331 - Network and Web Security - 2025

Table of Contents

A.k.a 60015 or 70082, but just "331" for short.

hacking.jpg

Announcements

  • The 24-25 edition of the course starts on January the 13th 2025, at 2pm in the lab: Huxley 219.
  • This year we have an exciting line-up of guest lecturers: Antoine Vianey-Liaud (Crowdstrike), Charlie Hothersall-Thomas (Netcraft), Joseph Katsioloudes (GitHub Security Lab), Ibrahim ElSayed (Lacework).

Schedule

Week 1 - 13/01/25

  • Overview. This week we cover some general security topics which are relevant to the rest of the course. In order to secure a system, we want to be able to discover, fix and, even better, prevent security vulnerabilities. Attackers attempt to install malware on their victims, and use malware itself to implement further attacks. Although malware is not the focus of this course, we need to have some familiarity with it, in order to understand the objectives and techniques used to attack networks and web applications. Threat modelling is a conceptual tool that we will use in the rest of the course to assess the security of applications and systems. Note that this week is a gentle introduction to the course, the pace and difficulty will increase as we get into technical topics.
  • Topics
  • Activities
    • Lab on Monday
      • Guide: Install VirtualBox and Kali
    • In class session on Thursday
      • Overview, Q&A, demos
      • Tutorial 1: Threat Modelling

Organization

  • Timetable:
    • Fri 9:00am: updates for the following week
      • weekly course schedule and suggested reading posted on this website
      • recorded lectures and slides released on Scientia
    • Mon 2pm-4pm: lab session with GTAs and office hours with lecturer in Hux 219.
    • Thu 11am-1pm: in-class activities in Hux 311, including a variety of
      • Q&A, demos, extras on weekly material
      • Tutorials (not computer-based)
      • Invited lectures
  • edStem will be used for course announcements and course related questions.
    • Questions via email will be ignored.
  • Slides, recordings and tutorial sheets will be posted on Scientia: UG ~ MSc.
  • External students: registration instructions.

Assessment

  • Assessed coursework
    • The assessed (individual) coursework will be released on Frebruary 13 at 2pm: UG ~ MSc.
    • The deadline for the coursework is February 26 at 2pm.
    • There is nothing to submit on Scientia, just use the links above.
  • Exam
    • The exam will take place during the week 17-21 of March, in the labs.
    • Answer 2 questions out of 2 in 2 hours.
    • The format is "open book": you can take one A4 sheet (2 sides) of notes into the exam.
    • Selected cheatsheets and reference guides will be provided to help with the practical part.
    • Roughly half of the exam will consists of practical security tasks.

Resources

People

Lecturer

sergio.png Sergio Maffeis. Sergio is a senior lecturer in Computer Security at Imperial, where he leads the Security and Machine Learning Lab. He received his PhD from Imperial and his MSc from University of Pisa, Italy. Maffeis' research interests include security, machine learning, formal methods, and programming languages. You can find out more from his home page.




Guest Lecturers

antoine.png Antoine Vianey-Liaud. Antoine manages a team of threat hunters at Crowdstrike, uncovering sophisticated adversaries within the networks of a large customer base. He received his MSc from Imperial College London in 2016, delivering an ISO and thesis under the supervision of Dr Maffeis. His interests include intrusion detection (using security domain knowledge, statistical and data science methods), capture the flag competitions, and security in all its forms.


charlie.jpg Charlie Hothersall-Thomas. Charlie is a Director of Engineering at Netcraft, where he leads the DevOps division. Prior to this he worked as a developer on a variety of Netcraft's anti-cybercrime products. His technical expertise includes web security, TLS and PKI, networking, Linux system administration and Tor. He graduated in 2014 with a BEng in Computing from Imperial College London, where he started BrowserAudit as his final year project.


ibrahim.png Ibrahim ElSayed. Ibrahim is a Senior Staff Security Engineer at Lacework. He obtained his BSc in Computer Engineering from The American University in Cairo and his MSc in Information Security from Royal Holloway, University of London. Ibrahim focuses on using program analysis to scale security vulnerability detection and prevention. He is currently leading the code security team at Lacework, creating tools to enable developers and security teams to detect and prevent impactful vulnerabilities. Previously, he spent 8 years at Meta, building various static analysis tools such as Zoncolan, Pysa, and Mariana-Trench to analyze hundreds of millions of lines of Meta's codebase, including PHP, Python, and Java.


joseph.jpg Joseph Katsioloudes. Joseph works for the GitHub Security Lab, and was previously a Security Consultant at IBM. He obtained an MSc in Cyber Security Engineering from the University of Warwick and an MEng in Computing from Imperial College London. His experience in security stems from summer internships and own initiatives to problem-solve. Highlights include the disclosure of a zero-day vulnerability for a top ten cryptocurrency during his final year at Imperial College, the GCHQ security accreditation, software contributions to open-source tools and advanced attack simulations.




