Cyber security research continues to excel at Imperial

Igor Shilov and Matthieu Meeus collecting their award

October is Cyber Security Awareness Month and we're rounding up some of the top cyber security research being done across the university

To round off Cyber Security Awareness Month, which takes place each October, we’re celebrating Imperial College London’s cyber security research achievements over the past year.

Imperial is an Academic Centre of Excellence in Cyber Security Research (ACE-CSR), a National Cyber Security Centre-led (NCSC) programme acknowledging leading institutions in the field.

Since 2024, the Imperial cyber security community has contributed more than 50 articles, with a significant number at top peer-reviewed international journals and conferences with highly competitive acceptance rates. These include:

  • Four publications at the ACM Conference on Computer and Communications Security (CCS 2025)
  • Four at the Privacy Enhancing Technologies Symposium (PETS 2025)
  • Two at the Network and Distributed System Security symposium (NDSS 2025)
  • Two at the Usenix Security Symposium (USENIX 2025)
  • The International Cryptology Conference (CRYPTO 2025)
  • Nature Communications
  • The Association for the Advancement of Artificial Intelligence (AAAI 2025)
  • The International Conference on Machine Learning (ICML 2025)

Awards for our academics

Professor Hamed Haddadi (NetSyS Group, Computing) and collaborators from Brave Software, NOVA LINCS, Hashmatter and Royal Holloway received a distinguished paper award at the Network and Distributed System Security (NDSS) Symposium (2025) for their work. The authors introduce DiStefano, a system that lets users privately prove certain facts about their encrypted web activity. This means a trusted third party can verify those facts, e.g., whether a rule was followed, without needing to see all the user's data.

Members of the Computational Privacy Group (CPG, Computing), led by Professor Yves-Alexandre de Montjoye, also received prestigious awards. Stevanoski and co-authors designed QueryCheetah, a fast automated method for the discovery of attribute inference attacks against qyery-based systems which received the Distinguished Paper Award at the ACM Conference on Computer and Communications Security (CCS) 2024. Group members in collaboration with Imperial’s Associate Professor Marek Rei (Computing) also received a best paper award at the IEEE Conference on Secure and Trustworthy Machine Learning (SaTML) 2025 for their systematization of knowledge work on Membership Inference Attacks on LLMs.

Chengzeng You, Zhongyuan Hau and Associate Professor Soteris Demetriou (APSS Group, Computing) also received a distinguished paper award at the IEEE Security and Privacy Workshops in 2024 for their publication. The study shows it is possible to trick LiDAR sensors used in self-driving cars using a novel localisation method based on explainable AI principles which allows targeting only the most critical regions of an object’s 3D point cloud instead of its entire surface, resulting in attacks that can be much stealthier and effective than previously considered.

Other articles presented at Security and Privacy conferences include:

  • On Gaussian Sampling for q-ary Lattices and Linear Codes with Lee Weight, co-authored by Maja Lie (EEE) and Professor Cong Ling (EEE), presenting the publication at the CRYPTO 2025
  • Deep Learning from Imperfectly Labeled Malware Data, presented by Fahad Alotaibi, Euan Goodbrand, and Sergio Maffeis (Computing), also at CCS 2025, showcasing a new training framework that helps deep-learning malware detectors deal with mislabelled data
  • Free Record-Level Privacy Risk Evaluation Through Artifact-Based Methods, by Joseph Pollock, Igor Shilov, Euodia Dodd, and Yves-Alexandre de Montjoye (Computing) presented at Usenix Security (2025) introduces a new method, LT-IQR, that lets developers identify which training data points in a machine-learning model are most vulnerable to being exposed through membership inference attacks without having to train hundreds of extra “shadow” models. As a result, privacy-risk assessment becomes much cheaper and more practical for large models and iterative development

Beyond security and privacy

The work of Imperial’s ACE-CSR academics is strongly represented not only in international security and privacy-focused venues, but also other areas of computer science.

Cyber security underpins modern society, and this is reflected in its presence across the research landscape. In the past year, cyber security papers co-authored by Imperial academics have been published in Nature Communications (Luc Rocher and Yves-Alexandre de Montjoye, Computing) and ACM Transactions on Software Engineering and Methodology (TOSEM) (Cristian Cadar, Computing) as well as presented at the Association for the Advancement of Artificial Intelligence (Myles Foley and Sergio Maffeis, Computing) and the International Conference on Machine Learning (Matthew Wicker, Philip Sosnin, Igor Shilov, Yves-Alexandre de Montjoye and Calvin Tsay, Computing).

Academic Centres of Excellence

Imperial College London has been recognised as an ACE-CSR since 2012. Institutions attain this status by providing evidence of having a critical mass of skilled researchers with sustained external funding producing high-impact research in several areas of cyber security, as well as demonstrating a sustained commitment and investment to cyber security research and people.

To find out more about cyber security research at Imperial, visit our website.

Article text (excluding photos or graphics) © Imperial College London.

Photos and graphics subject to third party copyright used with permission or © Imperial College London.

Reporter

Press Office

Communications and Public Affairs