Erfaringer med interaktive verktøy for å påvirke studentinteraksjonen i kombinert online-, offline og campusundervisning

Vi diskuterer her erfaringer ved bruk av forskjellige interaktive online verktøy gjennom to semestre med hensikt å øke studentinvolveringen og interaktiviteten i online undervisning for en meget heterogen gruppe med studenter. Dette er både fulltids-, deltids- og fjernstudenter hvorav noen er i full jobb og noen i deltidsjobb. Dermed er det en blanding av studenter som ønsker klasseromsundervisning, noen ønsker streaming, andre ønsker opptak av alt som skjer, og noen ønsker ikke selv å bli tatt opp på video. Det har blitt forsøkt bruk av forhåndsopptatte videoer og tilhørende interaktive sesjoner med bruk av verktøyene Menti, Padlet, BlackBoard, Teams og andre. Egne erfaringer samt tilbakemeldinger fra undervisning våren 2021 og våren 2022 fra både studenter og kolleger er gjennomgått, og muligheter for videre forbedringer diskuteres

Smart Grid challenges - Device Trustworthiness

The Power Grid development brings about technological design changes, resulting in increased connectivity and dependency on IoT devices. The changes offer opportunities to manipulate the IoT hardware as the root of trust. Although terrifying, hardware attacks are considered resource-demanding and rare. Nonetheless, Power Grids are attractive targets for resourceful attackers. As such, the Ukraine attacks boosted Power Grid cybersecurity focus. However, physical assurance and hardware device trustworthiness received less attention. Overhead Line Sensors are utilized in Dynamic Line Rating doctrines for Power Grids. They are potentially essential in the future to optimize conductor ampacity. Conductor optimization is crucial for Power Grids because future throughput volatility demands a high level of grid flexibility. However, there may be challenges to the integrity and availability of the data collected using Overhead Line sensors. We believe that in securing the future Smart Grid, stakeholders need to raise attention to device trustworthiness entailing the hardware layer. That said, integrated into cloud-enhanced digital ecosystems, Overhead Line Sensors can also be manipulated through the network, software, and supply chain to impact their trustworthiness

Intellectual Property and Machine Learning: An exploratory study

Our research makes a contribution by exemplifying what controls the freedom-to-operate for a company operating in the area of machine learning. Through interviews we demonstrate the industry’s alternating viewpoints to whether copyrighted data used as input to machine learning systems should be viewed differently than copying the data for storage or reproduction. In addition we show that unauthorized use of copyrighted data in machine learning systems is hard to detect with the burden of proof on the copyright owner. We also demonstrate how existing products, both physical and software, becomes more vulnerable to reverse engineering with the rapid progress in machine learning, and how this challenges and reduces a company’s freedom-to-operate and the way they appropriate innovation. Another contribution is made from demonstrating how machine learning systems can create new valuable content from those patterns and structures found through parsing databases of texts, images, music or arts, and how this challenge the existing intellectual property regulations. We claim that with huge amounts of data used as input to a machine learning system, giving all intellectual property rights of output to the input data owners may be the wrong thing to do. We also think that intellectual property regulation should start discussing when a user of a machine learning system can be seen as having made a creative effort in the generation of the new content

Anonymity, Privacy and Hidden Services: Improving censorship-resistant publishing

