diff --git a/course-design/contents.tex b/course-design/contents.tex index faae245..42b6b95 100644 --- a/course-design/contents.tex +++ b/course-design/contents.tex @@ -103,7 +103,7 @@ \section{Overview} The requirements for Master's level are set out in \citetitle{HEO2}~\autocite{HEO2}, namely: -\begin{frame}[fragile] +%\begin{frame}[fragile] \begin{block}{Master's goals: Knowledge and understanding~\autocite{HEO2}} \only
{\begin{enumerate}[label={(K\arabic*)},ref=K\arabic*]} \only{\begin{itemize}} @@ -117,9 +117,9 @@ \section{Overview} \only
{\end{enumerate}} \only{\end{itemize}} \end{block} -\end{frame} +%\end{frame} -\begin{frame}[fragile] +%\begin{frame}[fragile] \begin{block}{Master's goals: Competence and skills~\autocite{HEO2}} \only
{\begin{enumerate}[label={(C\arabic*)},ref=C\arabic*]} \only{\begin{itemize}} @@ -139,9 +139,9 @@ \section{Overview} \only{\end{itemize}} \only
{\end{enumerate}} \end{block} -\end{frame} +%\end{frame} -\begin{frame}[fragile] +%\begin{frame}[fragile] \begin{block}{Master's goals: Judgement and approach~\autocite{HEO2}} \only
{\begin{enumerate}[label={(J\arabic*)},ref=J\arabic*]} \only{\begin{itemize}} @@ -154,7 +154,7 @@ \section{Overview} \only{\end{itemize}} \only
{\end{enumerate}} \end{block} -\end{frame} +%\end{frame} \paragraph{Intended learning outcomes}\label{LearningOutcomes} @@ -184,7 +184,19 @@ \section{Overview} in order to be able to contribute to scientifically based development. \end{frame} -\subsection{Prerequisites} +There are also two learning outcomes related more to general skill, rather than +scientific method: +\begin{frame}[fragile] + After passing the course, the student should be able to + \begin{itemize} + \item plan and carry out assignments within given time frames and using + available resources, and + \item write short, clear and arguing texts based on own analysis as well as + given material. + \end{itemize} +\end{frame} + +\subsection
{Prerequisites} The course requires some prerequisites. In the area of cybersecurity, the student should be able to: @@ -312,6 +324,16 @@ \subsection{The goal} We can see this aspect in \ref{LOcomm} (and \ref{Ccomm}) and we will see this aspect as part of the assessment of the course later. +\begin{frame} + \begin{block}{Concrete goals} + \begin{itemize} + \item Ask good questions. + \item Use suitable methods to answer them. + \item Evaluate the suitability of proposed methods. + \end{itemize} + \end{block} +\end{frame} + \subsection{Teaching design} @@ -531,7 +553,14 @@ \subsection{Format} \mode{% \begin{frame} - \begin{block}{Assessment} + \begin{block}{Teaching}<+> + \begin{itemize} + \item Reading material and watching videos. + \item Discuss and work with material at synchronous seminars. + \end{itemize} + \end{block} + + \begin{block}{Assessment}<+> \begin{itemize} \item A synchronous seminar to summarize all work and tie the sack. \end{itemize} @@ -542,6 +571,7 @@ \subsection{Format} \begin{block}{Giving the course} \begin{enumerate} \item Given every period; yes, four times per year. + \item If you don't finish, you can try again next period. \end{enumerate} \end{block} \end{frame} @@ -638,17 +668,26 @@ \subsection{Contents} \end{frame} } -%\begin{frame} -% \begin{block}{Contents, part II} -% \begin{itemize} -% \item General introductions to various subfields. -% \item Which methods are used and why? -% \item Some exemplary papers? \alert<2>{Both good and bad!} -% \item How does a subfield fit into the holistic picture of Security? -% \end{itemize} -% \end{block} -%\end{frame} -% +\begin{frame} + \begin{block}{Contents, part II} + \begin{itemize} + \item General introductions to various subfields. + \item Which methods are used and why? + %\item Some exemplary papers? \alert<2>{Both good and bad!} + \item How does a subfield fit into the holistic picture of Security? + \item How can these methods fit into other situations? + \end{itemize} + \end{block} + + \begin{exercise} + \begin{itemize} + \item What is an area or problem that you're interested in (in security)? + \item Think of an interesting case that you can reflect on during the + course. + \end{itemize} + \end{exercise} +\end{frame} + %\begin{frame} % \begin{remark} % \begin{itemize} @@ -692,14 +731,43 @@ \subsection{Final assessment} LOrelate,LOcomm,LOplan,LOapply,LOevaluate% }. +\begin{frame} + \begin{block}{Final assessment} + \begin{itemize} + \item Design a research method for a given set of research questions. + \item Assess the suitability of the method. + \item Motivate the choices of methods. + \item Explain why the methods answer the questions. + \end{itemize} + \end{block} +\end{frame} + You'll do this by writing a report motivating your choices of methods and explaining why they answer the question. You'll also present this report at the final seminar. Someone else will review the report, and you will review someone else's report too. +\begin{frame} + \begin{block}{Final seminar and review} + \begin{itemize} + \item Present this at the final seminar. + \item Review someone else's report. + \end{itemize} + \end{block} +\end{frame} + The final assessment will be done in pairs. +\begin{frame} + \begin{remark} + \begin{itemize} + \item The final assessment will be done in pairs. + \item Up to three in a group is allowed. + \end{itemize} + \end{remark} +\end{frame} + %\begin{frame}[allowframebreaks] % \begin{block}{Assessment} % \begin{itemize} @@ -720,13 +788,24 @@ \subsection{Final assessment} % \end{block} %\end{frame} -\begin{frame} - \begin{question} - \begin{itemize} - \item Comments, questions, other thoughts? - \end{itemize} - \end{question} +%\begin{frame} +% \begin{question} +% \begin{itemize} +% \item Comments, questions, other thoughts? +% \end{itemize} +% \end{question} +%\end{frame} + +\begin{onlyenv} +\section{The material} + +\begin{frame}[fragile] + \begin{center} + \huge + Canvas + \end{center} \end{frame} +\end{onlyenv} %%% REFERENCES %%% diff --git a/modules/02-passwd/01-seminar.md b/modules/02-passwd/01-seminar.md new file mode 100644 index 0000000..756cd4f --- /dev/null +++ b/modules/02-passwd/01-seminar.md @@ -0,0 +1,14 @@ +The library will come and talk about tools to use for searching and how to do +literature reviews. + +**Participation**: Online in the class Zoom room. Working webcam and microphone +is required. + +**Preparation**: The assignments that you just did (all previous material). You +need a device that you can work with web tools on. + +**Seminar content**: The library will talk about different types of literature +reviews. They will also present some useful tools for searching for literature. +We'll use these tools to search for literature to answer some of the research +questions we've discussed in the preparation material. (That's why you need a +device to work on.) diff --git a/modules/02-passwd/02-seminar.md b/modules/02-passwd/02-seminar.md new file mode 100644 index 0000000..f5f43bd --- /dev/null +++ b/modules/02-passwd/02-seminar.md @@ -0,0 +1,12 @@ +**Participation**: Online in the class Zoom room. Working webcam and microphone +is required. + +**Preparation**: The assignments that you just did (all previous material from +last seminar until now). + +**Seminar content**: We will discuss the papers that you've worked with. + +Particularly, we'll discuss how they relate to the research questions that was +the origin of the discussion. What we're interested in is how well these papers +answer those research questions and, particularly, how we can answer *exactly* +those questions. diff --git a/modules/02-passwd/2024-04-05-Note-14-56.xoj b/modules/02-passwd/2024-04-05-Note-14-56.xoj new file mode 100644 index 0000000..985fee8 Binary files /dev/null and b/modules/02-passwd/2024-04-05-Note-14-56.xoj differ diff --git a/modules/02-passwd/contents.tex b/modules/02-passwd/contents.tex index 4aba4a6..0e2bcc3 100644 --- a/modules/02-passwd/contents.tex +++ b/modules/02-passwd/contents.tex @@ -24,23 +24,19 @@ \clearpage -\section{Introduction} +\section
