Security and Privacy: Common Goals

The MSc in Information and Communication Systems Security addresses specialists, researchers and executives from public or private administrative or decision-making organisations. The MSc programme aims at training students in the area of information and communication systems security, as well as in privacy protection technologies. Overall, the programme has been planned taking the following points into consideration:

  • Information security and privacy have become common goals across both services and systems.
  • There has been an increasing need for specialized staff, while the sector of privacy and security offers great potential for career development.
  • There have been advances in information technologies and telecommunications and an increase in the vulnerability of the services offered.
  • The MSc offers a great opportunity for developing background knowledge for further PhD studies.

The major goal of the MSc in Information and Communication Systems Security is not only advancing and spreading scientific knowledge, but also producing graduates who will be able to address national needs in education, research and development. More specifically, the goals of the MSc programme are the following:

  • Advancement of science and research in the area of information security
  • Training and preparation of students and researchers in order to be able to stimulate the development of Greece and Greek businesses within an information society
  • Preparation for PhD studies in information security
  • Close collaboration between the academic community and those businesses aiming at the adoption, use and dissemination of cutting-edge technologies in information security and privacy protection technologies
  • Collaboration with Greek, European and international organisations that deal with information security and privacy protection technologies

The graduates of the MSc in Information and Communication Systems Security will be able to:

  • design, set up, implement, analyze, evaluate and manage security and privacy protection systems.
  • understand all individual parameters of the development, management and evaluation of a secure information and communication system.
  • participate in research and development projects in the field of information security and privacy protection technologies, generating new areas of knowledge.
  • participate creatively and constructively in development projects in the field of information security in both the public and the private sector.
  • compare and evaluate digital goods and services in the field of security and privacy protection, having a solid background knowledge of modern technologies on this subject.
  • manage and supervise complex and demanding projects.

This postgraduate programme is in accordance to the clauses of Law 4485/17, in combination with Law 4009/11, and is subject to the Regulations of Studies for the postgraduate programmes of studies, effective after their validation from the University’s Special Configuration Senate. Greek Government Gazette issue for the establishment of the postgraduate programme: 2778/B/12.07.2018

Entry Requirements – Candidates Evaluation

  • Degree or diploma holders in informatics and communications, engineering, sciences or equivalent fields of study, from Greek universities or Technical Educational Institutions, or international institutions that are officially recognized by the Greek state
  • Graduates from Greek military higher education institutions (Article 88 of Law 3883/2010, Greek Government Gazette issue 167/24-9-2010, Α)
  • Graduates from the Officers School of the Hellenic Police Academy (Article 38 of Law 4249/2014, Greek Government Gazette issue 73 Α)

Syllabus

1st Semester

Compulsory Courses
Course ID: 3001 Computer and Communication Networks Security ECTS: 7.5
Introduction to computer network security: threats, vulnerabilities, countermeasures, assurance. PKI technologies and services. Authentication, authorization and accounting (AAA). OSI/ISO network security architecture: security services, security mechanisms, security management. Internet model security architecture: network layer security, Internet layer security, transport layer security, application layer security. Applications. Firewalls: capabilities and limitations, design issues, firewall architectures, network level firewalls, application level firewalls, hybrid and next-generation firewalls. Applications. Distributed authentication systems: Kerberos. Intrusion detection and prevention systems. Privacy enhancing technologies. Censorship on the web. Secure electronic payment systems. Middleware security. Intellectual property rights security. Electronic voting systems security.
Course ID: 3002 Cryptography ECTS: 7.5
Introduction to number theory, prime numbers, finite fields, modular arithmetic, Chinese remainder theorem, one-way functions, historical cryptographic algorithms, one-time pad, public-key cryptography (RSA, Rabin, ElGamal, elliptic curves), key management, Diffie-Hellman key agreement, stream ciphers, block ciphers, hash functions, digital signatures with appendix, digital signatures with message recovery.
Course ID: 3003 Database Systems Security ECTS: 7.5
Discretionary and mandatory access control; security and privacy protection using capabilities of the SQL language; role-based access control; multilevel secure database management system architectures. Digital watermarking and fingerprinting in relational databases. Surviving information warfare attacks on databases, intrusion detection, data corruption and database recovery. Database models, architectures, mechanisms and policies that ensure data security, privacy preservation, confidentiality protection, integrity and availability. Translucent and encrypted databases, retrieval of encrypted data. Security in statistical, object-oriented, distributed and medical databases. Big data security. Data security and privacy protection in online social networks. Case studies: Oracle database, Microsoft SQL server, IBM DB2, MySQL, etc.
Course ID: 3004 Digital Forensics ECTS: 7.5
The course offers an introduction to the concept of digital forensics, emphasizing the acquisition and analysis of artefacts in computer networks (network forensics). More precisely, the course presents the main characteristics of evidence acquisition and analysis from networks, as well as the research trends in the field over time. The contribution of intrusion methods in the field is analyzed as well. The course also covers concepts related to forensic methods in popular mobile platforms (Android, iOS) and the respective research progress. Lastly, case scenarios are employed so as to present the most important techniques and tools for forensic acquisition, analysis and presentation of digital evidence in computers, networks and mobile devices.

