Information and Communication Systems Security (ICSS)

The Information and Communication Systems Security (ICSS) track focuses on the study of the latest technologies and methods for cybersecurity. Based on a modular program the students will be able to gain a deep knowledge of core cybersecurity topics including security governance, security architecture design, network security, software security, penetration testing, digital forensics and malware analysis. At the same time, the students will be able to focus on their personal scientific background and interests, through selective courses in special topics of security and privacy, but also to enrich their knowledge with topics related with system reliability and data science. The students have to successfully follow a number of courses that sums up to 30 ECTS per semester. During the 1st and 2nd semester, the track offers 4 obligatory courses and several selective courses on security, while the students may also select 1-2 courses from other tracks. The 3rd semester is devoted to the Diploma Thesis in a state-of-the-art topic in cybersecurity, supervised by one of the instructors of the track.

Track Courses:

First Semester:

Course Description:
Network and communication security includes security methods, techniques and tools utilized in the design, implementation and audit of a network security policy. The theoretical part of the course includes the analysis of security vulnerabilities in communication protocols for all the layers of the TCP/IP network stack and the definition of a network security policy. The practical part of the course includes the implementation of network security controls such as firewalls, intrusion detection/prevention (IDS/IPS) systems and virtual private networks. The main topics covered include:
• Introduction to Network Security
• Data-link layer security (Ethernet, ARP, WiFi)
• Network layer security (IP, IPSec)
• Transport layer security (SSL/TLS)
• Designing Network Security Policies
• Cross-layer network security mechanisms (firewalls, Intrusion Detection Systems)
• Application-layer firewalls and IDS

Labs: Various open soure network security tools including, iptables, snort, ossec, wireshark and nmap and security protocol implementations including strongswan and openssl.

Course Coordinator: Prof. Panayiotis Kotzanikolaou

Course Description:
This course focuses on managing security and privacy of Information Systems (IS). The main phases of the ISMS (Information Security Management System) implementation are described. The requirements of the information security management standards (e.g. ISO 27001, 27002, ISO15408, ETSI-TVRA) as well as the main steps of the risk assessment / risk management methodologies (e.g. OCTAVE, CRAMM, ISO 27005, ISO18045) are presented. The second part examines the governance of information security involving the evaluation of the implementation of the security and business continuity standards (eg ISO 22301) based on the business needs of the organization. For this purpose the standard COBIT 5 is presented for the specialization of operational needs (goal cascade) to IT goals.

More specifically this course covers the following topics:
• Basic concepts and terminology
• Risk Assessment Standards
• Methodologies and Risk Management Tools
• Security Policies and Procedures
• Security Auditing and Certification
• Implementing Legal and Policy Requirements
• Business Continuity
• Incident Handling
• Supply Chain Security
• Tools for Supply Chain Risk Assessment
Scope of the course: The aims of the course are to become familiar with the:
• security management standards and tools
• risk assessment methodologies and tools
• standards and procedures for business continuity and disaster recovery
• audit and security certification


Course Coordinator: Despoina (Nineta) Polemi

Course Description:
The goal of this course is to identify and analyze the basic principles of designing secure Information Systems. This is achieved through the introduction of known best practices on the application of security mechanisms and communication protocols for modern systems mainly based on cryptography. The main objectives of Security Architecture Design are:
– To identify the main components of modern information systems architecture.
– To capture the scope and the complexity of the security vulnerabilities of information systems.
– To define the basic security principles regarding the design of advanced mechanisms and components.
The understand the relevant security models that are based on the above basic principles, whose implementation mitigates and minimizes the security threats.
The course covers the following areas:
• Introduction to Information Security
• Information security architecture requirements
• The Web platform and its Threats
• Threats and Attacks of the Web platform
• Mobile security design
• Real case scenarios

Labs: Each lecture of the course is combined with practical exercises from real examples whose main goal is the consolidation and application of all the above in the process of designing secure Information Systems.

Course Coordinator: Christos Douligeris

(ECTS: 6)
Course description:
Introduction to data analytics (principles, pipeline, pre-processing). Common Machine Learning methods (classification, clustering). Neural networks and Deep Learning. Advanced clustering techniques (DBSCAN, OPTICS, etc.). Applications on Text / audio / video data mining. Lab hours with Python, R, Spark MLib.

Course coordinator: Prof. Aggelos Pikrakis

Course Description:
The goal of this course is to familiarize students with the latest advances in cryptography, from a practical perspective. The course covers all the necessary cryptographic primitives and how they are actively been used in various domains to provide the necessary building blocks for security and privacy related structures.
More specifically this course covers the following topics:
• Symmetric and asymmetric encryption
• Hash functions
• Digital signatures
• Key generation and exchange
• Homomorphic encryption
• Cryptographic protocols
• Secure computations

Hands on exercises and implementation of cryptographic primitives. Detection of implementation issues and their exploitation.

Course Coordinator: Prof. Kostas Patsakis


Course Description:
Introduction to Critical Systems and Infrastructures (Standards, Methods, Regulation). Dependency analysis for Critical Infrastructures (risk/threat propagation, cascading attacks, time-based models). Resilience in Critical Infrastructures (resilience-by-design, robustness, redundancy, restoration). Case studies and real-world examples on Critical Infrastructures attacks and defenses.

