Navigation

  • Skip to Content
NTNU Home

ntnu.edu

  • Studies
    • Master's programmes in English
    • For exchange students
    • PhD opportunities
    • All programmes of study
    • Courses
    • Financing
    • Language requirements
    • Application process
    • Academic calendar
    • FAQ
  • Research and innovation
    • NTNU research
    • Research excellence
    • Strategic research areas
    • Innovation resources
    • PhD opportunities
  • Life and housing
    • Student in Trondheim
    • Student in Gjøvik
    • Student in Ålesund
    • For researchers
    • Life and housing
  • About NTNU
    • Contact us
    • Faculties and departments
    • Libraries
    • International researcher support
    • Vacancies
    • About NTNU
    • Maps
  1. Home
  2. Employees

Språkvelger

Norsk

Geir Olav Dyrkolbotn

Geir Olav Dyrkolbotn

Associate Professor
Department of Information Security and Communication Technology

geir.dyrkolbotn@ntnu.no
Ametyst-bygget, Gjøvik
About Publications Teaching Media

About

Maj/Dr. Geir Olav Dyrkolbotn is an officer in the Norwegian Armed Forces at the Norwegian Defence Cyber Academy (NDCA) and an associate professor at Center for Cyber and Information Security (CCIS) at the Norwegian University of Science and Technology (NTNU). He is currently head of the NTNU Malware Lab and the research group for cyber defence at CCIS. Geir Olav holds a PhD in information security from Gjøvik University College (HiG) and a MSc in computer science from the NTNU. His career includes more than 25 years in the Norwegian Armed Forces, where he holds the rank of Major. His career has focused on operation, maintenance and security in tactical communication systems and the last 15 years on defensive cyber operations, computer network defense and operational security. His research interest include cyber defense, reverse engineering and malware analysis, side-channel attacks and machine learning.

 

Publications

  • Chronological
  • By category
  • See all publications in Cristin

2021

  • Alendal, Gunnar; Axelsson, Stefan; Dyrkolbotn, Geir Olav. (2021) Chip chop — smashing the mobile phone secure chip for fun and digital forensics. Forensic Science International: Digital Investigation. volum 37.
    Academic article
  • Alendal, Gunnar; Axelsson, Stefan; Dyrkolbotn, Geir Olav. (2021) Leveraging The USB Power Delivery Implementation For Digital Forensic Acquisition. IFIP Advances in Information and Communication Technology. volum 612.
    Academic article
  • Alendal, Gunnar; Dyrkolbotn, Geir Olav; Axelsson, Stefan. (2021) Digital Forensic Acquisition Kill Chain – Analysis and Demonstration. IFIP Advances in Information and Communication Technology. volum 612.
    Academic article
  • Banin, Sergii; Dyrkolbotn, Geir Olav. (2021) Detection of Previously Unseen Malware using Memory Access Patterns Recorded Before the Entry Point. 2020 IEEE International Conference on Big Data.
    Academic chapter/article
  • Jensen, Øyvind; Shalaginov, Andrii; Dyrkolbotn, Geir Olav. (2021) Study of Blacklisted Malicious Domains from a Microsoft Windows End-user Perspective: Is It Safe Behind the Wall?. Norsk Informasjonssikkerhetskonferanse (NISK).
    Academic article
  • Shalaginov, Andrii; Dyrkolbotn, Geir Olav; Alazab, Mamoun. (2021) Review of the Malware Categorization in the Era of Changing Cybethreats Landscape: Common Approaches, Challenges and Future Needs. Malware Analysis Using Artificial Intelligence and Deep Learning.
    Academic chapter/article

2020

  • Banin, Sergii; Dyrkolbotn, Geir Olav. (2020) Detection of Running Malware Before it Becomes Malicious. Lecture Notes in Computer Science (LNCS). volum 12231.
    Academic article
  • Karresand, Nils Martin Mikael; Dyrkolbotn, Geir Olav; Axelsson, Stefan. (2020) An Empirical Study of the NTFS Cluster Allocation Behavior Over Time. Forensic Science International: Digital Investigation. volum 33.
    Academic article