2nd Semester

Compulsory Courses
Course ID: 3005 Information Law ECTS: 7.5
ICTs and society – ICT as a new paradigm and the relationship of society, law and technology.  Privacy, confidentiality/secrecy and the relation to information and systems security. Specific issues of data security and data protection: employees’ monitoring, surveillance in the public place, privacy protection on the Web (search engines, social networking, etc.). Data protection and privacy enhancing technologies / privacy by design. Freedom of speech, rights and powers in the information society – blogs/forums, filtering and censorship. Intellectual property in the information society: software and database protection, open source, licenses, issues relating to peer-to-peer. Cybercrime and computer crime: ethical, social, legal and economic aspects. Penal law and information and communication technologies. Computer/Internet forensics. E-democracy, e-governance and e-voting.
Course ID: 3006 Information Systems Security Management ECTS: 7.5
Introduction to information systems security management. Information security policies. Risk analysis and management. Developing the security program. Security management models and practices. Standardization and international information security standards. Awareness and training. Organisational aspects and personnel issues.
Course ID: 3007 Wireless and Mobile Networks Security ECTS: 7.5
Mobile network security: GSM and UMTS security architecture, UMTS access security, mutual authentication procedures, authentication vectors, periodic authentication, user identity management, UTRAN protocol structure (physical layer, link layer, network layer), UTRAN encryption, protection of C-plane and associated treats, vulnerabilities and attack vector, interworking, 3G core network domain security, UMTS IMS subsystem security issues. Introduction to EPS (SAE/LTE/LTE-Advanced) architecture, interfaces, authentication, key hierarchy, protection of U-plane/C-plane (AS, NAS strata). Advanced IEEE 802.11 and 802.16 security: protocols, vulnerabilities, and attack description, defensive strategies, authentication and authorization. State-of-the-art: heterogeneous wireless network security. Privacy-preserving methods in 4G: framework, technologies and case studies.
Course ID: 3008 Future Internet Security and Privacy ECTS: 7.5
Future Internet security. Foundations of information privacy. Privacy enhancing technologies. RFID technology: Security and privacy protection. Sensor networks security. Cloud computing models. Risks and vulnerabilities. New security solutions. Security and privacy protection for smart environments, implantable devices and embedded systems.

3rd Semester

Course ID: 3000 MSc Thesis Compulsory ECTS: 30

1st Semester

  • Cryptography
  • Database Systems Security

2nd Semester

  • Information Law
  • Future Internet Security and Privacy

3rd Semester

  • Computer and Communication Networks Security
  • Digital Forensics

4th Semester

  • Information Systems Security Management
  • Wireless and Mobile Networks Security

Staff

Course Semester Course Instructor Webpage
Computer and Communication Networks Security 1 Associate Professor Georgios Kampourakis
Webpage
Cryptography 1 Assistant Professor Panagiotis Rizomyliotis
Webpage
Database Systems Security 1 Assistant Professor Theodoros Tzouramanis
Webpage
Digital Forensics 1 ICSD postdoctoral researchers, academic staff from other institutions
Information Law 2 Professor Evaggelia Mitrou
Webpage
Information Systems Security Management 2 Assistant Professor Maria Karyda
Webpage
Wireless and Mobile Networks Security 2 Associate Professor Georgios Kampourakis
Webpage
Future Internet Security and Privacy 2 Assistant Professor Panagiotis Rizomyliotis
Webpage

Fees and Funding

Successful applicants for the postgraduate studies programme are required to pay tuition fees, in accordance with Article 35 of Law 4485/2017. The tuition fees amount to €3,000 and can be paid in two installments. The tuition fees cover operational expenses of the postgraduate programme of studies, including needs in specialist teaching staff from universities in Greece or abroad.

