EPOKA UNIVERSITY
FACULTY OF ARCHITECTURE AND ENGINEERING
DEPARTMENT OF COMPUTER ENGINEERING
COURSE SYLLABUS
2024-2025 ACADEMIC YEAR
COURSE INFORMATIONCourse Title: NETWORK SECURITY |
Code | Course Type | Regular Semester | Theory | Practice | Lab | Credits | ECTS |
---|---|---|---|---|---|---|---|
CEN 462 | C | 1 | 3 | 2 | 0 | 4 | 7.5 |
Academic staff member responsible for the design of the course syllabus (name, surname, academic title/scientific degree, email address and signature) | Assoc.Prof.Dr. Dimitrios Karras dkarras@epoka.edu.al |
Main Course Lecturer (name, surname, academic title/scientific degree, email address and signature) and Office Hours: | Assoc.Prof.Dr. Dimitrios Karras dkarras@epoka.edu.al , 10.00-21.00, Monday, Wednesday |
Second Course Lecturer(s) (name, surname, academic title/scientific degree, email address and signature) and Office Hours: | NA |
Language: | English |
Compulsory/Elective: | Elective |
Study program: (the study for which this course is offered) | Master of Science in Computer Engineering (2 years) |
Classroom and Meeting Time: | according to timetable at EIS |
Teaching Assistant(s) and Office Hours: | NA |
Code of Ethics: |
Code of Ethics of EPOKA University Regulation of EPOKA University "On Student Discipline" |
Attendance Requirement: | |
Course Description: | Techniques for achieving security in multi-user computer systems and distributed computer systems: Basics of cryptography, network security applications and system security, conventional encryption and message confidentiality, public-key cryptography and message authentication, authentication applications. Electronic mail, IP, web. |
Course Objectives: | To present a thorough survey on network security technology. It covers important network security tools and applications, including all major Cryptographic algorithms and techniques, Security Protocols, Digital Signatures, Message and User Authentication techniques, cloud security, network access control, personal identity verification (PIV), mobile device security, S/MIME, IP Security, Kerberos, SSL/TLS, and X509v3. In addition, methods for countering hackers and viruses will be explored. Finally, fundamental security design principles, attack surfaces and attack trees, practical application of RSA, user authentication models, and comprehensive email security will be discussed. |
BASIC CONCEPTS OF THE COURSE
|
1 | Symmetric Encryption and Message Confidentiality |
2 | Public-Key Cryptography and Message Authentication |
3 | NETWORK SECURITY APPLICATIONS |
4 | Key Distribution and User Authentication |
5 | Transport-Level Security |
6 | Wireless Network Security |
7 | Electronic Mail Security |
8 | IP Security |
9 | PRINCIPLES OF SYSTEM SECURITY |
COURSE OUTLINE
|
Week | Topics |
1 | Introduction to Network Security |
2 | Symmetric Encryption and Message Confidentiality |
3 | Public Key Cryptography and Message Authentication |
4 | Key Distribution and User Authentication |
5 | Network Access Control and Cloud Security |
6 | Transport-Level Security |
7 | Wireless Network Security |
8 | Electronic Mail Security |
9 | IP Security |
10 | Malicious Software |
11 | Intruders |
12 | Firewalls |
13 | Exercises on Algorithms and Projects |
14 | Security Reporting |
Prerequisite(s): | Programming in high level languages, Basic Mathematics |
Textbook(s): | NETWORK SECURITY ESSENTIALS: APPLICATIONS AND STANDARDS SEVENTH EDITION William Stallings |
Additional Literature: | CRYPTOGRAPHY AND NETWORK SECURITY PRINCIPLES AND PRACTICE 2022 EDITION William Stallings |
Laboratory Work: | PROJECTS |
Computer Usage: | PROGRAMMING PROJECTS |
Others: | No |
COURSE LEARNING OUTCOMES
|
1 | Learning about Symmetric Cryptographic Algorithms. Symmetric cryptographic algorithms are essential tools in the field of data security, used to encrypt and decrypt information. These algorithms use a single shared secret key for both encryption and decryption, ensuring that only authorized parties with the correct key can access the protected data. Common examples include AES (Advanced Encryption Standard), DES (Data Encryption Standard), and 3DES (Triple DES). Symmetric encryption is known for its speed and efficiency, making it suitable for securing large volumes of data. However, key management and secure key distribution pose challenges, particularly when scaling to multiple users or systems. Understanding symmetric cryptography is foundational for securing communications and protecting sensitive information. |
2 | Learning about Public Key Cryptographic Algorithms. Public key cryptographic algorithms, also known as asymmetric algorithms, are fundamental to modern encryption systems. They use a pair of mathematically linked keys: a public key for encryption and a private key for decryption. This key pair enables secure data exchange without the need to share secret keys between parties. Common algorithms include RSA, ECC (Elliptic Curve Cryptography), and Diffie-Hellman. Public key cryptography is widely used for secure communication, digital signatures, and key exchange. Although it is computationally slower than symmetric encryption, it solves key distribution issues by allowing secure communication over untrusted networks. Learning about public key cryptographic algorithms is crucial for implementing secure systems in areas like e-commerce, authentication, and secure messaging. |
