Geir Olav Dyrkolbotn

About

Maj/Dr. Geir Olav Dyrkolbotn is an officer in the Norwegian Armed Forces at the Norwegian Defence Cyber Academy (NDCA) and an associate professor at Center for Cyber and Information Security (CCIS) at the Norwegian University of Science and Technology (NTNU). He is currently head of the NTNU Malware Lab and the research group for cyber defence at CCIS. Geir Olav holds a PhD in information security from Gjøvik University College (HiG) and a MSc in computer science from the NTNU. His career includes more than 25 years in the Norwegian Armed Forces, where he holds the rank of Major. His career has focused on operation, maintenance and security in tactical communication systems and the last 15 years on defensive cyber operations, computer network defense and operational security. His research interest include cyber defense, reverse engineering and malware analysis, side-channel attacks and machine learning.

Publications

2023

Banin, Sergii; Dyrkolbotn, Geir Olav; Franke, Katrin. (2023) Malware detection and classification using low-level features. Norges teknisk-naturvitenskapelige universitet Doktoravhandlinger ved NTNU (11)
Doctoral dissertation
Sharma, Arvind; Dyrkolbotn, Geir Olav; Øverlier, Lasse; Waltoft-Olsen, AndrÃ¨ Jung; Franke, Katrin; Katsikas, Sokratis. (2023) A State-of-the-Art Reverse Engineering Approach for Combating Hardware Security Vulnerabilities at the System and PCB Level in IoT Devices. IEEE-Physical Assurance and Inspection of Electronics (PAINE-2022),USA. IEEE Xplore Digital Library
Popular scientific article

2021

Alendal, Gunnar; Axelsson, Stefan; Dyrkolbotn, Geir Olav. (2021) Leveraging The USB Power Delivery Implementation For Digital Forensic Acquisition. IFIP Advances in Information and Communication Technology
Academic article
Alendal, Gunnar; Dyrkolbotn, Geir Olav; Axelsson, Stefan. (2021) Digital Forensic Acquisition Kill Chain – Analysis and Demonstration. IFIP Advances in Information and Communication Technology
Academic article
Alendal, Gunnar; Axelsson, Stefan; Dyrkolbotn, Geir Olav. (2021) Chip chop — smashing the mobile phone secure chip for fun and digital forensics. Forensic Science International: Digital Investigation
Academic article
Shalaginov, Andrii; Dyrkolbotn, Geir Olav; Alazab, Mamoun. (2021) Review of the Malware Categorization in the Era of Changing Cybethreats Landscape: Common Approaches, Challenges and Future Needs. Springer
Academic chapter/article/Conference paper
Jensen, Øyvind; Shalaginov, Andrii; Dyrkolbotn, Geir Olav. (2021) Study of Blacklisted Malicious Domains from a Microsoft Windows End-user Perspective: Is It Safe Behind the Wall?. Norsk Informasjonssikkerhetskonferanse (NISK)
Academic article
Banin, Sergii; Dyrkolbotn, Geir Olav. (2021) Detection of Previously Unseen Malware using Memory Access Patterns Recorded Before the Entry Point. IEEE conference proceedings
Academic chapter/article/Conference paper

2020

Waltoft-Olsen, AndrÃ¨ Jung; Øverlier, Lasse; Dyrkolbotn, Geir Olav; Sharma, Arvind. (2020) Smart Grid challenges - Device Trustworthiness.
Academic chapter/article/Conference paper
Karresand, Nils Martin Mikael; Dyrkolbotn, Geir Olav; Axelsson, Stefan. (2020) An Empirical Study of the NTFS Cluster Allocation Behavior Over Time. Forensic Science International: Digital Investigation
Academic article
Banin, Sergii; Dyrkolbotn, Geir Olav. (2020) Detection of Running Malware Before it Becomes Malicious. Lecture Notes in Computer Science (LNCS)
Academic article