Tuition fees payment can be made as follows: €1,500 within 15 days after the student’s admission to the 1st semester of studies (early October) and €1,500 at the beginning of the second semester (February). Credit card payments are accepted. No refunds can be given for fees or part of fees that have already been paid.

The postgraduate studies programme may offer a number of grants, conditional on academic performance, to full-time students. The amount of funding, requirements, method of funding, as well as the rights and responsibilities of grant-holders are decided by the Department’s Assembly (par. 4, Article 35 of Law 4485/2017).

Full-time/part-time study

The full-time study programme is completed in three semesters and combines blended and model types of learning, including: [a] a five-day intensive lecture cycle held at the Department’s premises at the beginning or the end of every academic semester (October, January, June), [b] an online learning environment that supports the learning process during the first two semesters. The third semester is reserved for the completion of the MSc thesis. Class attendance and participation in any educational activity, such as projects, assignments, etc., is compulsory.

The full-time study programme is completed in three academic semesters, including the writing of the thesis. The maximum permissible time for the completion of the full-time programme is six semesters.

Working students may choose to study part-time. Working students have to prove that they work at least 25 hours per week and provide a work contract or certificate. Part-time study is also suitable for non-working students who cannot meet the demands of studying full-time, due to health or family issues, military service, or other personal reasons. Those students should send a written request to the Department’s Assembly before the start of the MSc programme. The duration of the part-time study programme must be no longer than six academic semesters.

How to Apply

Applicants are required to fill in a candidacy application form, attaching the following documents:

  • A copy of their ID or passport
  • A CV
  • A copy of their degree/diploma or a certificate of studies completion
  • Peer-reviewed publications, if there are any
  • Certificates of professional or research activities, if there are any
  • Two references
  • A copy of the candidate’s undergraduate dissertation or its title and abstract if it has not been completed; in case the candidate was not required to write a dissertation during their undergraduate studies, they should mention so in writing
  • Proof of English language competency equivalent to or higher than B2 level (according to the Common European Framework of Reference for Languages)
  • Any other document that the candidate believes it might support their application

The application and all digital copies of documents must be submitted online on the “Nautilus” platform (https://nautilus.aegean.gr/). Hard copies can be submitted in person during admission.

Download the updated Regulations of Studies for the postgraduate programme of studies (in Greek):

Κανονισμός Σπουδών – ΠΜΣ Ασφάλεια Πληροφοριακών και Επικοινωνιακών Συστημάτων

Download articles for the postgraduate programme’s interviews:

Articles – MSc Information and Communication Systems Security

Course schedule – Fall semester

1st week of face-to-face courses:
09:00-12:30 & 13:00-16:30

Wednesday 2/10: Cryptography (Konstantinou)
Thursday 3/10: Database Systems Security (Vlachou)
Friday 4/10: Computer and Communication Networks Security (Anagnostopoulos)
Saturday 5/10: Digital Forensics (Anagnostopoulos, Barbatsalou)

Fall Semester
1 2-5/10/2019 Face-to-face
2 7-11/10/2019 No classes
3 14-18/10/2019
4 21-25/10/2019
5 28/10 – 1/11/2019
6 4-8/11/2019 No classes
7 11-15/11/2019
8 18-22/11/2019
9 25-29/11/2019
10 2-6/12/2019 No classes
11 9-13/12/2019
12 16-20/12/2019
13 6-10/1/2020
14 13-17/1/2020 No classes
(Week of substitutions)

Fall Semester Holidays

Public holiday 28/10/2019
Public holiday 17/11/2019
Christmas Holidays 22/12/2019 – 6/1/2020
Public holiday 30/1/2020

SUCCESS STORIES

The specialized knowledge that I acquired from the MSc in Information and Communication Systems Security helped me find employment, right after my graduation, in the security department of one of the country’s biggest corporations. I’m currently working in Census S.A., which specializes in providing integrated and specialized information systems security solutions.

Chara Vasileiadou, Sales Director, Census S.A.

The completion of my master’s studies laid the foundations for the development of the necessary skills for my professional and academic career. The direct contact with my professors allowed me to gain knowledge about theoretical and applied research issues in the area of information systems security. I have been working in the Joint Research Centre of the European Union for a number of years now.

Dimitris Geneiatakis, Joint Research Centre (JRC), Ispra

Studying for the MSc in Information and Communication Systems Security and pursuing a doctoral diploma in the same area of studies truly provided me with useful knowledge and experience, allowing me to successfully meet the requirements of academic research on an international level.

Dimitrios Damopoulos, Postdoc Researcher, Stevens Institute of Technology, NY, USA