revises grading script

.gitmodules

@@ -4,3 +4,6 @@
 [submodule "bibsp"]
 	path = bibsp
 	url = https://github.com/dbosk/bibsp.git
+[submodule "didactic"]
+	path = didactic
+	url = https://github.com/dbosk/didactic.git

Makefile

@@ -1,4 +1,3 @@
-SUBDIR=		course-design
 SUBDIR+=	modules
 
 INCLUDE_MAKEFILES?=	./makefiles

adm/grading/.gitignore

@@ -0,0 +1,8 @@
+_minted-vetcyb-grading/
+test-grade_reflections.txt
+test-grade_reflections-err.txt
+vetcyb-grading.out
+vetcyb-grading.pdf
+vetcyb-grading.sh
+vetcyb-grading.toc
+vetcyb24p2.reflections.d/

adm/grading/Makefile

@@ -0,0 +1,35 @@
+NOWEAVEFLAGS=-delay
+LATEXFLAGS=-shell-escape
+
+.PHONY: all
+all: vetcyb-grading.pdf vetcyb-grading.sh
+
+.INTERMEDIATE: vetcyb-grading.tex
+vetcyb-grading.pdf: vetcyb-grading.tex
+vetcyb-grading.sh: vetcyb-grading.sh.nw
+
+vetcyb-grading.pdf: prompts.toml
+
+GRADE_RESULTS=test-grade_reflections-err.txt
+
+vetcyb-grading.pdf: ${GRADE_RESULTS}
+vetcyb-grading.pdf: ./instruction-qualitative.md ./submission-qualitative.md
+
+${GRADE_RESULTS}: test-grade-reflections.sh
+	bash $<
+
+test-grade-reflections.sh: vetcyb-grading.sh.nw vetcyb-grading.sh
+	${NOTANGLE.sh}
+
+.PHONY: clean
+clean:
+	${RM} vetcyb-grading.pdf vetcyb-grading.sh
+	${RM} *.aux *.fdb_* *.fls *.log *.pdf *.tex
+	${RM} test-grade-reflections.sh
+	${RM} test-grade_reflections.txt
+	${RM} test-grade_reflections-err.txt
+
+
+INCLUDE_MAKEFILES=../../makefiles
+include ${INCLUDE_MAKEFILES}/noweb.mk
+include ${INCLUDE_MAKEFILES}/tex.mk

adm/grading/grade_seminar.sh

@@ -0,0 +1,45 @@
+oldIFS=$IFS
+IFS=$'\n'
+
+course="${1}"
+seminar_date="${2}"
+file="${3}"
+
+teachers="(dbosk|masvanbe|elzen|gylje)@kth.se"
+
+get_grade_data() {
+  tail -n +2 ${file} \
+    | grep -Ev "${teachers}" \
+    | cut -d, -f 2,3,5 \
+    > participation-seminar.csv
+
+  for user in $(cat participation-seminar.csv | cut -d, -f 1 | sort -u)
+  do
+    echo -n "$user ";
+    sum_minutes=0;
+    for minutes in $(grep $user participation-seminar.csv | cut -d, -f 3)
+    do
+      sum_minutes=$(($sum_minutes + $minutes));
+    done;
+    echo $sum_minutes;
+  done
+}
+
+open ${file} &
+get_grade_data
+read -p "Enter the limit in minutes: " limit_minutes
+
+for result in $(get_grade_data)
+do
+  user=$(echo $result | cut -d ' ' -f 1);
+  minutes=$(echo $result | cut -d ' ' -f 2);
+  if [ $minutes -ge $limit_minutes ]
+  then
+    canvaslms grade -c ${course} -a "Live seminar ${seminar_date}" \
+      -u $user -g complete
+  else
+    canvaslms grade -c ${course} -a "Live seminar ${seminar_date}" \
+      -u $user -g incomplete \
+      -m "You had $minutes minutes of participation out of more than $limit_minutes minutes."
+  fi
+done