Teaching Assistants

abdullah.jpg Adbdullah Adlaihan. Abdullah is a PhD student at Imperial College London under the supervision of Dr. Maffeis. He received his MSc in computer science from Georgia Institute of Technology, and his BSc in computer science from King Saud University. Abdullah's focus is on utilizing Large Language Models (LLMs) for systems security.


adam.png Adam Jones. Adam is a PhD student at Imperial under the supervision of Dr. Maffeis and Dr. Zizzo. He received his MEng from Imperial in Computer Science. Adam's research is focused on the security of foundation models that generate code, in particular researching attacks and defenses in the domains of model poisoning and prompt injection.


eman.jpg Eman Maali. Eman is a PhD student at Imperial College London under the supervision of Prof. McCann. Eman's Ph.D. focus is IoT Security, in which she is developing an anomaly detector for IoT networks. In 2017, Eman completed her MSc in Electromagnetic Sensor Networks at the University of Birmingham. The focus of the Master's was on electromagnetic, antennas, propagation, computer communications networks, and RF and microwave engineering. Moreover, Eman completed her BA in Computer Systems Engineering from Birzeit University in Palestine.


fahad.jpg Fahad Alotaibi. Fahad is a PhD student at Imperial College London under the supervision of Dr. Maffeis. He received his MSc from The University of York (UK) in Cyber Security, and his BCs from Shaqra University (KSA) in Computer Science. Fahad’ research is focused on robusting deep learning-based security applications againsts evasion attacks and concept drift. Fahad is also interested in other areas such as digital forensics and ransomware prevention.


myles.png Myles Foley. Myles is a PhD student at Imperial College London under the supervision of Dr. Maffeis. He received his MEng from University College London in Electronic Engineering with Computer Science, earning the ‘Outstanding MEng Graduating Student’ prize. Myles’ research is focused at novel - and exciting - ways of applying reinforcement learning to problems in cyber security.


xinfan.jpg Xin Fan Guo. Xin Fan is a PhD student in the Safe and Trusted AI CDT, a joint program between King’s College London and Imperial College London, supervised by Dr. Pierazzi and Dr. Maffeis. She holds a BSc in Computer Science from King’s College London. Her research focuses on applying symbolic AI to enhance network security.




Hall of Fame

  • 331 Bug Bounties
    • 331 Bug Bounty 2023
    • 331 Bug Bounty 2022
      • Albert Schleidt demonstrated the Dirtycow privilege escalation exploit on the listener vm.
      • Fabian Hauf, Anne-Sophie Hannes, Jonathan Powell, Vincent Bardenheier, Albert Schleidt reported a DOM-based XSS vulnerability in NaturalReaders.com.
    • 331 Bug Bounty 2020
    • 331 Ofuscation Bounty 2020
      • Winners: James Williams, Marco Selvatici.
      • Runner ups: Tristan Nemoz, Robert Jin, James Dalboth and Anonymous.
  • Belmont Lansdown 331 Prizes
    • Netcraft was sold to a US private equity fund in 2022-3. This year Mike Prettejohn, the founder and former owner of Netcraft, provided prizes worth GBP 500 from his new company, Belmont Lansdown.
    • The winners of the 2024 edition were: Lucy Steele, Huzaifah Farooq, Lucas Graeff-Buhl-Nielsen, Robin Gupta, Boyuan Jiang, Rushil Ambati, Rickie Ma, Anonymous, Robert Wakefield, Thom Hughes.
  • Netcraft 331 Prizes
    • Between 2019 and 2023 Netcraft sponsored awards for the top 10 performers in the exam (an Amazon voucher worth GBP 250)
    • The winners of the 2023 edition were: Ghazal Farzamfar, Panayiotis Gavriil, Michal Glinski, Derek Lai, Maximilian Lau, Suhaib Mohammed, James Nock, Matthew Setiawan, Mike Sorokin, Ye Lun Yang.
    • The winners of the 2022 edition were: Luqman Liaquat, Albert Schleidt, Thomas Alner, Andy Wang, Vincent Bardenheier, Madi Baiguzhayev, Daniel Ababei, Rodi Degirmenci, Anonymous, Arman Fidanoglu, Thomas Loureiro Van Issum.
    • The winners of the 2021 edition were: Michael Kuc, Andreas Casapu, Maksymilian Graczyk, Anonymous, Matteo Bilardi, Anonymous, Ali Abidi, Thomas Roberts, Tilman Roeder, Alexander Reichenbach
    • The winners of the 2020 edition were: Zak Cutner, Daniel Hails, Hadrian Lim Wei Heng, Fraser May, Alexander Nielsen, Giovanni Passerello, Matthew Pull, Ethan Sarif-Kattan, Marco Selvatici, Sebastian Reuter
    • The winners of the 2019 edition were: Jordan Spooner, Teodor Begu, Thomas Pointon, William Seddon, Niklas Vangerow, Lorenzo Silvestri, Pablo Gorostiaga-Belio, Giorgos Gavriil, Olivier Roques, Aurel Bily