2019

  • Alendal, Gunnar; Axelsson, Stefan; Dyrkolbotn, Geir Olav. (2019) Exploiting Vendor-Defined Messages in the USB Power Delivery Protocol. IFIP Advances in Information and Communication Technology. volum 569.
    Academic article
  • Banin, Sergii; Dyrkolbotn, Geir Olav. (2019) Correlating High- and Low-Level Features: Increased Understanding of Malware Classification. Lecture Notes in Computer Science (LNCS). volum 11689.
    Academic article
  • Karresand, Nils Martin Mikael; Axelsson, Stefan; Dyrkolbotn, Geir Olav. (2019) Disk Cluster Allocation Behavior in Windows and NTFS. Mobile Networks and Applications.
    Academic article
  • Karresand, Nils Martin Mikael; Axelsson, Stefan; Dyrkolbotn, Geir Olav. (2019) Using NTFS cluster allocation behavior to find the location of user data. Digital Investigation. The International Journal of Digital Forensics and Incident Response. volum 29.
    Academic article
  • Karresand, Nils Martin Mikael; Warnqvist, Asalena; Lindahl, David; Axelsson, Stefan; Dyrkolbotn, Geir Olav. (2019) Creating a map of user data in NTFS to improve file carving. IFIP Advances in Information and Communication Technology. volum 569.
    Academic article

2018

  • Alendal, Gunnar; Dyrkolbotn, Geir Olav; Axelsson, Stefan. (2018) Forensics Acquisition — Analysis and Circumvention of Samsung Secure Boot enforced Common Criteria Mode. Digital Investigation. The International Journal of Digital Forensics and Incident Response. volum 24.
    Academic article
  • Banin, Sergii; Dyrkolbotn, Geir Olav. (2018) Multinomial malware classification via low-level features. Digital Investigation. The International Journal of Digital Forensics and Incident Response. volum 26.
    Academic article

2017

  • Helkala, Kirsi Marjaana; Knox, Benjamin James; Jøsok, Øyvind; Lugo, Ricardo; Sütterlin, Stefan; Dyrkolbotn, Geir Olav; Svendsen, Nils Kalstad. (2017) Supporting the Human in Cyber Defence. Lecture Notes in Computer Science (LNCS). volum 10683.
    Academic article

2012

  • Dyrkolbotn, Geir Olav; Wold, Knut; Snekkenes, Einar. (2012) Layout Dependent Phenomena A New Side-channel Power Model. Journal of Computers. volum 7 (4).
    Academic article

2011

  • Dyrkolbotn, Geir Olav. (2011) Reverse Engineering Microprocessor Content Using Electromagnetic Radiation. 2011. ISBN 978-82-91313-73-3. Doctoral Dissertations at Gjøvik University College (2/2011).
    PhD thesis
  • Dyrkolbotn, Geir Olav; Wold, Knut; Snekkenes, Einar. (2011) Security Implications of Crosstalk in Switching CMOS Gates. Lecture Notes in Computer Science (LNCS). volum 6531.
    Academic article

2010

  • Dyrkolbotn, Geir Olav. (2010) Non-Invasive Reverse Engineering of the Relative Position of Bus Wires. Norwegian Information Security Conference = Norsk Informasjonssikkerhetskonferanse : NISK 2010 . Gjøvik University College, Gjøvik, 23-24 November 2010.
    Academic chapter/article

2009

  • Dyrkolbotn, Geir Olav; Snekkenes, Einar. (2009) Electromagnetic Side Channel: A Comparison of Multi-Class Feature Selection Methods. SPPRA 2009, Proceeding of Signal Processing, Pattern Recognition and Applications.
    Academic chapter/article
  • Dyrkolbotn, Geir Olav; Snekkenes, Einar. (2009) Modified Template Attack: Detecting Address Bus Signals of Equal Hamming Weight. Norsk informasjonssikkerhetskonferanse : NISK 2:2009 : NTNU, Trondheim 24.-25. november 2009.
    Academic chapter/article

2007

  • Dyrkolbotn, Geir Olav. (2007) Analysis of the Wireless Covert Channel Attack Carrier Frequency Selection. Norsk informatikkonferanse 2007.
    Academic chapter/article

2006

  • Dyrkolbotn, Geir Olav; Snekkenes, Einar. (2006) A wireless covert channel on smart cards. Lecture Notes in Computer Science.
    Academic chapter/article