adm/grading/instruction-qualitative.md

@@ -0,0 +1,24 @@
+
+# Reflection on qualitative methods
+
+## Metadata
+
+- Unlocks: None
+- Due:     None
+- Locks:   None
+- Ungraded submissions: 28
+- Submission type: ['online_text_entry', 'online_upload']
+- URL: https://canvas.kth.se/courses/50613/assignments/318671
+- Submissions: https://canvas.kth.se/courses/50613/assignments/318671/submissions?zip=1
+
+## Instruction
+
+What do qualitative methods contribute to security? How do they
+complement the other methods that we\'ve talked about?
+
+To help you think about this, return to [How do you know it\'s secure?
+Passwords](https://canvas.kth.se/courses/50613/assignments/315624 "How do you know it's secure? Passwords").
+How did the different methods fit together there?
+
+
+

adm/grading/instruction-statistics.md

@@ -0,0 +1,23 @@
+
+# Reflection on the use of statistics
+
+## Metadata
+
+- Unlocks: None
+- Due:     None
+- Locks:   None
+- Ungraded submissions: 27
+- Submission type: ['online_text_entry', 'online_upload']
+- URL: https://canvas.kth.se/courses/50613/assignments/318595
+- Submissions: https://canvas.kth.se/courses/50613/assignments/318595/submissions?zip=1
+
+## Instruction
+
+In what ways do we use statistics in security research? Consider how the
+papers you\'ve read so far have used statistics.
+
+What about machine learning? (Machine learning is basically black-box
+automated statistics.)
+
+
+

adm/grading/prompts.toml

@@ -0,0 +1,36 @@
+# Prompt config files
+# more details and examples at https://github.com/efugier/smartcat#configuration
+
+[empty]
+api = "openai"
+messages = []
+char_limit = 100000
+
+[default]
+api = "openai"
+model = "gpt-4o"
+temperature = 1.0
+char_limit = 100000
+
+[[default.messages]]
+role = "system"
+content = "You are an extremely skilled programmer and scientist with a keen eye for detail and an emphasis on readable code. You have been tasked with acting as a smart version of the cat unix program. You take text and a prompt in and write text out. For that reason, it is of crucial importance to just write the desired output. Do not under any circumstance write any comment or thought as your output will be piped into other programs. Do not write the markdown delimiters for code as well. Sometimes you will be asked to implement or extend some input code. Same thing goes here, write only what was asked because what you write will be directly added to the user's editor. Never ever write ``` around the code. Make sure to keep the indentation and formatting. "
+
+[4o]
+api = "openai"
+model = "gpt-4o"
+temperature = 0.5
+char_limit = 100000
+
+[[4o.messages]]
+role = "system"
+content = "You are an extremely skilled programmer and scientist with a keen eye for detail and an emphasis on readable code. You have been tasked with acting as a smart version of the cat unix program. You take text and a prompt in and write text out. For that reason, it is of crucial importance to just write the desired output. Do not under any circumstance write any comment or thought as your output will be piped into other programs. Do not write the markdown delimiters for code as well. Sometimes you will be asked to implement or extend some input code. Same thing goes here, write only what was asked because what you write will be directly added to the user's editor. Never ever write ``` around the code. Make sure to keep the indentation and formatting. "
+
+[o1]
+api = "openai"
+model = "o1-preview"
+char_limit = 100000
+
+[[o1.messages]]
+role = "user"
+content = "You are an extremely skilled programmer and scientist with a keen eye for detail and an emphasis on readable code. You have been tasked with acting as a smart version of the cat unix program. You take text and a prompt in and write text out. For that reason, it is of crucial importance to just write the desired output. Do not under any circumstance write any comment or thought as your output will be piped into other programs. Do not write the markdown delimiters for code as well. Sometimes you will be asked to implement or extend some input code. Same thing goes here, write only what was asked because what you write will be directly added to the user's editor. Never ever write ``` around the code. Make sure to keep the indentation and formatting. "

