Geir Olav Dyrkolbotn

About

Maj/Dr. Geir Olav Dyrkolbotn is an officer in the Norwegian Armed Forces at the Norwegian Defence Cyber Academy (NDCA) and an associate professor at Center for Cyber and Information Security (CCIS) at the Norwegian University of Science and Technology (NTNU). He is currently head of the NTNU Malware Lab and the research group for cyber defence at CCIS. Geir Olav holds a PhD in information security from Gjøvik University College (HiG) and a MSc in computer science from the NTNU. His career includes more than 25 years in the Norwegian Armed Forces, where he holds the rank of Major. His career has focused on operation, maintenance and security in tactical communication systems and the last 15 years on defensive cyber operations, computer network defense and operational security. His research interest include cyber defense, reverse engineering and malware analysis, side-channel attacks and machine learning.

Publications

2023

Sharma, Arvind; Dyrkolbotn, Geir Olav; Øverlier, Lasse; Waltoft-Olsen, AndrÃ¨ Jung; Franke, Katrin; Katsikas, Sokratis. (2023) A State-of-the-Art Reverse Engineering Approach for Combating Hardware Security Vulnerabilities at the System and PCB Level in IoT Devices. IEEE-Physical Assurance and Inspection of Electronics (PAINE-2022),USA. IEEE Xplore digital library.
Popular scientific article

2021

Alendal, Gunnar; Axelsson, Stefan; Dyrkolbotn, Geir Olav. (2021) Chip chop — smashing the mobile phone secure chip for fun and digital forensics. Forensic Science International: Digital Investigation. volum 37.
Academic article
Alendal, Gunnar; Axelsson, Stefan; Dyrkolbotn, Geir Olav. (2021) Leveraging The USB Power Delivery Implementation For Digital Forensic Acquisition. IFIP Advances in Information and Communication Technology. volum 612.
Academic article
Alendal, Gunnar; Dyrkolbotn, Geir Olav; Axelsson, Stefan. (2021) Digital Forensic Acquisition Kill Chain – Analysis and Demonstration. IFIP Advances in Information and Communication Technology. volum 612.
Academic article
Banin, Sergii; Dyrkolbotn, Geir Olav. (2021) Detection of Previously Unseen Malware using Memory Access Patterns Recorded Before the Entry Point. 2020 IEEE International Conference on Big Data.
Academic chapter/article/Conference paper
Jensen, Øyvind; Shalaginov, Andrii; Dyrkolbotn, Geir Olav. (2021) Study of Blacklisted Malicious Domains from a Microsoft Windows End-user Perspective: Is It Safe Behind the Wall?. Norsk Informasjonssikkerhetskonferanse (NISK).
Academic article
Shalaginov, Andrii; Dyrkolbotn, Geir Olav; Alazab, Mamoun. (2021) Review of the Malware Categorization in the Era of Changing Cybethreats Landscape: Common Approaches, Challenges and Future Needs. Malware Analysis Using Artificial Intelligence and Deep Learning.
Academic chapter/article/Conference paper

2020

Banin, Sergii; Dyrkolbotn, Geir Olav. (2020) Detection of Running Malware Before it Becomes Malicious. Lecture Notes in Computer Science (LNCS). volum 12231.
Academic article
Karresand, Nils Martin Mikael; Dyrkolbotn, Geir Olav; Axelsson, Stefan. (2020) An Empirical Study of the NTFS Cluster Allocation Behavior Over Time. Forensic Science International: Digital Investigation. volum 33.
Academic article
Waltoft-Olsen, AndrÃ¨ Jung; Øverlier, Lasse; Dyrkolbotn, Geir Olav; Sharma, Arvind. (2020) Smart Grid challenges - Device Trustworthiness. NIKT: Norsk IKT-konferanse for forskning og utdanning 2020.
Academic chapter/article/Conference paper

