Security of Computer Systems and Networks
Course Feature
Class Description
Course_ID: MYE007
Weekly Hours: 5
Semester: >=6
ECTS Credits: 5
Course Homepage: http://www.cse.uoi.gr/~stergios/teaching/mye007
Description:
Introduction to security: computer security, security model, attacks, OSI security architecture, functional requirements and strategy
Symmetric cryptography: definitions, requirements, Feistel structure, DES, 3DES, AES, stream ciphers, modes, secret key distribution
Elements of number theory: birthday paradox, divisibility and prime numbers, Euler’s Totient function, Euclidian algorithm
Public-key cryptography: steps, requirements, RSA, Diffie-Hellman, message authentication code (MAC), one-way hash function (SHA-1, SHA-512, MD5), HMAC, digital signatures
Software security: buffer-overflow attack, shellcode, secure programming, defensive programming, command/SQL injection, cross-site scripting (XXS), time-of-check-to-time-of-use (TOCTOU)
Security of computer systems: access control, discretionary access control, role-based access control, mandatory access control (Bell-Lapadula, Biba), trusted computing, trusted platform module (TPM)
Network security: denial of service, spoofing, reflection, firewall, network address translation (NAT)
Internet security: Internet Protocol Security (IPSec) protocol, security association, authentication header and encapsulating security payload, transport and tunnel mode
Web security: protocol for web traffic security (SSL/TLS), protocol for secure use of credit cards (SET)
Distributed authentication: Kerberos protocol, X.509 authentication service
Blockchain and cryptocurrency: block, blockchain, address, transaction, consensus, proof of work, mining
Programming development of software (buffer overflow) and network (man-in-the-middle) attacks.