adm/grading/submission-qualitative.md

@@ -0,0 +1,16 @@
+ - Course: DA2215 HT24 (vetcyb24-p2)
+ - Assignment: Reflection on qualitative methods
+ - Student: Studenten Studentensdotter <user@kth.se>
+ - Submission id: 24972065
+ - Submitted at: 2024-12-11T14:54:21Z
+ - Graded at: None
+ - Grade: None
+ - Graded by: None
+ - Speedgrader: https://canvas.kth.se/...
+# Body
+
+<p>Qualitative methods are very important for security research as they offer insights into the why and how of security-related behaviour, and decisions. They often involve human factors, e.g. why choose this password, how is the usability of this library. Quantitative data cannot give us this kind of information.</p>
+<p>For example for statistical data (quantitative data), qualitative data can give insights into the why, it provides context and meaning.</p>
+<p>&nbsp;</p>
+<p>&nbsp;</p>
+

adm/grading/test-grade_reflections-err-first.txt

@@ -0,0 +1,57 @@
+### sc
+##### 1
+vetcyb24p2 user1@kth.se Reflection on the use of statistics: No
+
+The reflection lacks a direct focus on the use of statistics as it seems to divert more towards machine learning and cybersecurity without elaborating sufficiently on how statistics is specifically used and its implications.
+##### 2
+vetcyb24p2 user1@kth.se Reflection on the use of statistics: No
+
+The reflection is vague and lacks a clear and relevant discussion about the use of statistics specifically. It briefly mentions statistics and machine learning but does not demonstrate a thorough reflection on the use of statistics as was asked for in the assignment.
+##### 3
+##### 4
+vetcyb24p2 user1@kth.se Reflection on the use of statistics: No
+
+The reflection provided is quite general and lacks depth in discussing the specific use of statistics. The mention of machine learning and cybersecurity, while interesting, seems somewhat unrelated to the assignment's focus on reflecting on the use of statistics.
+##### 5
+vetcyb24p2 user1@kth.se Reflection on the use of statistics: No, the reflection lacks a focused analysis on the specific use of statistics. The student briefly mentions statistics without providing a deeper or direct reflection on its application or implications, which was the central task.
+### sc 4o
+##### 1
+vetcyb24p2 user1@kth.se Reflection on the use of statistics: No
+
+The reflection does not specifically address the use of statistics in a detailed or relevant manner as requested. It briefly mentions statistics but quickly shifts focus to machine learning and cybersecurity without a thorough discussion on statistics.
+##### 2
+vetcyb24p2 user1@kth.se Reflection on the use of statistics: No
+
+The reflection does not specifically address the use of statistics in a meaningful way. It briefly mentions statistics but lacks depth and relevance to the assignment prompt. The focus shifts to machine learning and cybersecurity, which are not directly related to the topic of statistics.
+##### 3
+##### 4
+vetcyb24p2 user1@kth.se Reflection on the use of statistics: No
+
+The reflection does not specifically address the use of statistics in detail. It briefly mentions statistics as a tool but does not provide a relevant reflection on its use as required by the assignment. The mention of machine learning and cybersecurity is not directly related to the reflection on the use of statistics.
+##### 5
+vetcyb24p2 user1@kth.se Reflection on the use of statistics: No
+
+The student's reflection lacks depth and relevance to the specific assignment on the use of statistics. The reflection is too general and does not specifically address the use of statistics in the context of the course or assignment.
+### sc o1
+##### 1
+vetcyb24p2 user1@kth.se Reflection on qualitative methods: No
+
+The instruction is missing, so it's not possible to determine if the student made an honest effort.
+##### 2
+vetcyb24p2 user1@kth.se Reflection on qualitative methods: No, the instruction was not provided, so cannot evaluate the student's reflection for relevance.
+vetcyb24p2 user2@kth.se Reflection on qualitative methods: No
+
+The instruction was not provided, so it's not possible to determine if the student made an honest effort.
+##### 3
+vetcyb24p2 user1@kth.se Reflection on the use of models, part I: No
+
+Cannot evaluate because the instruction is not provided.
+vetcyb24p2 user2@kth.se Reflection on the use of models, part II: No. The instruction was not provided, so it's not possible to evaluate whether the student made an honest effort or attempted a relevant reflection based on what was asked.
+vetcyb24p2 user3@kth.se Reflection on the use of models, part I: No
+
+The assignment instructions were not provided, so I cannot determine if the student has made an honest effort based on what was asked.
+##### 4
+vetcyb24p2 user4@kth.se Reflection on the use of models, part I: No
+
+The instruction was not provided as context, so I cannot determine if the student made an honest effort.
+##### 5