2019

Alendal, Gunnar; Axelsson, Stefan; Dyrkolbotn, Geir Olav. (2019) Exploiting Vendor-Defined Messages in the USB Power Delivery Protocol. IFIP Advances in Information and Communication Technology. volum 569.
Academic article
Banin, Sergii; Dyrkolbotn, Geir Olav. (2019) Correlating High- and Low-Level Features: Increased Understanding of Malware Classification. Lecture Notes in Computer Science (LNCS). volum 11689.
Academic article
Karresand, Nils Martin Mikael; Axelsson, Stefan; Dyrkolbotn, Geir Olav. (2019) Disk Cluster Allocation Behavior in Windows and NTFS. Mobile Networks and Applications.
Academic article
Karresand, Nils Martin Mikael; Axelsson, Stefan; Dyrkolbotn, Geir Olav. (2019) Using NTFS cluster allocation behavior to find the location of user data. Digital Investigation. The International Journal of Digital Forensics and Incident Response. volum 29.
Academic article
Karresand, Nils Martin Mikael; Warnqvist, Asalena; Lindahl, David; Axelsson, Stefan; Dyrkolbotn, Geir Olav. (2019) Creating a map of user data in NTFS to improve file carving. IFIP Advances in Information and Communication Technology. volum 569.
Academic article

2018

Alendal, Gunnar; Dyrkolbotn, Geir Olav; Axelsson, Stefan. (2018) Forensics Acquisition — Analysis and Circumvention of Samsung Secure Boot enforced Common Criteria Mode. Digital Investigation. The International Journal of Digital Forensics and Incident Response. volum 24.
Academic article
Banin, Sergii; Dyrkolbotn, Geir Olav. (2018) Multinomial malware classification via low-level features. Digital Investigation. The International Journal of Digital Forensics and Incident Response. volum 26.
Academic article

2017

Helkala, Kirsi Marjaana; Knox, Benjamin James; Jøsok, Øyvind; Lugo, Ricardo; Sütterlin, Stefan; Dyrkolbotn, Geir Olav; Svendsen, Nils Kalstad. (2017) Supporting the Human in Cyber Defence. Lecture Notes in Computer Science (LNCS). volum 10683.
Academic article

2012

Dyrkolbotn, Geir Olav; Wold, Knut; Snekkenes, Einar. (2012) Layout Dependent Phenomena A New Side-channel Power Model. Journal of Computers. volum 7 (4).
Academic article

2011

Dyrkolbotn, Geir Olav. (2011) Reverse Engineering Microprocessor Content Using Electromagnetic Radiation. 2011. ISBN 978-82-91313-73-3. Doctoral Dissertations at Gjøvik University College (2/2011).
Doctoral dissertation
Dyrkolbotn, Geir Olav; Wold, Knut; Snekkenes, Einar. (2011) Security Implications of Crosstalk in Switching CMOS Gates. Lecture Notes in Computer Science (LNCS). volum 6531.
Academic article

2010

Dyrkolbotn, Geir Olav. (2010) Non-Invasive Reverse Engineering of the Relative Position of Bus Wires. Norwegian Information Security Conference = Norsk Informasjonssikkerhetskonferanse : NISK 2010 . Gjøvik University College, Gjøvik, 23-24 November 2010.
Academic chapter/article/Conference paper

2009

Dyrkolbotn, Geir Olav; Snekkenes, Einar. (2009) Electromagnetic Side Channel: A Comparison of Multi-Class Feature Selection Methods. SPPRA 2009, Proceeding of Signal Processing, Pattern Recognition and Applications.
Academic chapter/article/Conference paper
Dyrkolbotn, Geir Olav; Snekkenes, Einar. (2009) Modified Template Attack: Detecting Address Bus Signals of Equal Hamming Weight. Norsk informasjonssikkerhetskonferanse : NISK 2:2009 : NTNU, Trondheim 24.-25. november 2009.
Academic chapter/article/Conference paper

2007

Dyrkolbotn, Geir Olav. (2007) Analysis of the Wireless Covert Channel Attack Carrier Frequency Selection. Norsk informatikkonferanse 2007.
Academic chapter/article/Conference paper

2006

Dyrkolbotn, Geir Olav; Snekkenes, Einar. (2006) A wireless covert channel on smart cards. Lecture Notes in Computer Science.
Academic chapter/article/Conference paper

