446H - Applied Network Security - 2019

• The course is over :)

• 18/1 Lecture 1
  • 0. Introduction
  • 1. Web application security
    • Introduction to assessed Project 1
    • In-class discussion on detection of web application security misconfigurations on the client side
    • Further reading around this topic (not required for the project)
      • You Are What You Include - Large-scale Evaluation of Remote JavaScript Inclusions
      • On the Content Security Policy Violations due to the Same-Origin Policy
      • Cross-Site Search Attacks
• 25/1 Lecture 2
  • Presentations of Project 1
  • 2. Intrusion detection
    • Introduction to assessed Project 2
    • In-class discussion on detection of web application attacks detectable via werb server logs
• 1/2 Lecture 3
  • 3. Firewalls, IDSs, Anomaly detection
    • Further reading around this topic (not required for the project)
      • Hiding Behind the Shoulders of Giants - Abusing Crawlers for Indirect Web Attacks
      • A multi-model approach to the detection of web-based attacks
      • A Novel Semantic-Aware Approach for Detecting Malicious Web Traffic
  • In-class feedback on Project 1
• 8/2 Lecture 4
  • Presentations of Project 2
  • 4. Network Forensics
    • Introduction to assessed Project 3
• 15/2 Lecture 5
  • 5. Forensics models and Attack attribution
  • In-class feedback on Project 2
• 22/2 Lecture 6
  • Presentations of Project 3
  • 6. WiFi security
    • Introduction to assessed Project 4
• 1/3 Lecture 7
  • 7. More on WiFi security
    • Good overview of WiFi penetration testing: BackTrack 5 Wireless Penetration Testing, V. Ramachandran, PACKY Publishing, 2011.
    • Further reading around this topic (not required for the project)
      • Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2
      • Release the Kraken- New KRACKs in the 802.11 Standard
  • In-class feedback on Project 3
• 8/3 Lecture 8
  • WiFi Battle Royale

• Timetable: Fri 2pm-4pm Hux 308
• Office hours: Thursday 5:30pm, Hux 441.
• Please post your questions on our Piazza page!
  • Other students may benefit from your questions, or may know the answer.
  • We will do our best to answer any remaining questions quickly.
• BYOD
  • We will have some in-class demos. You are welcome to bring your laptop if you want to be hands-on.
• This course is not recorded on Panopto.

• Exam
  • There is no exam!
• Assessment
  • Participation budget: bug bounties and/or presentations to other students 15%
    • Please ignore the test on CATE for 18/1/19, it's only a placeholder for these marks
  • 4 small group projects to do during the duration of the course: respectively 15%, 20%, 25%, and 25%
• Project 1 Web application security auditing tool has been issued on CATE on 18/1/19, deadline 25/1/19

Sergio Maffeis (Lecturer and course leader). Sergio is a senior lecturer in Computer Security at Imperial. He received his Ph.D. from Imperial and his MSc from University of Pisa, Italy. Maffeis' research interests include security, formal methods, and programming languages. His recent work focuses on the application of formal methods to web security. You can find out more from his home page.

Erisa Karafili (Guest lecturer). Erisa is a Marie Courie Fellow with the Resilient Information Systems Security research group at Imperial. Her main research focus is solving different security problems with the use of formal methods together with techniques from artificial intelligence, knowledge representation, network security and social science.

This course will provide students with the opportunity to deepen their understanding of computer security, and apply the knowledge accumulated by taking other computer science courses to addressing practical network security problems.

The course will cover a subset of the following advanced network security topics (subject to yearly updates):

• Analysis of recent security compromises
• Wifi security
• Authorisation on the web - Cloud security
• Ethical hacking
• Email security
• Intrusion detection
• Threat intelligence and Security Information and Event Management systems
• Operational security and incident response
• Network forensics, attack attribution

Pre-requisites for MEng students: 331 Network and Web Security. Pre-requisites for MSc students: this course assumes that students are already familiar with cybersecurity, web security, programming languages, computer networks and operating systems.