Algorithms and Security
Teaching activities

Prof. Tassos Dimitriou

Teaching (Graduate Courses)

Introduction to Algorithms – MSIN program, Fall quarter
Given a problem, how do we find an efficient algorithm for its solution? Given an algorithm, how can we compare it with other algorithms that solve the same problem? What are the criteria that help us judge the quality of an algorithm? Questions as the above are important from both a theoretical and a practical point of view. The objective of this course is to

  • Give students an introduction to the basics, as well as some advanced topics, in the area of designing effective algorithms,
  • Familiarize them with existing algorithmic techniques and ongoing research, and (hopefully)
  • Make them appreciate the beauty behind efficient algorithms (like a famous computer scientist once said, this is your chance to find out how “Angels program”).

Introduction to Cryptography and Security, Spring – MSIN program and MSITT:

This course aims to provide background knowledge on some of the fundamental issues in the field of cryptography and to serve as an introduction to its applications to secure networking and electronic commerce. In this course we will offer a guided tour in the design of both private key and public key encryption systems which meet the above minimal requirements of security against adversaries who not only can listen to messages but who can also intercept messages, alter them, and maybe have limited access to encryption equipments.
Our mission would be to

  • Define security in the presence of adversaries of various capabilities.
  • Evaluate current proposals of encryption systems
  • Explain why “theory” can be different from “practice” when it comes to real-world applications. In particular, we will see why “in-class” crypto protocols and systems are vulnerable to real-life attacks and show how to convert them to ones that are “fit for application”.
  • Present practical examples throughout and provide all the required mathematical background.
    • <

Introduction to Sensor Networks (jointly with Antonis Kalis), Spring – MSIN program

Sensor networks have attracted much scientific interest during the past few years. These networks use hundreds to thousands of inexpensive wireless sensor nodes over an area for the purpose of monitoring and capturing geographically distinct measurements over a long period of time.
Sensor networks differ from wireless networks in that their nodes are characterized by limited storage, computational and communication capabilities. The power of sensor networks, however, lies in the fact that their nodes are so small and cheap to build that a large number of them can be used to cover an extended geographical area, gather information in-site and propagate it to base stations, thus enabling an accurate and reliable monitoring process.
Example topics to be covered by this course include: Sensor network hardware, sensor and measurement models, localization and tracking of moving objects, routing protocols, infrastructure establishment (localization, time synchronization), sensor network data storage, security and privacy issues, sensor tasking and control, sensor network software and applications
In addition to these academin course, Prof. Dimitriou has designed and developed the following courses aimed at professionals and people who want to become familiar with the exciting field of network security:

  • Short course on Cryptography and Data Security
  • Executive course on Information Security


With regards to the Professional courses, one important aspect of this work is to help create “security aware” professionals because security cannot be taken as an afterthought when designing a system. Security is as strong as its weakest link and the tools used to enforce security are never the weakest link. In the professional courses we have designed we emphasize in the following facts:
 

  • One should not base thinking only on today’s threats as attacks grow in malevolence, automation and frequency. In recent years, we have seen a doubling in incidents per year. This means that in 5 years, we should expect about thirty times as many. Planning for the future must assume a more severe threat model.
  • One should understand that security is really a management and not a technology issue as it requires top-to-bottom commitment and enforcement.
  • One should realize the necessity for comprehensive security and defense in depth.
     

Descriptions of Professional Educational courses can be found at the "Professional Programs" section of AIT's web page.

AIT Research Seminars:
1. “RFID Privacy Issues”, AIT Research Seminar, Dec. 2005.
2. “e-Passports: how secure are they?”, AIT Research Seminar, Dec. 2006.

Other presentations:

  1.  “Be careful how you pad; Your encryption scheme is as good as the padding you use”, Invited presentation to the Security track of the 12th International World Wide Web Conference, May 2003, Budapest, Hungary
  2. “On establishing secure channels for communication”, Invited presentation to the Scientific track of 5th Info-Com, Sponsored by IEEE, Athens, Greece
  3. “A guided tour of authenticated encryption”, Sun-AIT Security Conference, 2003
  4. “Why Is Security Difficult?”, Invited presentation at COMDEX 2004
    Invitation to speak at the Information Day of the Preparatory Action for Security Research Program, Brussels, 2004
  5. “Sensor Network Security”, One day workshop dedicated to sensor networks, AIT December 2004.
  6. “Managing Information Security: a guided tour”, AIT-Intracom Security Conference
  7. “Issues in Sensor Networks Security”, University of Pireus, 2005
  8. Panel presentation related to RFID technology at IEEE SecureComm conference, Sept. 2005
  9. Invitation to speak at the Information Day of the Preparatory Action for
  10. Security Research Program, Austria, 2006

Ph.D. Candidates


1. Ioannis Krontiris, “A Holistic Defense Solution against Attacks in Wireless Sensor Networks”, joint supervision with Prof. Felix Freiling, Head of Computer Science Department, University of Mannheim (expected 2009).