Journal publications

Sharma, Arvind; Dyrkolbotn, Geir Olav; Øverlier, Lasse; Waltoft-Olsen, AndrÃ¨ Jung; Franke, Katrin; Katsikas, Sokratis. (2023) A State-of-the-Art Reverse Engineering Approach for Combating Hardware Security Vulnerabilities at the System and PCB Level in IoT Devices. IEEE-Physical Assurance and Inspection of Electronics (PAINE-2022),USA. IEEE Xplore digital library.
Popular scientific article
Alendal, Gunnar; Axelsson, Stefan; Dyrkolbotn, Geir Olav. (2021) Chip chop — smashing the mobile phone secure chip for fun and digital forensics. Forensic Science International: Digital Investigation. volum 37.
Academic article
Alendal, Gunnar; Axelsson, Stefan; Dyrkolbotn, Geir Olav. (2021) Leveraging The USB Power Delivery Implementation For Digital Forensic Acquisition. IFIP Advances in Information and Communication Technology. volum 612.
Academic article
Alendal, Gunnar; Dyrkolbotn, Geir Olav; Axelsson, Stefan. (2021) Digital Forensic Acquisition Kill Chain – Analysis and Demonstration. IFIP Advances in Information and Communication Technology. volum 612.
Academic article
Jensen, Øyvind; Shalaginov, Andrii; Dyrkolbotn, Geir Olav. (2021) Study of Blacklisted Malicious Domains from a Microsoft Windows End-user Perspective: Is It Safe Behind the Wall?. Norsk Informasjonssikkerhetskonferanse (NISK).
Academic article
Banin, Sergii; Dyrkolbotn, Geir Olav. (2020) Detection of Running Malware Before it Becomes Malicious. Lecture Notes in Computer Science (LNCS). volum 12231.
Academic article
Karresand, Nils Martin Mikael; Dyrkolbotn, Geir Olav; Axelsson, Stefan. (2020) An Empirical Study of the NTFS Cluster Allocation Behavior Over Time. Forensic Science International: Digital Investigation. volum 33.
Academic article
Alendal, Gunnar; Axelsson, Stefan; Dyrkolbotn, Geir Olav. (2019) Exploiting Vendor-Defined Messages in the USB Power Delivery Protocol. IFIP Advances in Information and Communication Technology. volum 569.
Academic article
Banin, Sergii; Dyrkolbotn, Geir Olav. (2019) Correlating High- and Low-Level Features: Increased Understanding of Malware Classification. Lecture Notes in Computer Science (LNCS). volum 11689.
Academic article
Karresand, Nils Martin Mikael; Axelsson, Stefan; Dyrkolbotn, Geir Olav. (2019) Disk Cluster Allocation Behavior in Windows and NTFS. Mobile Networks and Applications.
Academic article
Karresand, Nils Martin Mikael; Axelsson, Stefan; Dyrkolbotn, Geir Olav. (2019) Using NTFS cluster allocation behavior to find the location of user data. Digital Investigation. The International Journal of Digital Forensics and Incident Response. volum 29.
Academic article
Karresand, Nils Martin Mikael; Warnqvist, Asalena; Lindahl, David; Axelsson, Stefan; Dyrkolbotn, Geir Olav. (2019) Creating a map of user data in NTFS to improve file carving. IFIP Advances in Information and Communication Technology. volum 569.
Academic article
Alendal, Gunnar; Dyrkolbotn, Geir Olav; Axelsson, Stefan. (2018) Forensics Acquisition — Analysis and Circumvention of Samsung Secure Boot enforced Common Criteria Mode. Digital Investigation. The International Journal of Digital Forensics and Incident Response. volum 24.
Academic article
Banin, Sergii; Dyrkolbotn, Geir Olav. (2018) Multinomial malware classification via low-level features. Digital Investigation. The International Journal of Digital Forensics and Incident Response. volum 26.
Academic article
Helkala, Kirsi Marjaana; Knox, Benjamin James; Jøsok, Øyvind; Lugo, Ricardo; Sütterlin, Stefan; Dyrkolbotn, Geir Olav; Svendsen, Nils Kalstad. (2017) Supporting the Human in Cyber Defence. Lecture Notes in Computer Science (LNCS). volum 10683.
Academic article
Dyrkolbotn, Geir Olav; Wold, Knut; Snekkenes, Einar. (2012) Layout Dependent Phenomena A New Side-channel Power Model. Journal of Computers. volum 7 (4).
Academic article
Dyrkolbotn, Geir Olav; Wold, Knut; Snekkenes, Einar. (2011) Security Implications of Crosstalk in Switching CMOS Gates. Lecture Notes in Computer Science (LNCS). volum 6531.
Academic article

