How does the course work? (Course memo in FAQ form)

FAQ

What if I have a question, how do I contact a teacher or TA? NEW 26/9

What is mandatory?

Can I participate remotely? Will there be recordings?

What are the deadlines? What if I miss a deadline?

How do the labs work?

How does the exam work? What if I miss or fail an exam?

What are the overall intended learning outcomes and grading criteria for the course?

Why peer grading?   NEW 26/9

Changes for this course round

 

What if I have a question, how do I contact a teacher or TA?

  1. If you want to to be anonymous, send it via one of the course-representative students, Damla (gozuk@kth.se), Otto (ottopf@kth.se), Tor(arvill@kth.se) (They also offered their phone numbers, but I don't want to post them here on a public page, trying to find a better way. /Sonja)
  2. If it's funka related, mailto Sonja at buc@kth.se , with subject "[funka]" <rest of subject>
  3. Otherwise, start by checking the relevant pinned discussion thread and reply there if appropriate.
  4. If nothing fits, post a new discussion or
  5. if it's confidential (in the sense that it's important that only teachers and TAs have access) mailto dd239x-security@kth.se 

Do not send messages to teachers or TAs through canvas (will not be checked, we can't see who else got the message leading to parallel responses) or send e-mails directly to a person unless there is a compelling reason (even then, the mail may get buried in the flood of mails, whereas the dd239x-security@kth.se will be monitored regularly). 

 

What is mandatory?

  • successful submissions for individual tasks: Lab G (GPG mail), Lab O (buffer overflow), peer review for seminar report draft, 4 programming exercises
  • successful presentation of group tasks: Lab F (firewall milestones), Lab W (web attacks), Seminar presentation (plus report draft and final version)
  • attendance: full exam time as scheduled (peer-grading part with mandatory zoom attendance for everyone taking the exam), full 2-h slot of the seminar you present at, any lab/presentation time you have to register for

Back to top

 

Can I participate remotely? Will there be recordings?

  • This instance of the course is held in a hybrid way in the following sense: whenever possible, activities take place on campus, but you will be able to join via zoom at least to listen to the class. 
  • Most lectures are done as flipped classroom (you check the material before class and during class there are activities). You decide when exactly you watch lecture videos, read and explore related material before the corresponding scheduled class.
  • In scheduled class (lecture in the calendar) we discuss old exams, any questions related to the content of the videos, and current events relevant for the topic. This is to allows you to see how well you've understood the topic, clarify and apply the learned concepts to goings-on in the world, and to practice critical evaluation of reporting on security in the media. 
  • These scheduled classes may not be recorded
  • Live lectures (not flipped classroom) are recorded and uploaded a few days after the lecture. 
  • Lab sessions and seminars have zoom alternatives, see below. 

Back to top

 

What are the deadlines? What if I miss a deadline?

  • To even out the workload for you and preserve availability and timely response from the teachers and teaching assistants, we have approximately weekly deadlines for assignments, collected in a deadline calendar in Quick links. Though listed as all-day events for better visibility, the deadlines are at 18h on the respective days. (End of workday to not incentivize late-night work plus an hour of grace if you have class until 17h.)
  • If you miss a deadline, you'll get another chance to complete the assignment during lab week in June. For individual tasks that are graded automatically (Lab G (not bonus assignment), Lab O, programming exercises) you try to submit them also before lab week, but there is no guarantee that the servers are up outside of the period the course is taught in and grade reporting may be delayed.
  • For the small programming exercises, there are recommended times for when to do them and they're not graded in the traditional sense but are more for your own self assessment/feedback. You have as many attempts as you like and we don't do e.g. plagiarism control. The only requirement is that they're all done and correct by the end of the course.

Back to top

 

How do the labs work?

  • There are a lot of calendar entries for labs and seminars. You'll get to pick which of the lab sessions you'll attend. There are different ones for getting help (marked labs) and for showing solutions to a teaching assistant (those are marked presentations). You'll also only be assigned to one seminar instance. For some you have to register in advance, see Modules.
  • For some lab assignments, you will need to use a virtual machine that we provide. You can install it on your own computer/laptop or, if that is not possible, you can temporarily install it on a lab computer. 
  • We use the stay-a-while queue to serve students during the lab and presentation sessions.
  • The help sessions are first-come-first-serve for getting help by a TA, the presentation sessions are specific time slots for each group.
  • When participating remotely or willing to take help from a remote TA, the students have to create a zoom meeting link and enter it into the location field in the queue system when they want to get help or present something. If you are working in a group, you create a recurring meeting on zoom which is shared among the group members (best set all group members as alternative hosts). When you need help or you want to present something as a group, you can enter your shared zoom link, where all group members are already present, to the queue. When it is your turn to get served, the TA will use the provided zoom link to help you.
  • The seminar assignment consists of group-work to explore a specific sub-topic of security, writing a short report (with revision), and giving a presentation during a specific 2h-seminar. Though it is not a lab, it is part of the LAB1 moment in ladok.
  • If you take the DD2391 cybersecurity overview 7.5 ECTS version of the course, you also have a 1.5 ECTS project and are part of the canvas for DD2394.