Master Engineering Theses Supervised

  1. Dimitrios Foteinakis: “Evaluation of existing Voting Systems and Implementation of a new complete solution that preserves the privacy and the integrity of the voting process”, 2003
  2. Ioannis Krontiris and Fotis Nikakis: “Algorithms for the efficient propagation of crucial information in Sensor networks enhanced with Security primitives”, 2003
  3. Mariana Marin: “A Single Sign – On Solution for Web Applications using Web Services”, 2004
  4. Panos Papadimitriou: “Comparative study of key establishment protocols for sensor networks”, 2004
  5. Vassilis Gkatzioras: “e-phaistos: A Secure Identity Based E-Mail System”, 2005
  6. Vassilis Mylonakis: “A Sensor Network for Indoor Environmental Monitoring”, 2005
  7. Hamed Shoroush and Mastooreh Shalajegheh, “Secure Hierarchical Communications in Sensor Networks”, 2006
  8. Ioannis Kolokouris and Nikos Zarokostas, “Sensor Network Test Bed”, 2006
  9. Ghassan Karame, “Trust issues in Peer to Peer systems”, 2006
  10. Ioannis Biternas, “Security of Voice over IP”, 2006
  11. Katerina Roukounaki, “e-mail Spamming Control”, 2006


Prof. Nikos Komninos

Teaching (Graduate Courses)

Applied Cryptography, MSIN Program – Fall Semester

Cryptography is about communication in the presence of an adversary. It compasses many problems (encryption, authentication, key distribution etc.) The field of modern cryptography provides theoretical foundation based on which we may understand what exactly these problems are, how to evaluate protocols that purport to solve them and how to build protocols in whose security we can have confidence. Modern cryptography abandons the assumption that the adversary has available infinite computational resources, and assumes instead that the adversary’s computation is resource bounded in some reasonable way. This course explores modern cryptographic (code making) and cryptanalytic (code breaking) techniques in detail.

This course aims to introduce the theoretical concepts of applied cryptography through probability theory, information theory, and number theory. Cryptographic primitives and protocols are applying abstract algebra and finite fields, which will be used throughout the course. Such primitives and protocols introduce the study of applied cryptography. Emphasis is placed on the solution of problems and proofs.

Introduction to Computer & Network Security, MSITT Program – Spring Semester

Electronic communication has mainly been achieved with the use of computers networks. Networks have allowed users to transfer files, send messages and run programs from one computer to another. Nowadays, different network technologies, such as Internet, cellular, Bluetooth and wireless LANs (WiFi, HIPERLAN) are present in the electronic world. As the sophistication of networks has increased, issues of transaction security, user authentication and authorization are taking on greater and greater importance. Particularly, the increasing growth of the Internet and computer-use have brought to the fore the importance of computer and network security.

The aim of this course is to provide attendees with a thorough understanding of the issues associated with computer and network security. You will be able to understand computing security vulnerabilities and the techniques and tools for designing secure computer networks. At the end of this course, you will acquire a solid background in state-of-the art cryptography, security threats and protocols. You will learn the different aspects of cryptography and you will be able to apply cryptographic techniques and up-to-date security protocols to maintain your privacy in electronic transactions. In particular, you will see how computers and networks are vulnerable to real-life attacks and get familiar with security protocols that are widely used in “real-world”. Finally, you will have the ability to design and assess computer security solutions for given applications.

ICT Security, MBIT Program, Summer Session

Securing information is a huge challenge that continues to grow more critical as business or personal interactions become increasingly dependent upon the exchange of electronic information. ICT security has managed to get a tremendous amount of attention in the past years, even getting into the headlines of mainstream media. However, despite this increased awareness for proper security and the annual expenditures on security products and services, we see more security incidents taking place, and those incidents are becoming more expensive. One simple example of this is that there exist over 100,000 unique computer viruses, with an average of about 300 of them actively damaging systems every day, creating a loss of more than $30B per year in businesses worldwide and ultimately compromising national security.
The aim of this course is to provide a thorough understanding of the issues associated with the design, provision and management of security services for modern communication and information systems. With organizations facing increasing pressure from regulatory bodies to comply with policy standards (Sarbanes-Oxley, GLBA, HIPAA etc.), basic levels of encryption and authentication are not sufficient for compliance and security. The modern trend in designing security architectures is to treat security not merely as a technology issue but rather as a management issue that requires top-to-bottom commitment and enforcement.

Summer School
Introduction to Security, AIT Summer School
ICT Security, AIT Summer School

Executive Training Programs
Introduction to Computer & Network Security
Cryptography & Information Security

AIT Research Seminars
Alpha Stream Cipher, Dec 2004
Public Key Cryptography in Future Mobile Systems, September 2005
Security Issues & Vulnerabilities in Cellular Networks, April 2007

Ph.D. Candidates

  1. C. Tselikis, Secure Clustering in Ad Hoc Networks, in collaboration with Prof. Christos Douligeris, Informatics Department, University of Piraeus (expected 2010)

Master Engineering Theses Supervised

  1. Kostantinos Tsampanakis, Security Issues in on-line Banking, MBIT Thesis, 2008

  2. George Mantas, Data Content Protection with Smart Cards, MSIN Thesis, 2007-2008

  3. George Mantas, Recovery Mechanisms in Mobile Ad Hoc Networks, MSITT Independent Study Course, 2008

  4. Stavros Ladopoulos, End-to-end Secure Application, MSITT Thesis, 2007-2008

  5. Thomas Miskas, Distributed Intrusion Detection for Hybrid Ad Hoc Networks, MSITT Thesis, 2007-2008

  6. Antonis Michalas, MINI Cryptographic Hash Algorithm, MSITT Independent Study Course, 2007-2008

  7. George Christakis, Recovery Mechanisms in Mobile Ad Hoc Networks, MSITT Thesis, 2006-2007

  8. Dimitris Mylonakis, Design of an Advanced Smart Identity Card…, MSITT Thesis, 2006

  9. Katerina Roukounaki, Network Verification Mechanism for Biometrics using Smart Cards , MSITT Independent Study Course, Sept. 2006 – Dec. 2006.