{Introduction} -\begin{frame} We've had passwords for about as long as we've had computers. Unfortunately, we still\footnote{As of \today.} haven't managed to do it right in practice. -\end{frame} So here we'll deal with the following question. -\begin{frame} - \begin{question}\label{RQ} - How can we know how secure our password-based authentication system will be? - \end{question} -\end{frame} +\begin{question}\label{RQ} + How can we know how secure our password-based authentication system will be? +\end{question} -\section{How do we know it's secure?} +\section[How do we know?]{How do we know it's secure?} \begin{frame} We have a system where users log in. @@ -48,16 +44,17 @@ \section{How do we know it's secure?} We've decided to use a password-based authentication system\footnote{% Yes, I know it's a bit of an oxymoron, but humor me. }. -\end{frame} -\begin{frame} \begin{exercise} - What do we need to know to try to answer \cref{RQ}? + What do we need to know to try to answer + \only
{\cref{RQ}}% + \only{how secure this will be}% + ? \end{exercise} \end{frame} -\section{What do we mean by secure?} +\section[Define secure?]{What do we mean by secure?} Well, first of all, we need to define what we mean by \enquote{being secure}. \Cref{RQ} asks us to estimate how secure a password-based authentication system @@ -123,23 +120,24 @@ \subsection{Literature reviews} \begin{frame} \begin{exercise} - We want to investigate the most common definitions of security for - authentication systems and for which types of authentication systems + We want to investigate \alert<2>{the most common} definitions of security + for authentication systems and for which types of authentication systems they're used. Which type of literature review should we do; systematic or non-systematic? Why? \end{exercise} -\end{frame} + \begin{onlyenv}
In this case, the goal is to get an overview of the literature. Since purpose is to research what definitions there are and how they're used, we must document our method of research. This means that we should do a systematic literature review. + \end{onlyenv} -\begin{frame} \begin{exercise} - We want to explore different definitions of security for authentication - systems to find a definition to use for our study. + We want to \alert<2>{explore \only<2>{\textins{some} }different} + definitions of security for authentication systems to find a definition to + use for our study. Which type of literature review should we do; systematic or non-systematic? Why? \end{exercise} @@ -279,14 +277,10 @@ \subsection{Deductive evaluation} \end{frame} A uniform distribution means that -\begin{frame} - all passwords are equally likely (\(\frac{1}{N^n}\)) -\end{frame} +all passwords are equally likely (\(\frac{1}{N^n}\)) and that -\begin{frame} - the Shannon entropy is maximized and equal to \(-\log \frac{1}{N^n} = n \log - {N}\), -\end{frame} +the Shannon entropy is maximized and equal to \(-\log \frac{1}{N^n} = n \log +{N}\), where \(N\) is the number of possible characters and \(n\) is the length of the password. @@ -306,6 +300,14 @@ \subsection{Deductive evaluation} Is it really secure, why or why not? How can we answer this question? \end{exercise} + + \begin{solution} + We can try forcing some user-generated passwords. + + We've assumed that the passwords are uniformly distributed. + But are they? + How can we find out? + \end{solution} \end{frame} \subsection{Empirical evaluation} @@ -328,10 +330,10 @@ \subsection{Empirical evaluation} So we should change the question into the following. \begin{frame} -\begin{question} +\begin{question}[Password distribution] How does different password policies affect the password distribution? \end{question} -\begin{question}\label{Guessability} +\begin{question}[Password distribution, guessability]\label{Guessability} How easily can we guess the passwords under different password policies? \end{question} \begin{exercise} @@ -349,6 +351,16 @@ \subsection{Empirical evaluation} We will explore these papers to see how they tried to answer these questions, so we'll return to them. +\begin{frame} + \begin{example}[Password distribution, guessability] + \fullcite{OfPasswordsAndPeople} + \end{example} + + \begin{example}[Guessability, usability] + \fullcite{CanLongPasswordsBeSecureAndUsable} + \end{example} +\end{frame} + However, we can do other estimates deductively too. For instance, we have the very famous \enquote{correct horse battery staple} from xkcd (\cref{xkcd936}). @@ -358,15 +370,22 @@ \subsection{Empirical evaluation} \begin{frame} \begin{figure}[h] - \includegraphics[width=\linewidth]{fig/password_strength.png} - \caption{% - The famous xkcd \enquote{correct horse battery staple} comic. + \begin{sidecaption}[xkcd 936]{% + Illustrating the password policy of using a long passphrase. Image: xkcd.com/936/. - }\label{xkcd936} + }[xkcd936] + \includegraphics[width=\linewidth]{fig/password_strength.png} + \end{sidecaption} \end{figure} \end{frame} -\section{But is it even a good model to begin with?} +\begin{frame} + \begin{exercise} + Did any of the papers answer the question of how the passwords are chosen? + \end{exercise} +\end{frame} + +\section[Is it a good model?]{But is it even a good model to begin with?} \begin{frame} \begin{exercise} @@ -385,6 +404,7 @@ \section{But is it even a good model to begin with?} \begin{frame} \begin{question} Can the verifier be an adversary or is the verifier always benign? + What are the consequences of this? \end{question} \end{frame} @@ -395,30 +415,74 @@ \section{But is it even a good model to begin with?} whether the verifier is benign or not by entering their password: the reasoning was that if the is correct it will accept the password, otherwise it will not (since it doesn't know the password)---which is a fallacy. +This tells us that we need to consider the verifier as an adversary, +consequently we need a zero-knowledge property in \cref{FormalSecurity}. + +\begin{frame} + \begin{example} + \fullcite{WhyPhishingWorks} + \end{example} + + \pause + + \begin{example}[Consequences] + We need the zero-knowledge property in our security definition. + (We actually need \emph{malicious}, not honest, verifier zero-knowledge.) + \end{example} +\end{frame} We can also again turn to the wisdom of xkcd for another argument against the benign verifier assumption, namely password reuse (\cref{xkcd792}). \begin{frame} \begin{figure} - \includegraphics[height=0.9\textheight]{fig/password_reuse.png} - \caption{% + \begin{sidecaption}[xkcd 792]{% Illustrating whether the benign verifier assumption is a good idea in practice. Image: xkcd.com/792/. - }\label{xkcd792} + }[xkcd792] + \flushscap + \includegraphics[height=0.9\textheight]{fig/password_reuse.png} + \end{sidecaption} \end{figure} \end{frame} -\paragraph{Case study} - -We will study the paper by \textcite{WhyPhishingWorks} to explore how they -answered this question. -So we'll return to this paper later. - %\begin{frame} % \begin{question} % Are there more reasons? % Password re-use, incompetent service, malicious service. % \end{question} %\end{frame} + +\paragraph{Case study} + +We will study the paper by \textcite{WhyPhishingWorks} to explore how they +answered this question. +So we'll return to this paper later. + + +\section{Conclusion} + +\begin{frame} + We might need a qualitative (\eg usability) study + \only{\newline}% + to inform our deductive (\eg cryptographic) choices. +\end{frame} + +\begin{frame} + \begin{question}[Is the opposite also true?] + Can deduction be a useful (necessary?) complement for empirical studies? + How? + \end{question} +\end{frame} + +For instance, using a deductive approach we can rule out all those approaches +to passwords that are \emph{provably} easy to guess. +There is no need to empirically test them, which takes time, if we already know +they're bad. + +\begin{frame} + \begin{exercise} + What other aspects didn't we consider? + \end{exercise} +\end{frame} diff --git a/modules/02-passwd/notes.tex b/modules/02-passwd/notes.tex index 49b372d..20e181f 100644 --- a/modules/02-passwd/notes.tex +++ b/modules/02-passwd/notes.tex @@ -1,39 +1,4 @@ \documentclass[a4paper,10pt,article,oneside]{memoir} -%%% Tufte %%% -\usepackage{marginfix} -%\setlength{\evensidemargin}{\oddsidemargin} -\marginparmargin{outer} -\setlrmarginsandblock{2.5cm}{8cm}{*} - -\footnotesinmargin - -\usepackage{ragged2e} -\renewcommand{\sidefootform}{\RaggedRight} -\renewcommand{\foottextfont}{\footnotesize\RaggedRight} - -\setmpjustification{\RaggedRight}{\RaggedRight} - -% margin figure and caption typeset ragged against text block -\setfloatadjustment{marginfigure}{\mpjustification} -\setmarginfloatcaptionadjustment{figure}{\captionstyle{\mpjustification}} - -% From https://tex.stackexchange.com/a/324757/17418 -% Palatino for main text and math -\usepackage[osf,sc]{mathpazo} - -% Helvetica for sans serif -% (scaled to match size of Palatino) -\usepackage[scaled=0.90]{helvet} - -% Bera Mono for monospaced -% (scaled to match size of Palatino) -\usepackage[scaled=0.85]{beramono} - -\setlxvchars\setxlvchars -\checkandfixthelayout - -\nouppercaseheads -%%% end tufte %%% \let\subsubsection\subsection \let\subsection\section \let\section\chapter @@ -46,17 +11,6 @@ %\usepackage{authblk} %\let\institute\affil -\declaretheorem[style=theorem]{theorem} -\declaretheorem[style=definition]{definition} -\declaretheorem[style=definition]{assumption} -\declaretheorem[style=definition]{protocol} -\declaretheorem[style=example]{example} -\declaretheorem[style=remark]{remark} -\declaretheorem[style=remark]{idea} -\declaretheorem[style=exercise]{exercise} -\declaretheorem[style=exercise]{question} -\declaretheorem[style=solution]{solution} - \begin{document} \input{contents.tex} diff --git a/modules/02-passwd/preamble.tex b/modules/02-passwd/preamble.tex index dce955a..43bbd69 100644 --- a/modules/02-passwd/preamble.tex +++ b/modules/02-passwd/preamble.tex @@ -50,6 +50,7 @@ \usepackage{multicol} \usepackage{changepage} +\usepackage{didactic} \usepackage[capitalize]{cleveref} \input{objectives.tex} diff --git a/modules/02-passwd/slides.tex b/modules/02-passwd/slides.tex index 2287028..a77bbb7 100644 --- a/modules/02-passwd/slides.tex +++ b/modules/02-passwd/slides.tex @@ -1,100 +1,6 @@ \documentclass[ignoreframetext]{beamer} \input{preamble.tex} -\usetheme{Berlin} -\setbeamertemplate{footline}%{miniframes theme} -{% - \begin{beamercolorbox}[colsep=1.5pt]{upper separation line foot} - \end{beamercolorbox} - \begin{beamercolorbox}[ht=2.5ex,dp=1.125ex,% - leftskip=.3cm,rightskip=.3cm plus1fil]{author in head/foot}% - \leavevmode{\usebeamerfont{author in head/foot}\insertshortauthor}% - \hfill% - {\usebeamerfont{institute in head/foot}\usebeamercolor[fg]{institute in head/foot}\insertshortinstitute}% - \end{beamercolorbox}% - \begin{beamercolorbox}[ht=2.5ex,dp=1.125ex,% - leftskip=.3cm,rightskip=.3cm plus1fil]{title in head/foot}% - {\usebeamerfont{title in head/foot}\insertshorttitle} \hfill \insertframenumber% - \end{beamercolorbox}% - \begin{beamercolorbox}[colsep=1.5pt]{lower separation line foot} - \end{beamercolorbox} -} -\setbeamercovered{transparent} -\setbeamertemplate{bibliography item}[text] - -\AtBeginSection[]{% - \begin{frame} - \tableofcontents[currentsection] - \end{frame} -} - -\ProvideDocumentEnvironment{assumption}{o}{% - \IfValueTF{#1}{% - \begin{block}{Assumption: #1} - }{% - \begin{block}{Assumption} - } -}{% - \end{block} -} - -\ProvideDocumentEnvironment{protocol}{o}{% - \IfValueTF{#1}{% - \begin{block}{Protocol: #1} - }{% - \begin{block}{Protocol} - } -}{% - \end{block} -} - -\ProvideDocumentEnvironment{remark}{o}{% - \IfValueTF{#1}{% - \begin{alertblock}{Note: #1} - }{% - \begin{alertblock}{Note} - } -}{% - \end{alertblock} -} - -\ProvideDocumentEnvironment{idea}{o}{% - \IfValueTF{#1}{% - \begin{block}{Idea: #1} - }{% - \begin{block}{Idea} - } -}{% - \end{block} -} - -\ProvideDocumentEnvironment{question}{o}{% - \setbeamercolor{block body}{bg=orange!15,fg=black} - \setbeamercolor{block title}{bg=orange,fg=white} - \setbeamercolor{local structure}{fg=orange} - \IfValueTF{#1}{% - \begin{block}{Question: #1} - }{% - \begin{block}{Question} - } -}{% - \end{block} -} - -\ProvideDocumentEnvironment{exercise}{o}{% - \setbeamercolor{block body}{bg=yellow!10,fg=black} - \setbeamercolor{block title}{bg=yellow,fg=black} - \setbeamercolor{local structure}{fg=yellow} - \IfValueTF{#1}{% - \begin{block}{Exercise: #1} - }{% - \begin{block}{Exercise} - } -}{% - \end{block} -} - - \begin{document} \mode \input{contents.tex} diff --git a/modules/03-formal-methods/extendoldsoft.md b/modules/03-formal-methods/extendoldsoft.md new file mode 100644 index 0000000..ae25e2a --- /dev/null +++ b/modules/03-formal-methods/extendoldsoft.md @@ -0,0 +1,32 @@ +--- +title: Exercise: Extending old software +authors: + - Arve Gengelbach +--- +The goal of this exercise is to harden an old network-connected banking +software that is checked to be working correctly on input that is well-formed, +however on any other input anything could happen from simple shutdown +(availability) to leak of confidential data. Programmers that could program in +the system's programming language are not around anymore. + +To increase the assurance level the idea of this exercise is to discussing +formal-methods based hardening in this particular scenario. + +The approach to harden the system is in two steps, first by adding a filtering +software that drops any malformed network traffic before this traffic could +even enter the possibly partially broken banking software, and second by +checking that the filter works correctly. Well-formed input can be specified by +a regular expression for this program. + +Tasks: + +1. Formulate a security property that could be verified for each of the two: + + a. the interface between (the output of) the filter and (the input of) the + old banking application + + b. the application that does the filtering + +2. Discuss how to verify the security property: Which formal method should be + used for which scenario? What are the reasons? State any assumptions on + input/output. diff --git a/modules/03-formal-methods/teaching.md b/modules/03-formal-methods/teaching.md new file mode 100644 index 0000000..b62a6c2 --- /dev/null +++ b/modules/03-formal-methods/teaching.md @@ -0,0 +1,14 @@ +--- +title: Teaching material on formal methods +authors: + - Arve Gengelbach +--- +1. Lecture: Introduction to theorem proving +2. Lecture: Formal methods and interactive theorem proving +3. Lecture: Proving list-reverse correct (optional) +4. Lecture: Examples of what can be verified with interactive theorem provers +5. Lecture: Limitations of interactive theorem proving and conclusion +6. Article: Model checking: algorithmic verification and debugging +7. Lecture: Determining economic value of high assurance for commodity software + security +8. [Exercise: Extending old software](extendoldsoft.md) diff --git a/modules/04-anonymous/.gitignore b/modules/04-anonymous/.gitignore new file mode 100644 index 0000000..85d632d --- /dev/null +++ b/modules/04-anonymous/.gitignore @@ -0,0 +1,4 @@ +notes.pdf +slides.pdf +objectives.tex +literature diff --git a/modules/04-anonymous/Makefile b/modules/04-anonymous/Makefile new file mode 100644 index 0000000..3a73932 --- /dev/null +++ b/modules/04-anonymous/Makefile @@ -0,0 +1,31 @@ +.PHONY: all +all: notes.pdf slides.pdf + +LATEXFLAGS+= -shell-escape + +SRC+= preamble.tex +SRC+= abstract.tex contents.tex + +DEPENDS+= objectives.tex + +notes.pdf: notes.tex +notes.pdf: ${SRC} ${DEPENDS} ${FIGS} + +slides.pdf: slides.tex +slides.pdf: ${SRC} ${DEPENDS} ${FIGS} + +objectives.tex: ../../course-design/objectives.tex + +${DEPENDS}: + ${LN} $< $@ + + +.PHONY: clean +clean: + ${RM} notes.pdf slides.pdf + ${RM} ${DEPENDS} + ${MAKE} -C fig clean + + +INCLUDE_MAKEFILES=../../makefiles +include ${INCLUDE_MAKEFILES}/tex.mk diff --git a/modules/04-anonymous/abstract.tex b/modules/04-anonymous/abstract.tex new file mode 100644 index 0000000..ae4a777 --- /dev/null +++ b/modules/04-anonymous/abstract.tex @@ -0,0 +1,30 @@ +% What's the problem? +% Why is it a problem? Research gap left by other approaches? +% Why is it important? Why care? +% What's the approach? How to solve the problem? +% What's the findings? How was it evaluated, what are the results, limitations, +% what remains to be done? + +% XXX Summary +\emph{Summary:} +In this assignment we will explore the research methods used in the area of +anonymous communication systems, such as Tor. +This is interesting because it requires a wide range of methods. + +% XXX Motivation and intended learning outcomes +\emph{Intended learning outcomes:} +This assignment focuses on practice to +\begin{itemize} + \item \LOrelate; + \item \LOevaluate; + \item \LOapply; + \item \LOcomm. +\end{itemize} + +% XXX Prerequisites +\emph{Prerequisites:} +We need basic knowledge of security, corresponding to an introductory course in +the subject. +We also need a high-level overview of the breadth of research methods used in +the area of security, corresponding to the overview lecture \enquote{The +Scientific Method} given in the course. diff --git a/modules/04-anonymous/bibliography.bib b/modules/04-anonymous/bibliography.bib new file mode 100644 index 0000000..e69de29 diff --git a/modules/04-anonymous/contents.tex b/modules/04-anonymous/contents.tex new file mode 100644 index 0000000..6d8204b --- /dev/null +++ b/modules/04-anonymous/contents.tex @@ -0,0 +1,165 @@ +\title{% + How do you know it's secure? + Anonymous communication +} +\author{Daniel Bosk\thanks{% + This material is available under the Creative Commons + Attribution-NonCommercial-ShareAlike (CC-BY-NC-SA) 4.0 international + license. + The material was written with some aid from GitHub Copilot. +}} +\institute{% + KTH EECS +} + +\begin{frame} + \maketitle +\end{frame} + +\mode* + +\begin{abstract} + \input{abstract.tex} +\end{abstract} + +\clearpage + + +\section{Users get routed} + +\begin{frame} + \begin{question}[Users get routed] + \begin{itemize} + \item What was the research question? + \item What methods did they use? + \item Why is that a good method? + \item Can we use another method? + \end{itemize} + \end{question} +\end{frame} + +\begin{frame} + \begin{solution}[What was the research question?] + \begin{itemize} + \item How susceptible are \alert<2>{typical} users to attacks by + \alert<2>{reasonably realistic} adversaries? + \end{itemize} + \end{solution} + + \begin{uncoverenv}<2> + \begin{question} + \begin{itemize} + \item What is a \enquote{typical} user? + \item What is \enquote{reasonably realistic}? + \end{itemize} + \end{question} + \end{uncoverenv} +\end{frame} + +\begin{frame} + \begin{solution}[What methods did they use?] + \begin{itemize} + \item They used a simulation. + \end{itemize} + \end{solution} + + \begin{uncoverenv}<+> + \begin{question} + \begin{itemize} + \item Why is a simulation a good method? + \item How do the results relate to reality (validity)? + \end{itemize} + \end{question} + \end{uncoverenv} + + \begin{uncoverenv}<+> + \begin{question}[\enquote{Typical} users] + \begin{itemize} + \item How well do the \enquote{typical} users match reality? + \item Do they have to? + \end{itemize} + \end{question} + \end{uncoverenv} +\end{frame} + + +\section{Shadow: Running Tor in a box} + +\begin{frame} + \begin{question}[Shadow: Running Tor in a box] + \begin{itemize} + \item What was the research question? + \item What methods did they use? + \item Why is that a good method? + \item Can we use another method? + \end{itemize} + \end{question} +\end{frame} + +\begin{frame} + \begin{question} + \begin{itemize} + \item They evaluate the quality of a research tool. + \item What are the challenges in doing that? + \end{itemize} + \end{question} +\end{frame} + + +\section{WF with Website Oracles} + +\begin{frame} + \begin{question}[WF with Website Oracles] + \begin{itemize} + \item What was the research question? + \item What methods did they use? + \item Why is that a good method? + \item Can we use another method? + \end{itemize} + \end{question} +\end{frame} + +\begin{frame} + \begin{question} + \begin{itemize} + \item<+> What type of contribution do we get from this paper? + \item<+> What is the Website Oracle? How do they show WOs exist in + reality? + \item<+> How do they show WF+WO effect in reality? + \end{itemize} + \end{question} +\end{frame} + + +\section{Evaluating WF in Real World} + +\begin{frame} + \begin{question}[Evaluating WF in Real World] + \begin{itemize} + \item What was the research question? + \item What methods did they use? + \item Why is that a good method? + \item Can we use another method? + \end{itemize} + \end{question} +\end{frame} + +\begin{frame} + \begin{question} + \begin{itemize} + \item They complained about the evaluation of WF in other papers. + What was the problem? + \item Are there any problems with this paper's approach? + \end{itemize} + \end{question} +\end{frame} + +\begin{frame} + \begin{remark}[Problems] + \begin{itemize} + \item Didn't test WF+WO paper's approach in this new setting. + \item Papers like WF+WO must use same approach as papers they compare + with. + \end{itemize} + \end{remark} +\end{frame} diff --git a/modules/04-anonymous/fig/.gitignore b/modules/04-anonymous/fig/.gitignore new file mode 100644 index 0000000..2bc47a4 --- /dev/null +++ b/modules/04-anonymous/fig/.gitignore @@ -0,0 +1,2 @@ +password_reuse.png +password_strength.png diff --git a/modules/04-anonymous/fig/Makefile b/modules/04-anonymous/fig/Makefile new file mode 100644 index 0000000..ea16ce9 --- /dev/null +++ b/modules/04-anonymous/fig/Makefile @@ -0,0 +1,5 @@ +.PHONY: all +all: + +.PHONY: clean +clean: diff --git a/modules/04-anonymous/notes.tex b/modules/04-anonymous/notes.tex new file mode 100644 index 0000000..49b372d --- /dev/null +++ b/modules/04-anonymous/notes.tex @@ -0,0 +1,64 @@ +\documentclass[a4paper,10pt,article,oneside]{memoir} +%%% Tufte %%% +\usepackage{marginfix} +%\setlength{\evensidemargin}{\oddsidemargin} +\marginparmargin{outer} +\setlrmarginsandblock{2.5cm}{8cm}{*} + +\footnotesinmargin + +\usepackage{ragged2e} +\renewcommand{\sidefootform}{\RaggedRight} +\renewcommand{\foottextfont}{\footnotesize\RaggedRight} + +\setmpjustification{\RaggedRight}{\RaggedRight} + +% margin figure and caption typeset ragged against text block +\setfloatadjustment{marginfigure}{\mpjustification} +\setmarginfloatcaptionadjustment{figure}{\captionstyle{\mpjustification}} + +% From https://tex.stackexchange.com/a/324757/17418 +% Palatino for main text and math +\usepackage[osf,sc]{mathpazo} + +% Helvetica for sans serif +% (scaled to match size of Palatino) +\usepackage[scaled=0.90]{helvet} + +% Bera Mono for monospaced +% (scaled to match size of Palatino) +\usepackage[scaled=0.85]{beramono} + +\setlxvchars\setxlvchars +\checkandfixthelayout + +\nouppercaseheads +%%% end tufte %%% +\let\subsubsection\subsection +\let\subsection\section +\let\section\chapter + +\input{preamble.tex} + +\usepackage[noamsthm,notheorems]{beamerarticle} +\setjobnamebeamerversion{slides} + +%\usepackage{authblk} +%\let\institute\affil + +\declaretheorem[style=theorem]{theorem} +\declaretheorem[style=definition]{definition} +\declaretheorem[style=definition]{assumption} +\declaretheorem[style=definition]{protocol} +\declaretheorem[style=example]{example} +\declaretheorem[style=remark]{remark} +\declaretheorem[style=remark]{idea} +\declaretheorem[style=exercise]{exercise} +\declaretheorem[style=exercise]{question} +\declaretheorem[style=solution]{solution} + +\begin{document} +\input{contents.tex} + +\printbibliography +\end{document} diff --git a/modules/04-anonymous/preamble.tex b/modules/04-anonymous/preamble.tex new file mode 100644 index 0000000..dce955a --- /dev/null +++ b/modules/04-anonymous/preamble.tex @@ -0,0 +1,55 @@ +\usepackage[utf8]{inputenc} +\usepackage[T1]{fontenc} +\usepackage[british]{babel} +\usepackage{booktabs} + +\usepackage[% + natbib, + citestyle=verbose,singletitle=false, + style=verbose, + maxbibnames=99,% + isbn=false,doi=false,url=true +]{biblatex} +\addbibresource{bibliography.bib} + +\usepackage[all]{foreign} +\renewcommand{\foreignfullfont}{} +\renewcommand{\foreignabbrfont}{} + +\usepackage{import} + +\usepackage[strict]{csquotes} +\SetCiteCommand{\autocite} +\usepackage[single]{acro} +\acsetup{cite/cmd={\autocite}} + +\usepackage[noend]{algpseudocode} +\usepackage{xparse} + +\let\email\texttt + +\usepackage[outputdir=ltxobj]{minted} +\setminted{autogobble} + +\usepackage{pythontex} +\setpythontexoutputdir{.