Back to top

 

How does the exam work? What if I miss or fail an exam?

  • The exams are partial exams instead of one big exam at the end and cover a subset of the course topics.
  • The exams are at specific times and you have to attend the full time in the following sense: during the first part, you are do an assignment on canvas. During the second part you join the class zoom and participate in peer-grading. 
  • The assignment will contain the exam questions and you upload your solution as a pdf (typed or handwritten and scanned, up to you).
  • The exam is open-book in the sense that you can use any of the material included in the course. You do take the exam individually and communicating with others is not allowed, including online forums. Do consider that consulting your course material takes time. 
  • If you have a funka accommodation that allows for more time, you start the exam earlier (maybe even earlier than shown on the schedule, if so, this is announced).
  • The specific times and topics are listed separately for each partial exam:
    • 13/9 concepts, crypto, auth/ac, social engineering:  students with funka R1 accommodation start at 8.00, other students at 8.30. Deadline for uploading answers at 9.30. Break. All meet in class zoom at 10:00 and we do grading together until max. 12:00
    • 26/9 side channels, buffer overflow, malware, systems/memory
    • 24/10 ids/firewalls, DoS, OWASP, privacy, special topics (eg ML sec, devops), leftovers
  • You can check the grading criteria (see further down for the course overall), the operational grading criteria, and aim for a specific grade 
  • There are two types of questions, T/F statements with reasoning for E and additional problems for higher grades. In each partial exam, we will state the preliminary point thresholds needed to pass the T/F questions and the obtainable grades of the problems. Bonus points (from G, W, or Seminar, up to 3) count as exam points and are valid for any of the partial exams during this course round and the associated re-exam, counted once and not reused. For example, if you are 2 points short of passing a partial exam, passed the other partial exams, and you have 3 bonus points collected at the end of the course, we will apply two of the bonus points to passing the partial exam and the remaining bonus point toward your total for higher grades.
  • If you miss or fail a partial exam, you take the re-exam in December (to be scheduled) and do those parts in one go. 
  • You can look at some old exams (some with solutions) to see some examples of types of questions that may appear.
  • Your main preparation technique should, however, be to watch the pre-recorded videos and at least skim the listed book chapters.

  • More detailed timeline for 13/9 (concepts, crypto, social eng., auth/ac):
    8.00 exam canvas assignment becomes available for students with funka R1
    8.30 exam canvas assignment becomes available for everyone
    9.30 deadline for submitting responses (upload pdf)
    10.00 everyone meets in the class zoom, we grade together
    12.00 end (or earlier, depending on how long the grading takes)

    At your start time you
    - open the assignment, read the instructions and questions
    - write your responses in a file that you can convert to pdf (or write by hand on paper and scan to pdf)
    - the exam is open-book in the sense that you can use any of the material included in the course. You do take the exam individually and communicating with others is not allowed, including online forums. Do consider that consulting your course material takes time. 

    before the deadline, you upload the pdf with your response.  Do check that the upload is correct. In case something went wrong, you have one more chance to upload (for this partial exam). Do consider that creating a pdf, checking the pdf, and uploading takes time.

    after the break, you join the class zoom. There we will grade question by question and you will get instructions on how to do that for each question. 

  • more detailed timeline for 26/9 (side channels, buffer overflow/memory issues, malware, and system security):
    13:00 students with funka R1 accommodation start the exam
    13:45 all other students start the exam.
    15:15 deadline for uploading answers
    15:15 to 15:30 break
    15:30 to 17:00 mandatory grading session
    • As before, the exam is open-book in the sense that you can use any of the material included in the course. You do take the exam individually and communicating with others is not allowed, including online forums. Do consider that consulting your course material takes time. 
    • Do not include your name or person number in your solution document.
    • Remember to answer the first question, where you acknowledge to have understood the rules.
    • Changes in exam handling since the first partial exam

Back to top

 

What are the overall intended learning outcomes and grading criteria for the course?

ILO-related grading criteria in the table below. Note that criteria for higher grades are in addition to those of the lower grades.

For DD2391 students, there is also a project component with 1.5 ECTS, with information in the DD2394/DD2391 canvas.