Scientific articles

  • Alendal, Gunnar; Axelsson, Stefan; Dyrkolbotn, Geir Olav. (2021) Chip chop — smashing the mobile phone secure chip for fun and digital forensics. Forensic Science International: Digital Investigation. volum 37.
    Academic article
  • Alendal, Gunnar; Axelsson, Stefan; Dyrkolbotn, Geir Olav. (2021) Leveraging The USB Power Delivery Implementation For Digital Forensic Acquisition. IFIP Advances in Information and Communication Technology. volum 612.
    Academic article
  • Alendal, Gunnar; Dyrkolbotn, Geir Olav; Axelsson, Stefan. (2021) Digital Forensic Acquisition Kill Chain – Analysis and Demonstration. IFIP Advances in Information and Communication Technology. volum 612.
    Academic article
  • Jensen, Øyvind; Shalaginov, Andrii; Dyrkolbotn, Geir Olav. (2021) Study of Blacklisted Malicious Domains from a Microsoft Windows End-user Perspective: Is It Safe Behind the Wall?. Norsk Informasjonssikkerhetskonferanse (NISK).
    Academic article
  • Banin, Sergii; Dyrkolbotn, Geir Olav. (2020) Detection of Running Malware Before it Becomes Malicious. Lecture Notes in Computer Science (LNCS). volum 12231.
    Academic article
  • Karresand, Nils Martin Mikael; Dyrkolbotn, Geir Olav; Axelsson, Stefan. (2020) An Empirical Study of the NTFS Cluster Allocation Behavior Over Time. Forensic Science International: Digital Investigation. volum 33.
    Academic article
  • Alendal, Gunnar; Axelsson, Stefan; Dyrkolbotn, Geir Olav. (2019) Exploiting Vendor-Defined Messages in the USB Power Delivery Protocol. IFIP Advances in Information and Communication Technology. volum 569.
    Academic article
  • Banin, Sergii; Dyrkolbotn, Geir Olav. (2019) Correlating High- and Low-Level Features: Increased Understanding of Malware Classification. Lecture Notes in Computer Science (LNCS). volum 11689.
    Academic article
  • Karresand, Nils Martin Mikael; Axelsson, Stefan; Dyrkolbotn, Geir Olav. (2019) Disk Cluster Allocation Behavior in Windows and NTFS. Mobile Networks and Applications.
    Academic article
  • Karresand, Nils Martin Mikael; Axelsson, Stefan; Dyrkolbotn, Geir Olav. (2019) Using NTFS cluster allocation behavior to find the location of user data. Digital Investigation. The International Journal of Digital Forensics and Incident Response. volum 29.
    Academic article
  • Karresand, Nils Martin Mikael; Warnqvist, Asalena; Lindahl, David; Axelsson, Stefan; Dyrkolbotn, Geir Olav. (2019) Creating a map of user data in NTFS to improve file carving. IFIP Advances in Information and Communication Technology. volum 569.
    Academic article
  • Alendal, Gunnar; Dyrkolbotn, Geir Olav; Axelsson, Stefan. (2018) Forensics Acquisition — Analysis and Circumvention of Samsung Secure Boot enforced Common Criteria Mode. Digital Investigation. The International Journal of Digital Forensics and Incident Response. volum 24.
    Academic article
  • Banin, Sergii; Dyrkolbotn, Geir Olav. (2018) Multinomial malware classification via low-level features. Digital Investigation. The International Journal of Digital Forensics and Incident Response. volum 26.
    Academic article
  • Helkala, Kirsi Marjaana; Knox, Benjamin James; Jøsok, Øyvind; Lugo, Ricardo; Sütterlin, Stefan; Dyrkolbotn, Geir Olav; Svendsen, Nils Kalstad. (2017) Supporting the Human in Cyber Defence. Lecture Notes in Computer Science (LNCS). volum 10683.
    Academic article
  • Dyrkolbotn, Geir Olav; Wold, Knut; Snekkenes, Einar. (2012) Layout Dependent Phenomena A New Side-channel Power Model. Journal of Computers. volum 7 (4).
    Academic article
  • Dyrkolbotn, Geir Olav; Wold, Knut; Snekkenes, Einar. (2011) Security Implications of Crosstalk in Switching CMOS Gates. Lecture Notes in Computer Science (LNCS). volum 6531.
    Academic article

