Geir Olav Dyrkolbotn
Geir Olav Dyrkolbotn
Associate Professor
Department of Information Security and Communication TechnologyBackground and activities
Maj/Dr. Geir Olav Dyrkolbotn is an officer in the Norwegian Armed Forces at the Norwegian Defence Cyber Academy (NDCA) and an associate professor at Center for Cyber and Information Security (CCIS) at the Norwegian University of Science and Technology (NTNU). He is currently head of the NTNU Malware Lab and the research group for cyber defence at CCIS. Geir Olav holds a PhD in information security from Gjøvik University College (HiG) and a MSc in computer science from the NTNU. His career includes more than 25 years in the Norwegian Armed Forces, where he holds the rank of Major. His career has focused on operation, maintenance and security in tactical communication systems and the last 15 years on defensive cyber operations, computer network defense and operational security. His research interest include cyber defense, reverse engineering and malware analysis, side-channel attacks and machine learning.
Courses
- IIKG6500 - Cyber Tactics
- IMT4214 - Cyber Intelligence
- IIKG6501 - Cyber Intelligence
- IMT4116 - Reverse Engineering and Malware Analysis
- IMT4213 - Cyber Tactics
Scientific, academic and artistic work
A selection of recent journal publications, artistic productions, books, including book and report excerpts. See all publications in the database
Journal publications
- (2021) Chip chop — smashing the mobile phone secure chip for fun and digital forensics. Forensic Science International: Digital Investigation. vol. 37.
- (2021) Leveraging The USB Power Delivery Implementation For Digital Forensic Acquisition. IFIP Advances in Information and Communication Technology. vol. 612.
- (2021) Digital Forensic Acquisition Kill Chain – Analysis and Demonstration. IFIP Advances in Information and Communication Technology. vol. 612.
- (2021) Study of Blacklisted Malicious Domains from a Microsoft Windows End-user Perspective: Is It Safe Behind the Wall?. Norsk Informasjonssikkerhetskonferanse (NISK).
- (2020) Detection of Running Malware Before it Becomes Malicious. Lecture Notes in Computer Science (LNCS). vol. 12231.
- (2020) An Empirical Study of the NTFS Cluster Allocation Behavior Over Time. Forensic Science International: Digital Investigation. vol. 33.
- (2019) Exploiting Vendor-Defined Messages in the USB Power Delivery Protocol. IFIP Advances in Information and Communication Technology. vol. 569.
- (2019) Correlating High- and Low-Level Features: Increased Understanding of Malware Classification. Lecture Notes in Computer Science (LNCS). vol. 11689.
- (2019) Disk Cluster Allocation Behavior in Windows and NTFS. Mobile Networks and Applications.
- (2019) Using NTFS cluster allocation behavior to find the location of user data. Digital Investigation. The International Journal of Digital Forensics and Incident Response. vol. 29.
- (2019) Creating a map of user data in NTFS to improve file carving. IFIP Advances in Information and Communication Technology. vol. 569.
- (2018) Forensics Acquisition — Analysis and Circumvention of Samsung Secure Boot enforced Common Criteria Mode. Digital Investigation. The International Journal of Digital Forensics and Incident Response. vol. 24.
- (2018) Multinomial malware classification via low-level features. Digital Investigation. The International Journal of Digital Forensics and Incident Response. vol. 26.
- (2017) Supporting the Human in Cyber Defence. Lecture Notes in Computer Science (LNCS). vol. 10683.
- (2012) Layout Dependent Phenomena A New Side-channel Power Model. Journal of Computers. vol. 7 (4).
- (2011) Security Implications of Crosstalk in Switching CMOS Gates. Lecture Notes in Computer Science (LNCS). vol. 6531.
Part of book/report
- (2021) Detection of Previously Unseen Malware using Memory Access Patterns Recorded Before the Entry Point. 2020 IEEE International Conference on Big Data.
- (2021) Review of the Malware Categorization in the Era of Changing Cybethreats Landscape: Common Approaches, Challenges and Future Needs. Malware Analysis Using Artificial Intelligence and Deep Learning.
- (2010) Non-Invasive Reverse Engineering of the Relative Position of Bus Wires. Norwegian Information Security Conference = Norsk Informasjonssikkerhetskonferanse : NISK 2010 . Gjøvik University College, Gjøvik, 23-24 November 2010.
- (2009) Electromagnetic Side Channel: A Comparison of Multi-Class Feature Selection Methods. SPPRA 2009, Proceeding of Signal Processing, Pattern Recognition and Applications.