446H - Applied Network Security - 2019

Table of Contents


  • The course is over :)



  • Timetable: Fri 2pm-4pm Hux 308
  • Office hours: Thursday 5:30pm, Hux 441.
  • Please post your questions on our Piazza page!
    • Other students may benefit from your questions, or may know the answer.
    • We will do our best to answer any remaining questions quickly.
  • BYOD
    • We will have some in-class demos. You are welcome to bring your laptop if you want to be hands-on.
  • This course is not recorded on Panopto.


  • Exam
    • There is no exam!
  • Assessment
    • Participation budget: bug bounties and/or presentations to other students 15%
      • Please ignore the test on CATE for 18/1/19, it's only a placeholder for these marks
    • 4 small group projects to do during the duration of the course: respectively 15%, 20%, 25%, and 25%
  • Project 1 Web application security auditing tool has been issued on CATE on 18/1/19, deadline 25/1/19


sergio.jpg Sergio Maffeis (Lecturer and course leader). Sergio is a senior lecturer in Computer Security at Imperial. He received his Ph.D. from Imperial and his MSc from University of Pisa, Italy. Maffeis' research interests include security, formal methods, and programming languages. His recent work focuses on the application of formal methods to web security. You can find out more from his home page.

erisa.jpg Erisa Karafili (Guest lecturer). Erisa is a Marie Courie Fellow with the Resilient Information Systems Security research group at Imperial. Her main research focus is solving different security problems with the use of formal methods together with techniques from artificial intelligence, knowledge representation, network security and social science.


This course will provide students with the opportunity to deepen their understanding of computer security, and apply the knowledge accumulated by taking other computer science courses to addressing practical network security problems.

The course will cover a subset of the following advanced network security topics (subject to yearly updates):

  • Analysis of recent security compromises
  • Wifi security
  • Authorisation on the web - Cloud security
  • Ethical hacking
  • Email security
  • Intrusion detection
  • Threat intelligence and Security Information and Event Management systems
  • Operational security and incident response
  • Network forensics, attack attribution

Pre-requisites for MEng students: 331 Network and Web Security. Pre-requisites for MSc students: this course assumes that students are already familiar with cybersecurity, web security, programming languages, computer networks and operating systems.