ILO E/P D C B A
recognize threats to confidentiality, integrity, and availability of systems, from simple examples from simple system descriptions from complex system descriptions
EXAMINATION written partial exams, formative: programming exercises
explain the basic computer security terminology and concepts and use them correctly, with few mistakes with clear and concise explanations
EXAMINATION written partial exams and seminar report and presentation (seminar parts E/P)
find and apply documentation of security-related problems and tools, enough to solve labs and cover basics for seminar topic with some scientific resources
EXAMINATION labs, seminar report and presentation (all E/P)
analyze small pieces of code or system descriptions in terms of their security to identify vulnerabilities and predict their corresponding threats, finding obvious important problems with few mistakes finding obvious important problems correctly finding obvious and subtle important problems correctly
EXAMINATION labs (E/P) and written partial exams
select counter-measures to identified threats and argue their effectiveness, with some appropriate counter-measures and basic argumentation, with few mistakes with some appropriate counter-measures and basic argumentation, correctly with arguably most appropriate counter-measures and nuanced argumentation
EXAMINATION labs (E/P) and written partial exams
compare counter-measures and evaluate their side-effects, from list with given effects, with few mistakes with basic argumentation and list of side effects setting up own criteria, nuanced argumentation, comprehensive list of side effects
EXAMINATION written partial exams
present and explain their reasoning to others with sufficient clarity for fellow students and for teachers to understand, with few mistakes with enough relevant detail and few tangents with logical and pedagogical flow and concise expression of all (and only) relevant and correct details
EXAMINATION lab solution presentations, seminar report and presentation (all E/P), written partial exams

Operational grading criteria for LAB1:

P if all mandatory parts (individual and group lab and seminar assignments, programming exercises - see "what is mandatory above") have been passed.

Operational grading criteria for TEN1 and overall course:

Given E in all partial exams, then out of in total 5 problems for higher grades:
A= 3 A, min 1 C
B= 2 A, min 2 C
C= 4 C  or 1A+2C
D= 2 C

There are in total 4 problems with 5 points (counted as A, C, or nothing), and 1 problem with 3 points (counted as C or nothing). Per-problem counting works as follows: 

A= 5 points
C= 3 points
any still remaining  bonus points after getting to E will be used toward reaching a higher level (A or C). For example, if you had 3 bonus points, used one for one partial exam to reach E, but passed the other partial exams without using bonus points, then you have 2 bonus points remaining that can be used to e.g. get from 2 points on one higher-grade problem to 3 and thus a C, or e.g. from C to A. Again, every bonus point can only be used once.

(For DD2391 only: Operational criteria for PROJ1: DD2394 passing criteria fulfilled)

Back to top

 

Why peer grading?

  • Timely feedback (reinforcement) is good for learning. The grading session provides that for you right after the exam.
  • To see and think through someone else's solutions and reasoning also contributes to your learning.
  • You get an insight into how grading is done and which kinds of judgment teachers need to make. This also makes it possible for you to prevent unnecessary point deductions for future exams, because you learn not only what specific good solutions look like but also properties of good solutions in general and what graders focus on and thus would you should pay extra attention to. 
  • You get the results much faster, the preliminary grades on the same day, and confirmation of having passed most likely on the same day as well. (Just to give an intuition for the alternative, this course has about 300 students, if each partial exam takes, say, 12 minutes to grade, that's 3600 minutes or 60 hours, which would be 1.5 work weeks if there were no other tasks or breaks, but more realistically 2 or 3 weeks depending on competing tasks (not just other work but also other tasks for the same course; going through ~100 mails of "I forgot to state that I read and followed the rules" is just one tiny example of those).
  • Related to the point above, it reduces the grading time a teacher spends on questions that are not critical (e.g., they don't change the result), as they can focus on corner cases and a tuneable extent of sampling, thus potentially freeing up time for other course tasks. Specifically, this enabled us to do continuous examination instead of one big exam at the end of the course.

Why is it mandatory to attend the whole session, grade in sync and question by question?

  • We grade in sync so that grades are informed by teacher input and potential new information coming up during grading. If you run ahead and only grade based on the grading guide, you are not grading on a fully-informed basis and you may not discover that you misunderstood something, that something turns out to be phrased ambiguously in an exam question or the grading guide, learn about valid alternative solutions that get added during the session, and so on. 

Back to top

 

Changes for this course round

  • DD2395 and DD2391 are merged. DD2391 students also take another module of 1.5 ECTS in the form of the DD2394 cybersecurity project course. 
  • Instead of one big exam at the end of the period, there are several partial exams toward continuous examination.
  • The partial exams cover subsets of the course content and are peer-graded right after the exam, with teacher oversight.
  • Updated instructions 
  • Updated selected topics
  • Calendar for deadlines
  • Course memo as FAQ

Back to top