2019

Banin, Sergii; Dyrkolbotn, Geir Olav. (2019) Correlating High- and Low-Level Features: Increased Understanding of Malware Classification. Lecture Notes in Computer Science (LNCS)
Academic article
Karresand, Nils Martin Mikael; Axelsson, Stefan; Dyrkolbotn, Geir Olav. (2019) Disk Cluster Allocation Behavior in Windows and NTFS. Mobile Networks and Applications
Academic article
Karresand, Nils Martin Mikael; Axelsson, Stefan; Dyrkolbotn, Geir Olav. (2019) Using NTFS cluster allocation behavior to find the location of user data. Digital Investigation. The International Journal of Digital Forensics and Incident Response
Academic article
Karresand, Nils Martin Mikael; Warnqvist, Asalena; Lindahl, David; Axelsson, Stefan; Dyrkolbotn, Geir Olav. (2019) Creating a map of user data in NTFS to improve file carving. IFIP Advances in Information and Communication Technology
Academic article
Alendal, Gunnar; Axelsson, Stefan; Dyrkolbotn, Geir Olav. (2019) Exploiting Vendor-Defined Messages in the USB Power Delivery Protocol. IFIP Advances in Information and Communication Technology
Academic article

2018

Banin, Sergii; Dyrkolbotn, Geir Olav. (2018) Multinomial malware classification via low-level features. Digital Investigation. The International Journal of Digital Forensics and Incident Response
Academic article
Alendal, Gunnar; Dyrkolbotn, Geir Olav; Axelsson, Stefan. (2018) Forensics Acquisition — Analysis and Circumvention of Samsung Secure Boot enforced Common Criteria Mode. Digital Investigation. The International Journal of Digital Forensics and Incident Response
Academic article

2017

Helkala, Kirsi Marjaana; Knox, Benjamin James; Jøsok, Øyvind; Lugo, Ricardo; Sütterlin, Stefan; Dyrkolbotn, Geir Olav. (2017) Supporting the Human in Cyber Defence. Lecture Notes in Computer Science (LNCS)
Academic article

2012

Dyrkolbotn, Geir Olav; Wold, Knut; Snekkenes, Einar. (2012) Layout Dependent Phenomena A New Side-channel Power Model. Journal of Computers
Academic article

2011

Dyrkolbotn, Geir Olav; Wold, Knut; Snekkenes, Einar. (2011) Security Implications of Crosstalk in Switching CMOS Gates. Lecture Notes in Computer Science (LNCS)
Academic article
Dyrkolbotn, Geir Olav. (2011) Reverse Engineering Microprocessor Content Using Electromagnetic Radiation. Doctoral Dissertations at Gjøvik University College (2/2011)
Doctoral dissertation

2010

Dyrkolbotn, Geir Olav. (2010) Non-Invasive Reverse Engineering of the Relative Position of Bus Wires. Tapir Akademisk Forlag
Academic chapter/article/Conference paper

2009

Dyrkolbotn, Geir Olav; Snekkenes, Einar. (2009) Modified Template Attack: Detecting Address Bus Signals of Equal Hamming Weight. Tapir Akademisk Forlag
Academic chapter/article/Conference paper
Dyrkolbotn, Geir Olav; Snekkenes, Einar. (2009) Electromagnetic Side Channel: A Comparison of Multi-Class Feature Selection Methods. ACTA Press
Academic chapter/article/Conference paper

2007

Dyrkolbotn, Geir Olav. (2007) Analysis of the Wireless Covert Channel Attack Carrier Frequency Selection. Tapir Akademisk Forlag
Academic chapter/article/Conference paper

2006

Dyrkolbotn, Geir Olav; Snekkenes, Einar. (2006) A wireless covert channel on smart cards. Springer
Academic chapter/article/Conference paper