} +\setpythontexworkingdir{..} + +\usepackage{amsmath} +\usepackage{amssymb} +\usepackage{mathtools} +\usepackage{amsthm} +\usepackage{thmtools} +%\usepackage[unq]{unique} +\DeclareMathOperator{\powerset}{\mathcal{P}} + +\usepackage[binary-units]{siunitx} + +\usepackage{adjustbox} +\usepackage{lipsum} +\usepackage{multicol} +\usepackage{changepage} + +\usepackage[capitalize]{cleveref} + +\input{objectives.tex} diff --git a/modules/04-anonymous/seminar.md b/modules/04-anonymous/seminar.md new file mode 100644 index 0000000..cf03b91 --- /dev/null +++ b/modules/04-anonymous/seminar.md @@ -0,0 +1,9 @@ +We will talk about some methods used in researching Tor, this covers a variety +of methods ranging from deductive to empirical experiments to simulations. + +**Participation**: online in the class Zoom room. + +**Preparation**: The material in this module that precedes this page. + +**Seminar content**: Briefly discuss the methods and research questions. + diff --git a/modules/04-anonymous/slides.tex b/modules/04-anonymous/slides.tex new file mode 100644 index 0000000..395cdf5 --- /dev/null +++ b/modules/04-anonymous/slides.tex @@ -0,0 +1,106 @@ +\documentclass[ignoreframetext]{beamer} +\input{preamble.tex} + +\usetheme{Berlin} +\setbeamertemplate{footline}%{miniframes theme} +{% + \begin{beamercolorbox}[colsep=1.5pt]{upper separation line foot} + \end{beamercolorbox} + \begin{beamercolorbox}[ht=2.5ex,dp=1.125ex,% + leftskip=.3cm,rightskip=.3cm plus1fil]{author in head/foot}% + \leavevmode{\usebeamerfont{author in head/foot}\insertshortauthor}% + \hfill% + {\usebeamerfont{institute in head/foot}\usebeamercolor[fg]{institute in head/foot}\insertshortinstitute}% + \end{beamercolorbox}% + \begin{beamercolorbox}[ht=2.5ex,dp=1.125ex,% + leftskip=.3cm,rightskip=.3cm plus1fil]{title in head/foot}% + {\usebeamerfont{title in head/foot}\insertshorttitle} \hfill \insertframenumber% + \end{beamercolorbox}% + \begin{beamercolorbox}[colsep=1.5pt]{lower separation line foot} + \end{beamercolorbox} +} +\setbeamercovered{transparent} +\setbeamertemplate{bibliography item}{\relax} + +\AtBeginSection[]{% + \begin{frame} + \tableofcontents[currentsection] + \end{frame} +} + +\ProvideDocumentEnvironment{assumption}{o}{% + \IfValueTF{#1}{% + \begin{block}{Assumption: #1} + }{% + \begin{block}{Assumption} + } +}{% + \end{block} +} + +\ProvideDocumentEnvironment{protocol}{o}{% + \IfValueTF{#1}{% + \begin{block}{Protocol: #1} + }{% + \begin{block}{Protocol} + } +}{% + \end{block} +} + +\ProvideDocumentEnvironment{remark}{o}{% + \IfValueTF{#1}{% + \begin{alertblock}{Note: #1} + }{% + \begin{alertblock}{Note} + } +}{% + \end{alertblock} +} + +\ProvideDocumentEnvironment{idea}{o}{% + \IfValueTF{#1}{% + \begin{block}{Idea: #1} + }{% + \begin{block}{Idea} + } +}{% + \end{block} +} + +\ProvideDocumentEnvironment{question}{o}{% + \setbeamercolor{block body}{bg=orange!15,fg=black} + \setbeamercolor{block title}{bg=orange,fg=white} + \setbeamercolor{local structure}{fg=orange} + \IfValueTF{#1}{% + \begin{block}{Question: #1} + }{% + \begin{block}{Question} + } +}{% + \end{block} +} + +\ProvideDocumentEnvironment{exercise}{o}{% + \setbeamercolor{block body}{bg=yellow!10,fg=black} + \setbeamercolor{block title}{bg=yellow,fg=black} + \setbeamercolor{local structure}{fg=yellow} + \IfValueTF{#1}{% + \begin{block}{Exercise: #1} + }{% + \begin{block}{Exercise} + } +}{% + \end{block} +} + + +\begin{document} +\mode +\input{contents.tex} +\mode* + +\begin{frame}[allowframebreaks] + \printbibliography +\end{frame} +\end{document} diff --git a/modules/05-scientificity/.gitignore b/modules/05-scientificity/.gitignore new file mode 100644 index 0000000..85d632d --- /dev/null +++ b/modules/05-scientificity/.gitignore @@ -0,0 +1,4 @@ +notes.pdf +slides.pdf +objectives.tex +literature diff --git a/modules/05-scientificity/Makefile b/modules/05-scientificity/Makefile new file mode 100644 index 0000000..3a73932 --- /dev/null +++ b/modules/05-scientificity/Makefile @@ -0,0 +1,31 @@ +.PHONY: all +all: notes.pdf slides.pdf + +LATEXFLAGS+= -shell-escape + +SRC+= preamble.tex +SRC+= abstract.tex contents.tex + +DEPENDS+= objectives.tex + +notes.pdf: notes.tex +notes.pdf: ${SRC} ${DEPENDS} ${FIGS} + +slides.pdf: slides.tex +slides.pdf: ${SRC} ${DEPENDS} ${FIGS} + +objectives.tex: ../../course-design/objectives.tex + +${DEPENDS}: + ${LN} $< $@ + + +.PHONY: clean +clean: + ${RM} notes.pdf slides.pdf + ${RM} ${DEPENDS} + ${MAKE} -C fig clean + + +INCLUDE_MAKEFILES=../../makefiles +include ${INCLUDE_MAKEFILES}/tex.mk diff --git a/modules/05-scientificity/abstract.tex b/modules/05-scientificity/abstract.tex new file mode 100644 index 0000000..b2a93c6 --- /dev/null +++ b/modules/05-scientificity/abstract.tex @@ -0,0 +1,28 @@ +% What's the problem? +% Why is it a problem? Research gap left by other approaches? +% Why is it important? Why care? +% What's the approach? How to solve the problem? +% What's the findings? How was it evaluated, what are the results, limitations, +% what remains to be done? + +% XXX Summary +\emph{Summary:} +In this module we will try to overview the methodological state of security. + +% XXX Motivation and intended learning outcomes +\emph{Intended learning outcomes:} +This assignment focuses on practice to +\begin{itemize} + \item \LOrelate; + \item \LOevaluate; + \item \LOapply; + \item \LOcomm. +\end{itemize} + +% XXX Prerequisites +\emph{Prerequisites:} +We need basic knowledge of security, corresponding to an introductory course in +the subject. +We also need a high-level overview of the breadth of research methods used in +the area of security, corresponding to the overview lecture \enquote{The +Scientific Method} given in the course. diff --git a/modules/05-scientificity/bibliography.bib b/modules/05-scientificity/bibliography.bib new file mode 100644 index 0000000..e69de29 diff --git a/modules/05-scientificity/contents.tex b/modules/05-scientificity/contents.tex new file mode 100644 index 0000000..8e8915a --- /dev/null +++ b/modules/05-scientificity/contents.tex @@ -0,0 +1,48 @@ +\title{% + Scientificity in Security +} +\author{Daniel Bosk\thanks{% + This material is available under the Creative Commons + Attribution-NonCommercial-ShareAlike (CC-BY-NC-SA) 4.0 international + license. + The material was written with some aid from GitHub Copilot. +}} +\institute{% + KTH EECS +} + +\begin{frame} + \maketitle +\end{frame} + +\mode* + +\begin{abstract} + \input{abstract.tex} +\end{abstract} + +\clearpage + +\section{How to design computer security experiments} + +\section{Dos and don'ts of machine learning in security} + +\begin{frame} + \begin{question} + \begin{itemize} + \item What can we actually say from these results, based on their method? + \end{itemize} + \end{question} +\end{frame} + +\section{Security as a scientific pursuit} + +\begin{frame} + \begin{question} + \begin{itemize} + \item How did they know that this is so? + \item What can we actually say from these results? + \end{itemize} + \end{question} +\end{frame} + diff --git a/modules/05-scientificity/fig/Makefile b/modules/05-scientificity/fig/Makefile new file mode 100644 index 0000000..ea16ce9 --- /dev/null +++ b/modules/05-scientificity/fig/Makefile @@ -0,0 +1,5 @@ +.PHONY: all +all: + +.PHONY: clean +clean: diff --git a/modules/05-scientificity/notes.tex b/modules/05-scientificity/notes.tex new file mode 100644 index 0000000..49b372d --- /dev/null +++ b/modules/05-scientificity/notes.tex @@ -0,0 +1,64 @@ +\documentclass[a4paper,10pt,article,oneside]{memoir} +%%% Tufte %%% +\usepackage{marginfix} +%\setlength{\evensidemargin}{\oddsidemargin} +\marginparmargin{outer} +\setlrmarginsandblock{2.5cm}{8cm}{*} + +\footnotesinmargin + +\usepackage{ragged2e} +\renewcommand{\sidefootform}{\RaggedRight} +\renewcommand{\foottextfont}{\footnotesize\RaggedRight} + +\setmpjustification{\RaggedRight}{\RaggedRight} + +% margin figure and caption typeset ragged against text block +\setfloatadjustment{marginfigure}{\mpjustification} +\setmarginfloatcaptionadjustment{figure}{\captionstyle{\mpjustification}} + +% From https://tex.stackexchange.com/a/324757/17418 +% Palatino for main text and math +\usepackage[osf,sc]{mathpazo} + +% Helvetica for sans serif +% (scaled to match size of Palatino) +\usepackage[scaled=0.90]{helvet} + +% Bera Mono for monospaced +% (scaled to match size of Palatino) +\usepackage[scaled=0.85]{beramono} + +\setlxvchars\setxlvchars +\checkandfixthelayout + +\nouppercaseheads +%%% end tufte %%% +\let\subsubsection\subsection +\let\subsection\section +\let\section\chapter + +\input{preamble.tex} + +\usepackage[noamsthm,notheorems]{beamerarticle} +\setjobnamebeamerversion{slides} + +%\usepackage{authblk} +%\let\institute\affil + +\declaretheorem[style=theorem]{theorem} +\declaretheorem[style=definition]{definition} +\declaretheorem[style=definition]{assumption} +\declaretheorem[style=definition]{protocol} +\declaretheorem[style=example]{example} +\declaretheorem[style=remark]{remark} +\declaretheorem[style=remark]{idea} +\declaretheorem[style=exercise]{exercise} +\declaretheorem[style=exercise]{question} +\declaretheorem[style=solution]{solution} + +\begin{document} +\input{contents.tex} + +\printbibliography +\end{document} diff --git a/modules/05-scientificity/preamble.tex b/modules/05-scientificity/preamble.tex new file mode 100644 index 0000000..dce955a --- /dev/null +++ b/modules/05-scientificity/preamble.tex @@ -0,0 +1,55 @@ +\usepackage[utf8]{inputenc} +\usepackage[T1]{fontenc} +\usepackage[british]{babel} +\usepackage{booktabs} + +\usepackage[% + natbib, + citestyle=verbose,singletitle=false, + style=verbose, + maxbibnames=99,% + isbn=false,doi=false,url=true +]{biblatex} +\addbibresource{bibliography.bib} + +\usepackage[all]{foreign} +\renewcommand{\foreignfullfont}{} +\renewcommand{\foreignabbrfont}{} + +\usepackage{import} + +\usepackage[strict]{csquotes} +\SetCiteCommand{\autocite} +\usepackage[single]{acro} +\acsetup{cite/cmd={\autocite}} + +\usepackage[noend]{algpseudocode} +\usepackage{xparse} + +\let\email\texttt + +\usepackage[outputdir=ltxobj]{minted} +\setminted{autogobble} + +\usepackage{pythontex} +\setpythontexoutputdir{.} +\setpythontexworkingdir{..} + +\usepackage{amsmath} +\usepackage{amssymb} +\usepackage{mathtools} +\usepackage{amsthm} +\usepackage{thmtools} +%\usepackage[unq]{unique} +\DeclareMathOperator{\powerset}{\mathcal{P}} + +\usepackage[binary-units]{siunitx} + +\usepackage{adjustbox} +\usepackage{lipsum} +\usepackage{multicol} +\usepackage{changepage} + +\usepackage[capitalize]{cleveref} + +\input{objectives.tex} diff --git a/modules/05-scientificity/seminar.md b/modules/05-scientificity/seminar.md new file mode 100644 index 0000000..214c67f --- /dev/null +++ b/modules/05-scientificity/seminar.md @@ -0,0 +1,11 @@ +We will talk about scientificity in security. + +**Participation**: online in the class Zoom room. + +**Preparation**: The material in this module that precedes this page. + +**Seminar content**: Briefly discuss the methods and research questions of the +papers. Discuss the role of the scientific method in security and what doing +security in a scientific way means. + +We'll also introduce the final assignment. diff --git a/modules/05-scientificity/slides.tex b/modules/05-scientificity/slides.tex new file mode 100644 index 0000000..395cdf5 --- /dev/null +++ b/modules/05-scientificity/slides.tex @@ -0,0 +1,106 @@ +\documentclass[ignoreframetext]{beamer} +\input{preamble.tex} + +\usetheme{Berlin} +\setbeamertemplate{footline}%{miniframes theme} +{% + \begin{beamercolorbox}[colsep=1.5pt]{upper separation line foot} + \end{beamercolorbox} + \begin{beamercolorbox}[ht=2.5ex,dp=1.125ex,% + leftskip=.3cm,rightskip=.3cm plus1fil]{author in head/foot}% + \leavevmode{\usebeamerfont{author in head/foot}\insertshortauthor}% + \hfill% + {\usebeamerfont{institute in head/foot}\usebeamercolor[fg]{institute in head/foot}\insertshortinstitute}% + \end{beamercolorbox}% + \begin{beamercolorbox}[ht=2.5ex,dp=1.125ex,% + leftskip=.3cm,rightskip=.3cm plus1fil]{title in head/foot}% + {\usebeamerfont{title in head/foot}\insertshorttitle} \hfill \insertframenumber% + \end{beamercolorbox}% + \begin{beamercolorbox}[colsep=1.5pt]{lower separation line foot} + \end{beamercolorbox} +} +\setbeamercovered{transparent} +\setbeamertemplate{bibliography item}{\relax} + +\AtBeginSection[]{% + \begin{frame} + \tableofcontents[currentsection] + \end{frame} +} + +\ProvideDocumentEnvironment{assumption}{o}{% + \IfValueTF{#1}{% + \begin{block}{Assumption: #1} + }{% + \begin{block}{Assumption} + } +}{% + \end{block} +} + +\ProvideDocumentEnvironment{protocol}{o}{% + \IfValueTF{#1}{% + \begin{block}{Protocol: #1} + }{% + \begin{block}{Protocol} + } +}{% + \end{block} +} + +\ProvideDocumentEnvironment{remark}{o}{% + \IfValueTF{#1}{% + \begin{alertblock}{Note: #1} + }{% + \begin{alertblock}{Note} + } +}{% + \end{alertblock} +} + +\ProvideDocumentEnvironment{idea}{o}{% + \IfValueTF{#1}{% + \begin{block}{Idea: #1} + }{% + \begin{block}{Idea} + } +}{% + \end{block} +} + +\ProvideDocumentEnvironment{question}{o}{% + \setbeamercolor{block body}{bg=orange!15,fg=black} + \setbeamercolor{block title}{bg=orange,fg=white} + \setbeamercolor{local structure}{fg=orange} + \IfValueTF{#1}{% + \begin{block}{Question: #1} + }{% + \begin{block}{Question} + } +}{% + \end{block} +} + +\ProvideDocumentEnvironment{exercise}{o}{% + \setbeamercolor{block body}{bg=yellow!10,fg=black} + \setbeamercolor{block title}{bg=yellow,fg=black} + \setbeamercolor{local structure}{fg=yellow} + \IfValueTF{#1}{% + \begin{block}{Exercise: #1} + }{% + \begin{block}{Exercise} + } +}{% + \end{block} +} + + +\begin{document} +\mode +\input{contents.tex} +\mode* + +\begin{frame}[allowframebreaks] + \printbibliography +\end{frame} +\end{document} diff --git a/modules/final-seminar/contents.tex b/modules/final-seminar/contents.tex index 4307019..4ce9d67 100644 --- a/modules/final-seminar/contents.tex +++ b/modules/final-seminar/contents.tex @@ -36,6 +36,8 @@ \section{Introduction} \begin{frame} \begin{block}{Goal} \begin{itemize} + \item You should be able to evaluate a proposed method to answer a + question. \item You should be able to design a method to answer a research question. \item Security is multifaceted, you should be able to consider more than @@ -60,16 +62,12 @@ \section{Scenario and research question} The research question that you should answer is the following: \begin{frame} -\begin{question} - We want to develop a secure instant-messaging system\footnote{% - Think chat or SMS/text messages; something like Signal, WhatsApp, Telegram, - \etc - }. - How can we evaluate its security? -\end{question} +\begin{restatable}{question}{mainRQ}\label{mainRQ} + How secure is the Signal instant-messaging app? +\end{restatable} \end{frame} -\section{Assessment}\label{Assessment} +\section
