, DNS, TCP, DDoS, replay attacks, BGP hijacking), identify and mitigate vulnerabilities in wireless, mobile, cloud-native and containerized environments, and apply operational cryptographic practices (TLS/PKI, digital certificate management). They will also design and configure defensive measures (firewalls, network segmentation, VPNs), employ packet- and flow-analysis tools and AI techniques for anomaly detection, evaluate attacks against machine-learning models (e.g., dataset poisoning), and critically assess emerging technologies—such as blockchain and quantum technologies—and their implications for network security.

The course provides a systematic, practice-oriented treatment of network and application security, beginning with the setup of an isolated lab and core tools (Wireshark, Scapy) and progressing to analysis of and attacks against TCP/IP protocols (packet crafting, fragmentation), local-network attacks (ARP/MITM), TCP-level attacks (SYN flood, session hijacking), malicious DNS uses (cache poisoning, tunneling) and DDoS techniques. The syllabus also covers cryptography topics (TLS/PKI, digital certificates), wireless and mobile network security, and cloud-native/container security, while teaching detection and defense techniques (firewalls, packet/flow analysis) and the use of artificial intelligence for anomaly detection.

1. Γκρίτζαλης Σ. & Κάτσικας Σ. & Γκρίτζαλης Δ. (2003): Ασφάλεια Δικτύων Υπολογιστών: Τεχνολογίες και Υπηρεσίες σε Περιβάλλοντα Ηλεκτρονικού Επιχειρείν και Ηλεκτρονικής Διακυβέρνησης, Εκδόσεις Παπασωτηρίου.
2. William Stallings (2016), Network Security Essentials: Applications and Standards, 6th Edition

• Lecture + Theory (seminars)
• Laboratory exercises (hands-on labs)
• Capture the Flag exercises (CTF)

A set of tools and software stack will be utilized such as:

-Virtualization (virtualbox)

-Seed Labs

-Kali Linux

Written exam or individual assignment