331 - Network and Web Security - 2026

• Overview. This week we cover more background material and general topics relevant to the rest of the course, and end with a quick look at the security of local area networks. Authentication and passwords are pervasive in cybersecurity. We introduce key concepts and best practices here, and will come back to the topic later in the course. Pentesting is a useful conceptual framework to assess the security of a network, and we will practice it in the labs from now on. The networks background module is mostly to the benefit of those students who do not have a computing background, but can serve as a quick refresher to the others. Finally we briefly discuss local area networks and some of their security weaknesses. You will practice some of what you learn on authentication, networks and LANs already in this week's tutorial, which is practical and based on virtual machines. You will need to have installed Kali on VirtualBox, either on your laptop or on a machine in the labs, folowing last week's guide.
• Topics
  • 4 Authentication
  • 5 Pentesting
    • Read Chapters 3 and 4 of Professional Penetration Testing
    • Optional reading
      • Read Chapters 6 and 7 of Professional Penetration Testing
  • 6 Networks background
    • Optional reading (highly recommended if you are new to computer networks)
      • Sections 4.1, 4.2, 4.3, 6.4 (up to and including 6.4.3) of Computer Networking - A Top-Down Approach - 7th Edition
  • 7 LAN security
• Activities
  • Lab on Monday
    • Tutorial 2: Virtual security lab and passwords
  • In class session on Thursday
    • Q&A, demos

• Overview. This week we cover some general security topics which are relevant to the rest of the course. In order to secure a system, we want to be able to discover, fix and, even better, prevent security vulnerabilities. Attackers attempt to install malware on their victims, and use malware itself to implement further attacks. Although malware is not the focus of this course, we need to have some familiarity with it, in order to understand the objectives and techniques used to attack networks and web applications. Threat modelling is a conceptual tool that we will use in the rest of the course to assess the security of applications and systems. Note that this week is a gentle introduction to the course, the pace and difficulty will increase as we get into technical topics.
• Topics
  • 1 Vulnerabilities
    • Read Chapter 2 of Professional Penetration Testing
  • 2 Malware
    • Optional reading
      • Analysis of a Botnet Takeover
      • End-to-End Analysis of the Spam Value Chain
      • Understanding the Mirai Botnet
      • Browse the Evolution of Exploit Kits working paper
  • 3 Threat Modelling
    • Read Chapters 1-4 of Threat modelling – Designing for security
• Activities
  • Independent lab assignment (in your own time, before the 19th)
    • Guide: Install VirtualBox and Kali
  • In class session on Thursday
    • Overview, Q&A, demos
    • Tutorial 1: Threat Modelling

Sergio Maffeis. Sergio is an associate professor in Computer Security at Imperial, where he leads the Security and Machine Learning Lab. He received his PhD from Imperial and his MSc from University of Pisa, Italy. Maffeis' research interests include security, machine learning, formal methods, and programming languages. You can find out more from his home page.

Charlie Hothersall-Thomas. Charlie is a Director of Engineering at Netcraft, where he leads the DevOps division. Prior to this he worked as a developer on a variety of Netcraft's anti-cybercrime products. His technical expertise includes web security, TLS and PKI, networking, Linux system administration and Tor. He graduated in 2014 with a BEng in Computing from Imperial College London, where he started BrowserAudit as his final year project.

Ibrahim ElSayed. Ibrahim is an experienced security engineer specializing in leveraging program analysis to detect and prevent security vulnerabilities at scale. With over a decade of expertise in building advanced static analysis tools, he has contributed to securing massive codebases written in languages like PHP, Python, and Java. Ibrahim is also passionate about researching vulnerabilities in end-to-end encrypted messaging applications like WhatsApp, Telegram, and Signal, aiming to enhance their security. He leads efforts to empower developers and scale security teams to identify and mitigate critical vulnerabilities effectively.

Joseph Katsioloudes. Joseph works for the GitHub Security Lab, and was previously a Security Consultant at IBM. He obtained an MSc in Cyber Security Engineering from the University of Warwick and an MEng in Computing from Imperial College London. His experience in security stems from summer internships and own initiatives to problem-solve. Highlights include the disclosure of a zero-day vulnerability for a top ten cryptocurrency during his final year at Imperial College, the GCHQ security accreditation, software contributions to open-source tools and advanced attack simulations.

Adbdullah Adlaihan. Abdullah is a PhD student at Imperial under the supervision of Dr. Maffeis. He received his MSc in computer science from Georgia Institute of Technology, and his BSc in computer science from King Saud University. Abdullah's focus is on utilizing Large Language Models (LLMs) for systems security.

Adam Jones. Adam is a PhD student at Imperial under the supervision of Dr. Maffeis and Dr. Zizzo. He received his MEng from Imperial in Computer Science. Adam's research is focused on the security of foundation models that generate code, in particular researching attacks and defenses in the domains of model poisoning and prompt injection.

Archie Licudi. Archie is a PhD student at Imperial under the supervision of Dr. Maffeis. They received their Joint Mathematics and Computing MEng from Imperial and have worked at Oxford as a research assistant in federated learning for healthcare. Archie’s research is now focused on applications of concepts from algebra, pattern theory, and formal methods to the design of reliable machine learning systems for cybersecurity.

Fahad Alotaibi. Fahad is a Honorary Research Associate at Imperial and a Lecturer ad Najran University. He got his PhD from Imperial under the supervision of Dr. Maffeis. He received his MSc from The University of York (UK) in Cyber Security, and his BCs from Shaqra University (KSA) in Computer Science. Fahad’ research is focused on robusting deep learning-based security applications againsts evasion attacks and concept drift. Fahad is also interested in other areas such as digital forensics and ransomware prevention.

Kevin Peng. Kevin is a PhD student at Imperial under the supervision of Dr. Maffeis. He received his MEng in Electronic and Information Engineering from Imperial. Yunan’s research is focused on cyberattack prediction, specifically combining contextual-awareness techniques and generative models.

Xin Fan Guo. Xin Fan is a PhD student in the Safe and Trusted AI CDT, a joint program between King’s College London and Imperial, supervised by Dr. Pierazzi and Dr. Maffeis. She holds a BSc in Computer Science from King’s College London. Her research focuses on applying symbolic AI to enhance network security.