{Assessment}\label{Assessment} In brief, what you should be able to do is to ask good questions and propose suitable ways of answering them. @@ -87,42 +85,52 @@ \subsection{Material you should produce} To be able to show that you can do that, you should \begin{frame} - \only{You should} \begin{itemize} \item write a report, and - \item make a presentation (10 minutes).\footnote{% - If you write your report in LaTeX, consider writing your slides in LaTeX - also using the \texttt{beamer} and \texttt{beamerarticle} packages. - } + \item review someone else's report. \end{itemize} -These should should contain the following sections: +\end{frame} + +The report should contain the following sections: +\begin{frame} \begin{enumerate} - \item Research question overview. - \only
{This section should give an overview of the research - question and outline any subquestions that you derive. - (This focuses on \cref{LOrelate}.)} - \item Methodology. - \only
{This section contains how you propose to answer the - questions from the previous section (methods used). - (This focuses on \cref{LOapply}.)} - \item Discussion. - \only
{In this section you discuss why those methods answer the - questions properly and any limitations that you see. - You can also discuss item alternative methods that you discarded (and - why). - (This focuses on \cref{LOevaluate}.)} + \item Related works. + \only
{% + This section should give an overview of the existing research literature + related to \cref{mainRQ}. + That is, you should find all papers that answers some aspect of it. + You should note what question each paper answers and summarize how they + do that. + (This focuses on \cref{LOevaluate}.)% + } + \item Missing aspects. + \only
{% + In this section, you pose questions that are also related to + \cref{mainRQ}, but has not been covered by the literature. + For each such question, you must propose a method that correctly provides + an answer\footnote{% + But remember, you don't have to actually perform any of these + methods. + }. + You must also discuss why this method is suitable to answer the question + and any limitations. + (This focuses on \cref{LOapply,LOevaluate}.)% + } \item Conclusion. - \only
{This section ties the sack. - Here you connect the questions and the types of answers gained (through the - methods) and piece them back into the original research question. - You also summarize how well you find the original question to be answered, - if there are any \enquote{holes that need filling}. - (This focuses on \cref{LOrelate,LOevaluate,LOcomm}.)} + \only
{% + This section ties the sack. + Here you connect the questions (yours and from related works) and the + types of answers gained (through the methods) and piece them back into + \cref{mainRQ}. + You also summarize how well you find \cref{mainRQ} to be answered, if + there are any \enquote{holes that need filling}. + (This focuses on \cref{LOrelate}.)% + } % \item your original plan for the course work, adaptations made and what you % learned. \end{enumerate} \end{frame} -This assesses \cref{LOrelate,LOevaluate,LOapply,LOcomm,LOplan}. +This assesses \cref{LOrelate,LOevaluate,LOapply,LOcomm}. %\paragraph{Feedback you should provide} % @@ -142,10 +150,10 @@ \subsection{Material you should produce} %\end{itemize} %This also assesses \cref{LOcomm}. -\subsection{Assessment criteria} +\subsection
{Assessment criteria} To assess the learning objectives -(\cref{LOrelate,LOevaluate,LOapply,LOplan,LOcomm}) +(\cref{LOrelate,LOevaluate,LOapply,LOcomm,LOplan}) we use the following criteria. These criteria are also included as a rubric in the assignment where you hand in your report. @@ -156,82 +164,76 @@ \subsection{Assessment criteria} You'll need a pass on all criteria to pass the assignment and the course. -\begin{frame}[fragile,allowframebreaks] - \RaggedRight - \begin{longtable} - {p{0.33\textwidth}p{0.33\textwidth}p{0.33\textwidth}p{0.33\textwidth}} - \toprule - \textbf{Learning objective} - & \textbf{Criteria} - & \textbf{Pass} - & \textbf{Fail} - \\* - \midrule - \endhead - \only
{\cref{LOrelate}:} - The student is able to \LOrelate - & The main research question is explored from relevant aspects? - & There might be more aspects to explore, but the most important ones are - covered. Motivate why no more aspect need to be explored. - & There is at least one aspect missing that can be motivated to be - important. Motivate which one. - For instance, do we need to ask another more detailed (research) question - to be able to answer the main research question in a meaningful way? Do - they address the question from just a single perspective? - \\* - \newpage - \only
{\cref{LOapply}:} - The student is able to \LOapply - & The methods are suitable to answer the questions? - & All questions have suggested methods that can actually answer the - question correctly. - Motivate why this is the case. - & There is at least one question that will not be answered correctly with - the suggested method. - State which one and why. - For instance, the method might only answer part of the question. - %Or not at all. - \\* - \newpage - \only
{\cref{LOevaluate}:} - The student is able to \LOevaluate - & Are all quality aspects considered in the discussion? - & The most important quality aspects are considered and discussed. - & At least one important quality aspect is missing. - State which one and motivate why it's important enough that it must be - treated. - \\* - & Are all ethical aspects considered? - & The most important ethical aspects are considered and discussed. - & At least one important ethical aspect is missing. - State which one and motivate why it's important enough that it must be - treated. - \\* - \newpage - \only
{\cref{LOcomm}:} - The student is able to \LOcomm - & Is the report written as short as possible? - & The report can probably be slightly shortened, but not by much. - & The report can be shortened considerably. - Give at least one example of where and how. - \\* - & Is the report clear and easy to understand? - & The report is easy to understand. - & Some parts of the report must be read more than once to understand. - (Or worse.) - Give at least one example. - \\* - & Are the arguments clearly stated and well motivated? - & All arguments are clearly stated and well motivated. - & At least one argument is not clearly stated or not well motivated. - State which one and motivate why it's not clear or well motivated. - \\* - \bottomrule - \end{longtable} -\end{frame} +{\RaggedRight +\begin{longtable} +{p{0.33\textwidth}p{0.33\textwidth}p{0.33\textwidth}p{0.33\textwidth}} +\toprule +\textbf{Learning objective} + & \textbf{Criteria} + & \textbf{Pass} + & \textbf{Fail} + \\* +\midrule +\endhead +\only
{\cref{LOrelate}:} +The student is able to \LOrelate + & The main research question is explored from relevant aspects? + & There might be more aspects to explore, but the most important ones are + covered. Motivate why no more aspect need to be explored. + & There is at least one aspect missing that can be motivated to be + important. Motivate which one. + For instance, do we need to ask another more detailed (research) question + to be able to answer the main research question in a meaningful way? Do + they address the question from just a single perspective? + \\* +\only
{\cref{LOapply}:} +The student is able to \LOapply + & The methods are suitable to answer the questions? + & All questions have suggested methods that can actually answer the + question correctly. + Motivate why this is the case. + & There is at least one question that will not be answered correctly with + the suggested method. + State which one and why. + For instance, the method might only answer part of the question. + %Or not at all. + \\* +\only
{\cref{LOevaluate}:} +The student is able to \LOevaluate + & Are all quality aspects considered in the discussion? + & The most important quality aspects are considered and discussed. + & At least one important quality aspect is missing. + State which one and motivate why it's important enough that it must be + treated. + \\* + & Are all ethical aspects considered? + & The most important ethical aspects are considered and discussed. + & At least one important ethical aspect is missing. + State which one and motivate why it's important enough that it must be + treated. + \\* +\only