Part of book/report

  • Banin, Sergii; Dyrkolbotn, Geir Olav. (2021) Detection of Previously Unseen Malware using Memory Access Patterns Recorded Before the Entry Point. 2020 IEEE International Conference on Big Data.
    Academic chapter/article
  • Shalaginov, Andrii; Dyrkolbotn, Geir Olav; Alazab, Mamoun. (2021) Review of the Malware Categorization in the Era of Changing Cybethreats Landscape: Common Approaches, Challenges and Future Needs. Malware Analysis Using Artificial Intelligence and Deep Learning.
    Academic chapter/article
  • Dyrkolbotn, Geir Olav. (2010) Non-Invasive Reverse Engineering of the Relative Position of Bus Wires. Norwegian Information Security Conference = Norsk Informasjonssikkerhetskonferanse : NISK 2010 . Gjøvik University College, Gjøvik, 23-24 November 2010.
    Academic chapter/article
  • Dyrkolbotn, Geir Olav; Snekkenes, Einar. (2009) Electromagnetic Side Channel: A Comparison of Multi-Class Feature Selection Methods. SPPRA 2009, Proceeding of Signal Processing, Pattern Recognition and Applications.
    Academic chapter/article
  • Dyrkolbotn, Geir Olav; Snekkenes, Einar. (2009) Modified Template Attack: Detecting Address Bus Signals of Equal Hamming Weight. Norsk informasjonssikkerhetskonferanse : NISK 2:2009 : NTNU, Trondheim 24.-25. november 2009.
    Academic chapter/article
  • Dyrkolbotn, Geir Olav. (2007) Analysis of the Wireless Covert Channel Attack Carrier Frequency Selection. Norsk informatikkonferanse 2007.
    Academic chapter/article
  • Dyrkolbotn, Geir Olav; Snekkenes, Einar. (2006) A wireless covert channel on smart cards. Lecture Notes in Computer Science.
    Academic chapter/article

Report

  • Dyrkolbotn, Geir Olav. (2011) Reverse Engineering Microprocessor Content Using Electromagnetic Radiation. 2011. ISBN 978-82-91313-73-3. Doctoral Dissertations at Gjøvik University College (2/2011).
    PhD thesis

Teaching

Courses

  • IIKG6500 - Cyber Tactics
  • IMT4213 - Cyber Tactics
  • IMT4214 - Cyber Intelligence
  • IIKG6501 - Cyber Intelligence
  • IMT4116 - Reverse Engineering and Malware Analysis

Media

2017

  • Lecture
    Dyrkolbotn, Geir Olav. (2017) Low Level Malware Analysis for Improved Attack Detection and Triage. Cyber and Information Security Day Starmus Festival 2017, Cyber and Information Security Day . NTNU; Trondheim. 2017-06-20 - 2017-06-20.
  • Academic lecture
    Helkala, Kirsi Marjaana; Knox, Benjamin James; Lugo, Ricardo Gregorio; Sütterlin, Stefan; Dyrkolbotn, Geir Olav; Svendsen, Nils Kalstad. (2017) Supporting the Human in Cyber Defence. 3rd Workshop On The Security Of Industrial Control Systems & Of Cyber-Physical Systems in Conjunction With ESORICS 2017 ; 2017-09-11.
  • Lecture
    Novikov, Sergey; Gjære, Erlend Andreas; Dyrkolbotn, Geir Olav; Hjelsvold, Rune; McCallum, Simon. (2017) Gamification of Information Security Education. Starmus Festival 2017, Cyber and Information Security Day . NTNU; Trondheim. 2017-06-20 - 2017-06-20.
NTNU
Studies
  • Master's programmes in English
  • For exchange students
  • PhD opportunities
  • Courses
  • Career development
  • Continuing education
  • Application process
Contact
  • Contact NTNU
  • Employees
  • For alumni
  • Press contacts
  • Researcher support
Discover NTNU
  • Experts
  • Vacancies
  • Pictures from NTNU
  • Innovation resources
  • NTNU in Gjøvik
  • NTNU in Trondheim
  • NTNU in Ålesund
  • Maps
About NTNU
  • NTNU's strategy
  • Research excellence
  • Strategic research areas
  • Organizational chart
  • Libraries
  • About the university
Services
  • For employees
  • For students
  • Blackboard
  • Intranet

Norwegian University of Science and Technology

About cookies
Privacy policy
Editoral responsibility
Sign In