The request for on-line privacy is rapidly increasing. More and more Internet users realize that information about their on-line activities is highly valuable information for commercial companies and open for potential abuse. Information about who communicates with whom, and who accesses which services, is already used to improve on-line services, e.g. by serving more relevant on-line advertisements which many appreciate. But the problem of letting large commercial companies know your entire surfing history does not seem to be of major concern to the average Internet user. Future services may look into how to prevent this type of information leakage, but this will not help the users of today. In addition, anonymous publication of information, e.g. by dissidents and whistle-blowers, is made nearly impossible for today’s Internet users. There exists a need for censorship-resistant Internet services, where anonymous publishing of information can be made. These types of services are already starting to appear. They are combined with anonymizing technologies, and designed to be attack-resistant, accessible from anywhere, have a hidden physical location, and therefore they will be more censorship-resistant. The overall goal of the research work was to address vulnerabilities in, and to develop new or enhance existing anonymizing network technologies and censorship-resistant services. This thesis presents both analyses and new principles to enhance the anonymizing technology existing today. The first phase of the research work consisted of an analysis of traffic flow confidentiality in a future military network setting, and an analysis of how to securely anonymize traffic data logs at high-speed interconnections. The thesis presents a new method for securing these logs by creating transaction specific pseudonyms without increasing the amount of logged data. The thesis also presents solutions to allow some elements of the traffic data to be used for statistical analysis and therefore be available for search, while other parts of the data could be kept anonymous and unlinked to the searchable data. The second phase of the research work focuses on technologies inside anonymizing networks, their vulnerabilities, and proposes methods to increase security to the existing techniques. The work demonstrates how the predecessor attack works in a live anonymizing network and can be used to locate a so-called hidden service within minutes with only a single compromised node in the network. An analysis of various countermeasures is also presented together with a recommendation on how to best resist this attack by using nodes protecting the initial connection to the anonymizing network. The thesis presents a method of reducing a hidden service’s vulnerability to denial-of-service attacks by using so-called valet nodes to protect the contact points of the hidden service. In addition the valet nodes solution enables the use of completely hidden services, where even the very existence of the service is hidden from the other users and from the network itself. The use of valet nodes also supports a method of obtaining flexible quality of service for both authenticated and anonymous users of a hidden service. The research work also presents a general improvement of the authenticated Diffie-Hellman key exchange used in building anonymous connections. The solution eliminates the need for the RSA encryption by using predistributed Diffie-Hellman values when setting up session keys for the anonymous connections. This reduces the number of encryptions and the number of messages necessary for constructing an anonymous connection while maintaining forward secrecy. The solution is also easily adaptable to the valet nodes design which will benefit from the use of public Diffie-Hellman values and thereby also avoid the use of RSA. In addition the thesis presents a method to reduce the latency in a hidden service connection by utilizing the extra protection within the valet nodes extension

Locating hidden servers

Hidden services were deployed on the Tor anonymous communication network in 2004. Announced properties include server resistance to distributed DoS. Both the EFF and Reporters Without Borders have issued guides that describe using hidden services via Tor to protect the safety of dissidents as well as to resist censorship. We present fast and cheap attacks that reveal the location of a hidden server. Using a single hostile Tor node we have located deployed hidden servers in a matter of minutes. Although we examine hidden services over Tor, our results apply to any client using a variety of anonymity networks. In fact, these are the first actual intersection attacks on any deployed public network: thus confirming general expectations from prior theory and simulation. We recommend changes to route selection design and implementation for Tor. These changes require no operational increase in network overhead and are simple to make; but they prevent the attacks we have demonstrated. They have been implemented.

Improving efficiency and simplicity of Tor circuit establishment and hidden services

Abstract. In this paper we demonstrate how to reduce the overhead and delay of circuit establishment in the Tor anonymizing network by using predistributed Diffie-Hellman values. We eliminate the use of RSA encryption and decryption from circuit setup, and we reduce the number of DH exponentiations vs. the current Tor circuit setup protocol while maintaining immediate forward secrecy. We also describe savings that can be obtained by precomputing during idle cycles values that can be determined before the protocol starts. We introduce the distinction of eventual vs. immediate forward secrecy and present protocols that illustrate the distinction. These protocols are even more efficient in communication and computation than the one we primarily propose, but they provide only eventual forward secrecy. We describe how to reduce the overhead and the complexity of hidden server connections by using our DH-values to implement valet nodes and eliminate the need for rendezvous points as they exist today. We also discuss the security of the new elements and an analysis of efficiency improvements.