Journal publications

Sharma, Arvind; Dyrkolbotn, Geir Olav; Øverlier, Lasse; Waltoft-Olsen, AndrÃ¨ Jung; Franke, Katrin; Katsikas, Sokratis. (2023) A State-of-the-Art Reverse Engineering Approach for Combating Hardware Security Vulnerabilities at the System and PCB Level in IoT Devices. IEEE-Physical Assurance and Inspection of Electronics (PAINE-2022),USA. IEEE Xplore Digital Library
Popular scientific article
Alendal, Gunnar; Axelsson, Stefan; Dyrkolbotn, Geir Olav. (2021) Leveraging The USB Power Delivery Implementation For Digital Forensic Acquisition. IFIP Advances in Information and Communication Technology
Academic article
Alendal, Gunnar; Dyrkolbotn, Geir Olav; Axelsson, Stefan. (2021) Digital Forensic Acquisition Kill Chain – Analysis and Demonstration. IFIP Advances in Information and Communication Technology
Academic article
Alendal, Gunnar; Axelsson, Stefan; Dyrkolbotn, Geir Olav. (2021) Chip chop — smashing the mobile phone secure chip for fun and digital forensics. Forensic Science International: Digital Investigation
Academic article
Jensen, Øyvind; Shalaginov, Andrii; Dyrkolbotn, Geir Olav. (2021) Study of Blacklisted Malicious Domains from a Microsoft Windows End-user Perspective: Is It Safe Behind the Wall?. Norsk Informasjonssikkerhetskonferanse (NISK)
Academic article
Karresand, Nils Martin Mikael; Dyrkolbotn, Geir Olav; Axelsson, Stefan. (2020) An Empirical Study of the NTFS Cluster Allocation Behavior Over Time. Forensic Science International: Digital Investigation
Academic article
Banin, Sergii; Dyrkolbotn, Geir Olav. (2020) Detection of Running Malware Before it Becomes Malicious. Lecture Notes in Computer Science (LNCS)
Academic article
Banin, Sergii; Dyrkolbotn, Geir Olav. (2019) Correlating High- and Low-Level Features: Increased Understanding of Malware Classification. Lecture Notes in Computer Science (LNCS)
Academic article
Karresand, Nils Martin Mikael; Axelsson, Stefan; Dyrkolbotn, Geir Olav. (2019) Disk Cluster Allocation Behavior in Windows and NTFS. Mobile Networks and Applications
Academic article
Karresand, Nils Martin Mikael; Axelsson, Stefan; Dyrkolbotn, Geir Olav. (2019) Using NTFS cluster allocation behavior to find the location of user data. Digital Investigation. The International Journal of Digital Forensics and Incident Response
Academic article
Karresand, Nils Martin Mikael; Warnqvist, Asalena; Lindahl, David; Axelsson, Stefan; Dyrkolbotn, Geir Olav. (2019) Creating a map of user data in NTFS to improve file carving. IFIP Advances in Information and Communication Technology
Academic article
Alendal, Gunnar; Axelsson, Stefan; Dyrkolbotn, Geir Olav. (2019) Exploiting Vendor-Defined Messages in the USB Power Delivery Protocol. IFIP Advances in Information and Communication Technology
Academic article
Banin, Sergii; Dyrkolbotn, Geir Olav. (2018) Multinomial malware classification via low-level features. Digital Investigation. The International Journal of Digital Forensics and Incident Response
Academic article
Alendal, Gunnar; Dyrkolbotn, Geir Olav; Axelsson, Stefan. (2018) Forensics Acquisition — Analysis and Circumvention of Samsung Secure Boot enforced Common Criteria Mode. Digital Investigation. The International Journal of Digital Forensics and Incident Response
Academic article
Helkala, Kirsi Marjaana; Knox, Benjamin James; Jøsok, Øyvind; Lugo, Ricardo; Sütterlin, Stefan; Dyrkolbotn, Geir Olav. (2017) Supporting the Human in Cyber Defence. Lecture Notes in Computer Science (LNCS)
Academic article
Dyrkolbotn, Geir Olav; Wold, Knut; Snekkenes, Einar. (2012) Layout Dependent Phenomena A New Side-channel Power Model. Journal of Computers
Academic article
Dyrkolbotn, Geir Olav; Wold, Knut; Snekkenes, Einar. (2011) Security Implications of Crosstalk in Switching CMOS Gates. Lecture Notes in Computer Science (LNCS)
Academic article

