NTNU malwarelab is an academic group for teaching, research and development, and an arena for cooperation and knowledge development. The aim is to increase knowledge about malware in both public and private sectors.
The laboratory was established in October 2016, and builds on the malware research and education at NTNU Testimon Forensics Group. Testimon Forensics Group has focused on malware since 2010, and is an active member of NTNU malwarelab. Testimon has since 2010 had master and doctoral students who focuses on malware in their research.
Associate professor Geir Olav Dyrkolbotn
Visiting address: Teknologivegen 22, Gjøvik
Mobile Malware Campaign
Mobile Malware Campaign
NTNU, in a joint effort between the Center for Cyber and Information Security (CCIS) Defence Group and Testimon Forensics group, during the last week of October 2016 joined Europol’s European Cybercrime Centre (EC3) in a mobile malware campaign. The objective of the campaign was to raise awareness among users on how to protect oneself from getting malware on mobile devices.
NTNU malware lab list of emloyees.
To be announced
NTNU organized Malware Forum 2020
Following the success of 2017, NTNU Malware Lab organized the Malware Forum on campus Gjøvik in collaboration with the Norwegian National Cyber Security Centre (NCSC) for the fourth time on the 5th of November 2020.
The goal of NTNU Malware Forum is to provide a networking arena and to bring together knowledge and expertise from industry and academia in Norway and abroad. The topics presented during the Malware Forum are mostly technical and include analysis of malware sample, incident or campaign, best practices and new tools.
The program included a talk from Moritz Raabe on technical details of a backdoor containing some usual and some unusual malware capabilities. Moritz is a Principal Reverse Engineer on the FireEye/Mandiant FLARE team (https://www.fireeye.com/). He joined FLARE after obtaining a Master of Science in Information Security from Carnegie Mellon University. Moritz develops tools to automate malware analysis and enhance reverse engineering. He created FLOSS to automatically decode obfuscated strings from malware and CAPA to automatically identify capabilities in binary programs.
Kevin Alejandro Roundy talked on approaches to fight creepware, the apps that extend intimate partner violence into the digital world. Kevin received his Ph.D. from the University of Wisconsin in 2012, when he joined NortonLifeLock Research Group as a researcher, which was then known as Symantec Research Labs. He and his colleagues have developed algorithms that block millions of malicious software files and mobile apps each day on behalf of NortonLifeLock’s nearly 50 million customers (https://www.nortonlifelock.com/).