{\cref{LOcomm}:} +The student is able to \LOcomm + & Is the report written as short as possible? + & The report can probably be slightly shortened, but not by much. + & The report can be shortened considerably. + Give at least one example of where and how. + \\* + & Is the report clear and easy to understand? + & The report is easy to understand. + & Some parts of the report must be read more than once to understand. + (Or worse.) + Give at least one example. + \\* + & Are the arguments clearly stated and well motivated? + & All arguments are clearly stated and well motivated. + & At least one argument is not clearly stated or not well motivated. + State which one and motivate why it's not clear or well motivated. + \\* +\bottomrule +\end{longtable}} -\only
{% -\subsection{Plagiarism} +\subsection
{Plagiarism} You work in the groups that you've signed up for. You may discuss with others, search the literature and use tools such as @@ -254,33 +256,54 @@ \subsection{Plagiarism} Not mentioning that you've used ChatGPT or discussed the topic with people outside the group is considered an attempt to deceive. -} \section{The final seminar} -\subsection{Structure} +During the final seminar we will discuss the questions and methods that you've +covered in the report and how well \cref{mainRQ} was covered. -\begin{frame} - \begin{block}{Structure} - \begin{enumerate} - \item Each group presents - \item After each presentation, I might ask for some more details. - \item When everyone has presented, we discuss what we've heard. - \end{enumerate} - \end{block} +For the seminar you should prepare slides. +Each slide should focus on a research question. +If the research question was covered by the literature, you should have a +reference to the paper on the slide. + +During the seminar, with the slide you should be able to explain the question +and your evaluation of how well the method answers the question. +(You can use more than one slide if it improves the presentation, but it +shouldn't be necessary.) + +The participants will take turn in presenting the question, method and +evaluation. +The we discuss jointly. +We will want to discuss closely related questions, try to group them by that in +the slide deck. + +\begin{frame} + \begin{activity}[Order] + \begin{itemize} + \item What order to present? + \item You'll have one minute to write \enquote{me!}. + \item The order in which you appear will be the order of presentation. + \end{itemize} + \end{activity} \end{frame} -\subsection{Questions for discussion} +\begin{frame} + \mainRQ* + \begin{activity} + \begin{itemize} + \item One aspect/subquestion at a time. + \end{itemize} + \end{activity} +\end{frame} -\begin{frame} - \begin{question} - What are the first thoughts while/after hearing the others present? - \end{question} - \begin{question} - What did you like the most from what you've heard? - \end{question} - \begin{question} - What would you like to improve/do differently/add to your own work - after hearing what the others did? - \end{question} +\begin{frame} + \begin{activity}[Any other aspects/questions?] + \begin{itemize} + \item Take a few minutes to reflect on holes that need filling to get + closer to fully answer the main question. + \item Just write the questions. + \end{itemize} + \end{activity} \end{frame} + diff --git a/modules/final-seminar/notes.tex b/modules/final-seminar/notes.tex index 30c6191..c8f6dae 100644 --- a/modules/final-seminar/notes.tex +++ b/modules/final-seminar/notes.tex @@ -1,39 +1,4 @@ \documentclass[a4paper,10pt,article,oneside]{memoir} -%%% Tufte %%% -\usepackage{marginfix} -%\setlength{\evensidemargin}{\oddsidemargin} -\marginparmargin{outer} -\setlrmarginsandblock{2.5cm}{8cm}{*} - -\footnotesinmargin - -\usepackage{ragged2e} -\renewcommand{\sidefootform}{\RaggedRight} -\renewcommand{\foottextfont}{\footnotesize\RaggedRight} - -\setmpjustification{\RaggedRight}{\RaggedRight} - -% margin figure and caption typeset ragged against text block -\setfloatadjustment{marginfigure}{\mpjustification} -\setmarginfloatcaptionadjustment{figure}{\captionstyle{\mpjustification}} - -% From https://tex.stackexchange.com/a/324757/17418 -% Palatino for main text and math -\usepackage[osf,sc]{mathpazo} - -% Helvetica for sans serif -% (scaled to match size of Palatino) -\usepackage[scaled=0.90]{helvet} - -% Bera Mono for monospaced -% (scaled to match size of Palatino) -\usepackage[scaled=0.85]{beramono} - -\setlxvchars\setxlvchars -\checkandfixthelayout - -\nouppercaseheads -%%% end tufte %%% \let\subsubsection\subsection \let\subsection\section \let\section\chapter @@ -46,17 +11,6 @@ %\usepackage{authblk} %\let\institute\affil -\declaretheorem[style=theorem]{theorem} -\declaretheorem[style=definition]{definition} -\declaretheorem[style=definition]{assumption} -\declaretheorem[style=definition]{protocol} -\declaretheorem[style=example]{example} -\declaretheorem[style=remark]{remark} -\declaretheorem[style=remark]{idea} -\declaretheorem[style=exercise]{exercise} -\declaretheorem[style=exercise]{question} -\declaretheorem[style=solution]{solution} - \usepackage[inline]{enumitem} \begin{document} diff --git a/modules/final-seminar/preamble.tex b/modules/final-seminar/preamble.tex index 0789d3b..f6f9822 100644 --- a/modules/final-seminar/preamble.tex +++ b/modules/final-seminar/preamble.tex @@ -41,6 +41,8 @@ \usepackage[binary-units]{siunitx} +\usepackage{didactic} + \usepackage[capitalize]{cleveref} \input{objectives.tex} diff --git a/modules/final-seminar/slides.tex b/modules/final-seminar/slides.tex index 2287028..a77bbb7 100644 --- a/modules/final-seminar/slides.tex +++ b/modules/final-seminar/slides.tex @@ -1,100 +1,6 @@ \documentclass[ignoreframetext]{beamer} \input{preamble.tex} -\usetheme{Berlin} -\setbeamertemplate{footline}%{miniframes theme} -{% - \begin{beamercolorbox}[colsep=1.5pt]{upper separation line foot} - \end{beamercolorbox} - \begin{beamercolorbox}[ht=2.5ex,dp=1.125ex,% - leftskip=.3cm,rightskip=.3cm plus1fil]{author in head/foot}% - \leavevmode{\usebeamerfont{author in head/foot}\insertshortauthor}% - \hfill% - {\usebeamerfont{institute in head/foot}\usebeamercolor[fg]{institute in head/foot}\insertshortinstitute}% - \end{beamercolorbox}% - \begin{beamercolorbox}[ht=2.5ex,dp=1.125ex,% - leftskip=.3cm,rightskip=.3cm plus1fil]{title in head/foot}% - {\usebeamerfont{title in head/foot}\insertshorttitle} \hfill \insertframenumber% - \end{beamercolorbox}% - \begin{beamercolorbox}[colsep=1.5pt]{lower separation line foot} - \end{beamercolorbox} -} -\setbeamercovered{transparent} -\setbeamertemplate{bibliography item}[text] - -\AtBeginSection[]{% - \begin{frame} - \tableofcontents[currentsection] - \end{frame} -} - -\ProvideDocumentEnvironment{assumption}{o}{% - \IfValueTF{#1}{% - \begin{block}{Assumption: #1} - }{% - \begin{block}{Assumption} - } -}{% - \end{block} -} - -\ProvideDocumentEnvironment{protocol}{o}{% - \IfValueTF{#1}{% - \begin{block}{Protocol: #1} - }{% - \begin{block}{Protocol} - } -}{% - \end{block} -} - -\ProvideDocumentEnvironment{remark}{o}{% - \IfValueTF{#1}{% - \begin{alertblock}{Note: #1} - }{% - \begin{alertblock}{Note} - } -}{% - \end{alertblock} -} - -\ProvideDocumentEnvironment{idea}{o}{% - \IfValueTF{#1}{% - \begin{block}{Idea: #1} - }{% - \begin{block}{Idea} - } -}{% - \end{block} -} - -\ProvideDocumentEnvironment{question}{o}{% - \setbeamercolor{block body}{bg=orange!15,fg=black} - \setbeamercolor{block title}{bg=orange,fg=white} - \setbeamercolor{local structure}{fg=orange} - \IfValueTF{#1}{% - \begin{block}{Question: #1} - }{% - \begin{block}{Question} - } -}{% - \end{block} -} - -\ProvideDocumentEnvironment{exercise}{o}{% - \setbeamercolor{block body}{bg=yellow!10,fg=black} - \setbeamercolor{block title}{bg=yellow,fg=black} - \setbeamercolor{local structure}{fg=yellow} - \IfValueTF{#1}{% - \begin{block}{Exercise: #1} - }{% - \begin{block}{Exercise} - } -}{% - \end{block} -} - - \begin{document} \mode \input{contents.tex}