Part of book/report

Shalaginov, Andrii; Dyrkolbotn, Geir Olav; Alazab, Mamoun. (2021) Review of the Malware Categorization in the Era of Changing Cybethreats Landscape: Common Approaches, Challenges and Future Needs. Springer
Academic chapter/article/Conference paper
Banin, Sergii; Dyrkolbotn, Geir Olav. (2021) Detection of Previously Unseen Malware using Memory Access Patterns Recorded Before the Entry Point. IEEE conference proceedings
Academic chapter/article/Conference paper
Waltoft-Olsen, AndrÃ¨ Jung; Øverlier, Lasse; Dyrkolbotn, Geir Olav; Sharma, Arvind. (2020) Smart Grid challenges - Device Trustworthiness.
Academic chapter/article/Conference paper
Dyrkolbotn, Geir Olav. (2010) Non-Invasive Reverse Engineering of the Relative Position of Bus Wires. Tapir Akademisk Forlag
Academic chapter/article/Conference paper
Dyrkolbotn, Geir Olav; Snekkenes, Einar. (2009) Modified Template Attack: Detecting Address Bus Signals of Equal Hamming Weight. Tapir Akademisk Forlag
Academic chapter/article/Conference paper
Dyrkolbotn, Geir Olav; Snekkenes, Einar. (2009) Electromagnetic Side Channel: A Comparison of Multi-Class Feature Selection Methods. ACTA Press
Academic chapter/article/Conference paper
Dyrkolbotn, Geir Olav. (2007) Analysis of the Wireless Covert Channel Attack Carrier Frequency Selection. Tapir Akademisk Forlag
Academic chapter/article/Conference paper
Dyrkolbotn, Geir Olav; Snekkenes, Einar. (2006) A wireless covert channel on smart cards. Springer
Academic chapter/article/Conference paper

Report

Banin, Sergii; Dyrkolbotn, Geir Olav; Franke, Katrin. (2023) Malware detection and classification using low-level features. Norges teknisk-naturvitenskapelige universitet Doktoravhandlinger ved NTNU (11)
Doctoral dissertation
Dyrkolbotn, Geir Olav. (2011) Reverse Engineering Microprocessor Content Using Electromagnetic Radiation. Doctoral Dissertations at Gjøvik University College (2/2011)
Doctoral dissertation

Teaching

Courses

Media

2017

Lecture

Dyrkolbotn, Geir Olav. (2017) Low Level Malware Analysis for Improved Attack Detection and Triage. NTNU Cyber and Information Security Day Starmus Festival 2017, Cyber and Information Security Day , Trondheim 2017-06-20 - 2017-06-20
Lecture

Novikov, Sergey; Gjære, Erlend Andreas; Dyrkolbotn, Geir Olav; Hjelsvold, Rune; McCallum, Simon. (2017) Gamification of Information Security Education. NTNU Starmus Festival 2017, Cyber and Information Security Day , Trondheim 2017-06-20 - 2017-06-20
Academic lecture

Helkala, Kirsi Marjaana; Knox, Benjamin James; Lugo, Ricardo Gregorio; Sütterlin, Stefan; Dyrkolbotn, Geir Olav; Svendsen, Nils Kalstad. (2017) Supporting the Human in Cyber Defence. 3rd Workshop On The Security Of Industrial Control Systems & Of Cyber-Physical Systems in Conjunction With ESORICS 2017 2017-09-11 -

Språkvelger

Geir Olav Dyrkolbotn