Part of book/report

Banin, Sergii; Dyrkolbotn, Geir Olav. (2021) Detection of Previously Unseen Malware using Memory Access Patterns Recorded Before the Entry Point. 2020 IEEE International Conference on Big Data.
Academic chapter/article/Conference paper
Shalaginov, Andrii; Dyrkolbotn, Geir Olav; Alazab, Mamoun. (2021) Review of the Malware Categorization in the Era of Changing Cybethreats Landscape: Common Approaches, Challenges and Future Needs. Malware Analysis Using Artificial Intelligence and Deep Learning.
Academic chapter/article/Conference paper
Waltoft-Olsen, AndrÃ¨ Jung; Øverlier, Lasse; Dyrkolbotn, Geir Olav; Sharma, Arvind. (2020) Smart Grid challenges - Device Trustworthiness. NIKT: Norsk IKT-konferanse for forskning og utdanning 2020.
Academic chapter/article/Conference paper
Dyrkolbotn, Geir Olav. (2010) Non-Invasive Reverse Engineering of the Relative Position of Bus Wires. Norwegian Information Security Conference = Norsk Informasjonssikkerhetskonferanse : NISK 2010 . Gjøvik University College, Gjøvik, 23-24 November 2010.
Academic chapter/article/Conference paper
Dyrkolbotn, Geir Olav; Snekkenes, Einar. (2009) Electromagnetic Side Channel: A Comparison of Multi-Class Feature Selection Methods. SPPRA 2009, Proceeding of Signal Processing, Pattern Recognition and Applications.
Academic chapter/article/Conference paper
Dyrkolbotn, Geir Olav; Snekkenes, Einar. (2009) Modified Template Attack: Detecting Address Bus Signals of Equal Hamming Weight. Norsk informasjonssikkerhetskonferanse : NISK 2:2009 : NTNU, Trondheim 24.-25. november 2009.
Academic chapter/article/Conference paper
Dyrkolbotn, Geir Olav. (2007) Analysis of the Wireless Covert Channel Attack Carrier Frequency Selection. Norsk informatikkonferanse 2007.
Academic chapter/article/Conference paper
Dyrkolbotn, Geir Olav; Snekkenes, Einar. (2006) A wireless covert channel on smart cards. Lecture Notes in Computer Science.
Academic chapter/article/Conference paper

Report

Dyrkolbotn, Geir Olav. (2011) Reverse Engineering Microprocessor Content Using Electromagnetic Radiation. 2011. ISBN 978-82-91313-73-3. Doctoral Dissertations at Gjøvik University College (2/2011).
Doctoral dissertation

Teaching

Courses

Media

2017

Lecture

Dyrkolbotn, Geir Olav. (2017) Low Level Malware Analysis for Improved Attack Detection and Triage. Cyber and Information Security Day Starmus Festival 2017, Cyber and Information Security Day . NTNU; Trondheim. 2017-06-20 - 2017-06-20.
Academic lecture

Helkala, Kirsi Marjaana; Knox, Benjamin James; Lugo, Ricardo Gregorio; Sütterlin, Stefan; Dyrkolbotn, Geir Olav; Svendsen, Nils Kalstad. (2017) Supporting the Human in Cyber Defence. 3rd Workshop On The Security Of Industrial Control Systems & Of Cyber-Physical Systems in Conjunction With ESORICS 2017 ; 2017-09-11.
Lecture

Novikov, Sergey; Gjære, Erlend Andreas; Dyrkolbotn, Geir Olav; Hjelsvold, Rune; McCallum, Simon. (2017) Gamification of Information Security Education. Starmus Festival 2017, Cyber and Information Security Day . NTNU; Trondheim. 2017-06-20 - 2017-06-20.

Språkvelger

Geir Olav Dyrkolbotn