Course Coordinator: Prof. Panayiotis Kotzanikolaou

Second Semester:

Course Description:
This course is an introduction to the ethical hacking process, also known as “penetration testing”. The course is highly practical with hands-on labs but it won’t neglect the theory; During the course we will simulate real world attacks on a network, application, or system that has vulnerabilities and weaknesses. The aim of the course is to understand, the attacking process and also the cyber threats in order to effectively protect complex networks and systems, by identifying miss-configurations, weaknesses and vulnerabilities. More specifically this course covers the following topics:
• Introduction to Penetration Test Methodology
• Reconnaissance Techniques
• Scanning Techniques
• Gaining Initial Access Techniques (Exploitation, Brute forcing, Client side attack)
• Maintain access (Trojans, rootkits, back doors)
• AV, EDR bypass Techniques
• Post exploitation Techniques
• Lateral Movement
• Network pivoting
• Covering tracks

Labs: By using hands-on labs and step-by-step technical walkthroughs, we’ll cover the real-world tools and techniques used by today’s penetration testers professionals.

Course Coordinator: Prof. Panayiotis Kotzanikolaou

Course Description:
The Digital Forensics course focuses on building incident handling and digital forensics capabilities covering Windows and Linux operating systems. The course covers all the essential information you need to properly detect, response, mitigate and recover from cyber security incidents.
It is a full technical course with hands on labs. The aim of this course is, after understanding the attacking process, to learn how to deal with cyber attacks on windows and linux operating systems. You will learn the Incident Response / handling Process and also the digital forensics process. We will focus on windows, linux and network digital forensics. More specifically this course covers the following topics:
– Incident Handling process
– Windows forensics (memory forensics, registry forensics, file system analysis, application forensics)
– Log file analysis
– Linux forensics
– Network forensics

Labs: By using hands-on labs and step-by-step technical walkthroughs, we’ll cover the real-world tools and techniques used by today’s incident handlers and forensics experts. Labs contains., Information gathering, memory analysis, registry and file system analysis, network forensics and also Linux Forensics.

Course Coordinator: Prof. Kostas Patsakis

Course Description:
This course focuses on methods for the analysis of malware (trojans, rootkits, ransomware etc). This involves the analysis of real-world and recent malware in real time and live environments. We study malware collection tools, techniques for static code analysis, as well as dynamic analysis through disassemblers and debuggers

More specifically this course covers the following topics:
• Malware
• C&C servers (protocols and methods)
• Obfuscation
• Static malware analysis
• Dynamic malware analysis
• Machine learning for malware detection

The labs will cover practical aspects of malware analysis where students will use VMs to extract features from malware and also interact with them via debuggers and sandboxes to understand how a malware acts and how it can be analysed.

Course Coordinator: Prof. Kostas Patsakis

Course Description:
Companies and organizations around the world are today, much more than ever before, recognizing the value of security in software. Furthermore, vendors heavily invest in security processes that will enable them to produce software that will meet high security standards. This course describes the fundamental principles behind software security and explains the value of secure software in dependable ICT infrastructures. It also describes in detail the basic types of software vulnerabilities and shows how these can be rated and managed according to their respective risk.
Through lectures, assignments and workshops students will find out how to identify security bugs both in software for which the source code has been made available (code review) but also in software where source code is not available (black box review). The vulnerabilities studied throughout this course come from a wide area of applications including: operating system software, embedded systems software, Internet services, desktop software, web applications and mobile applications.

Scope of the course: The primary goal of this course is the development of the following skills: the application of security best practices to software under development, the identification of security issues in open source and closed source software, the demonstration of a vulnerability, the rating of a vulnerability and the management of vulnerabilities throughout the design, implementation and maintenance phases of software projects. Students will also be introduced to state-of-the-art methods for the identification of vulnerabilities and recent techniques for the proactive mitigation of risks.

Labs: Various tools for static and dynamic code analysis (like nm, file, objdump, strace, ltrace), debugging tools (gdb), protocol fuzzing (peach), file fuzzing (jonggfuzz) and web app security (bwapp).

Course Coordinator: Prof. Panayiotis Kotzanikolaou

Course Description:
This course focuses on introducing the students to the blockchain technology. After introducing the core concepts behind blockchain, we present the various consensus algorithms and the functionality that is provided. After exploring traceability in public blockchains, we shift to smart contract development to develop practical applications in real-world blockchains.
More specifically this course covers the following topics:
• Introduction to blockchain
• Concensus algorithms (Proof of work, Proof of stake, Byzantine fault tolerance)
• Traceability in blockchain (tracing transactions in the blockchain)
• Smart contract development in Ethereum/Hyperledger (will depend on the year)

The labs will primarily focus on Smart contract development for widely used blockchains, such as Ethereum and Hyperledger. Moreover, lab exercises to understand and explore the traceability features that blockchains enable will also be made.

Course Coordinator: Prof. Kostas Patsakis

Course Description:
Lectures: This course focuses on the study of special aspects related with information security and privacy, with an emphasis on cross-discipline aspects such as economics, education, training, legal and regulatory aspects. The ulitmate goal is to examine cybersecurity from a mixed mixed socio-technical point of view. More specifically this course covers the following topics:
• Economics of Security
• Security in Education
• Security Awareness
• Legal and Regulatory Aspects of Security and Privacy

Course Coordinator: Prof. Christos Douligeris


Course Description: The course focuses on the ethical challenges of the operation and use of the network and the ethical issues associated with data science, as well as the legal arrangements of these issues at the national and international level. The ultimate goal of the course is for students to assess and estimate the gravity, complexity, and broad scope of ethical dilemmas in cybersecurity and to prepare them holistically for their future roles as cybersecurity professionals.

In particular, the course covers the following topics:

  • Introduction to applied ethics – The ethical framework of cybersecurity

  • Society and Cybersecurity (Case Studies)

  • Law and Ethics (Privacy, personal data, confidentiality)

  • National, european and international cybersecurity legislation

Course Coordinator: Dr V. Christodoulakis