3 | Learning about Security protocols. Security protocols are critical frameworks designed to protect data integrity, confidentiality, and authentication during digital communication. These protocols define how data is transmitted and ensure secure interactions over networks, safeguarding against threats such as eavesdropping, tampering, and unauthorized access. Common security protocols include TLS/SSL for secure web communications, IPsec for secure internet protocol exchanges, and SSH for encrypted remote access. Understanding security protocols involves learning how cryptographic techniques, authentication methods, and network layers interact to provide comprehensive security. Mastery of these protocols is essential for securing online transactions, communications, and systems in a rapidly evolving digital landscape |
4 | Learning about evaluating and reporting network security. Evaluating and reporting network security involves systematically assessing a network’s defenses to identify vulnerabilities, threats, and areas for improvement. This process includes penetration testing, vulnerability assessments, and security audits to measure the effectiveness of security controls, such as firewalls, intrusion detection systems, and encryption protocols. Once evaluated, findings are documented in detailed reports, highlighting potential risks and recommending mitigations. The reporting phase is crucial for communicating the current security posture to stakeholders and guiding future security enhancements. Learning to evaluate and report on network security is essential for maintaining robust defense mechanisms and ensuring compliance with industry standards and regulations |
COURSE CONTRIBUTION TO... PROGRAM COMPETENCIES
(Blank : no contribution, 1: least contribution ... 5: highest contribution) |
No | Program Competencies | Cont. |
Master of Science in Computer Engineering (2 years) Program | ||
1 | Engineering graduates with sufficient theoretical and practical background for a successful profession and with application skills of fundamental scientific knowledge in the engineering practice. | 5 |
2 | Engineering graduates with skills and professional background in describing, formulating, modeling and analyzing the engineering problem, with a consideration for appropriate analytical solutions in all necessary situations | 5 |
3 | Engineering graduates with the necessary technical, academic and practical knowledge and application confidence in the design and assessment of machines or mechanical systems or industrial processes with considerations of productivity, feasibility and environmental and social aspects. | 5 |
4 | Engineering graduates with the practice of selecting and using appropriate technical and engineering tools in engineering problems, and ability of effective usage of information science technologies. | 5 |
5 | Ability of designing and conducting experiments, conduction data acquisition and analysis and making conclusions. | 5 |
6 | Ability of identifying the potential resources for information or knowledge regarding a given engineering issue. | 5 |
7 | The abilities and performance to participate multi-disciplinary groups together with the effective oral and official communication skills and personal confidence. | 5 |
8 | Ability for effective oral and official communication skills in foreign language. | 4 |
9 | Engineering graduates with motivation to life-long learning and having known significance of continuous education beyond undergraduate studies for science and technology. | 4 |
10 | Engineering graduates with well-structured responsibilities in profession and ethics. | 4 |
11 | Engineering graduates who are aware of the importance of safety and healthiness in the project management, workshop environment as well as related legal issues. | 3 |
12 | Consciousness for the results and effects of engineering solutions on the society and universe, awareness for the developmental considerations with contemporary problems of humanity. | 2 |
COURSE EVALUATION METHOD
|
Method | Quantity | Percentage |
Midterm Exam(s) |
1
|
25
|
Project |
1
|
20
|
Laboratory |
1
|
15
|
Final Exam |
1
|
40
|
Total Percent: | 100% |
ECTS (ALLOCATED BASED ON STUDENT WORKLOAD)
|
Activities | Quantity | Duration(Hours) | Total Workload(Hours) |
Course Duration (Including the exam week: 16x Total course hours) | 16 | 3 | 48 |
Hours for off-the-classroom study (Pre-study, practice) | 16 | 3 | 48 |
Mid-terms | 1 | 3 | 3 |
Assignments | 2 | 42.5 | 85 |
Final examination | 1 | 3.5 | 3.5 |
Other | 0 | ||
Total Work Load:
|
187.5 | ||
Total Work Load/25(h):
|
7.5 | ||
ECTS Credit of the Course:
|
7.5 |
CONCLUDING REMARKS BY THE COURSE LECTURER
|
N/A |