adm/grading/user1-statistics.md

@@ -0,0 +1,18 @@
+ - Course: DA2215 HT24 (vetcyb24-p2)
+ - Assignment: Reflection on the use of statistics
+ - Student: Student Studentensson <user1@kth.se>
+ - Submission id: 24966368
+ - Submitted at: 2024-12-11T19:42:23Z
+ - Graded at: None
+ - Grade: None
+ - Graded by: None
+ - Speedgrader: https://canvas.kth.se/courses/50613/gradebook/speed_grader?assignment_id=318595&student_id=154870
+## reflection.md
+
+```markdown
+The statistic is an useful tool, that helps us capturing the big picture. But we need to take this into account as this can also mean that the individual cases may be quite different. 
+
+The machine learning is an emerging field, that we need to understand as it changes everything and the cybersecurity is no exception. 
+
+```
+

adm/grading/user2-statistics.md

@@ -0,0 +1,13 @@
+ - Course: DA2215 HT24 (vetcyb24-p2)
+ - Assignment: Reflection on the use of statistics
+ - Student: Studenten Studentensson <user2@kth.se>
+ - Submission id: 24966347
+ - Submitted at: 2024-12-11T17:35:37Z
+ - Graded at: None
+ - Grade: None
+ - Graded by: None
+ - Speedgrader: https://canvas.kth.se/courses/50613/gradebook/speed_grader?assignment_id=318595&student_id=110079
+# Body
+
+<p>They used success rates from Mls trained with real-world and syntetic data to to compare how realistic data compares to syntetic. They also analyse false positive rates, precision and recall to measure effectivness in WF+WO attacks.&nbsp;&nbsp;</p>
+

adm/grading/user5-statistics.md

@@ -0,0 +1,14 @@
+ - Course: DA2215 HT24 (vetcyb24-p2)
+ - Assignment: Reflection on the use of statistics
+ - Student: Stentina Studentensdotter <user5@kth.se>
+ - Submission id: 24966371
+ - Submitted at: 2024-12-10T15:05:24Z
+ - Graded at: None
+ - Grade: None
+ - Graded by: None
+ - Speedgrader: https://canvas.kth.se/courses/50613/gradebook/speed_grader?assignment_id=318595&student_id=173646
+# Body
+
+<p>Statistics play a vital role in security research for several reasons. <br>For example the first paper used live statics gathered by the Tor project to prove that their developed client closely matches a real network in performance. They essentially analysed patterns of the Tor networked and compared them with their developed simulation client.<br>The second paper, used statistics in their background section to quantify risk and the third paper measured the accuracy of WF classification an attacker can achieve in a real world scenario, which assessing the effectiveness of the attack. <br>There are of course many more (e.g. access risk based on history, evaluate performance, experiments to study user behaviour for something like password reuse), but I will stop at the ones found in the papers.</p>
+<p>Machine learning essentially operates completely on the statistics of the data it was trained on. Therefore, all the things explained above can be done by an ML algorithm without a human having to spend time on it. However, an ML is only ever as good as the data it was trained on and also brings many other problems. Consequently, it is a useful tool but one need to be careful when using it and verify the results.</p>
+