Geir Olav Dyrkolbotn
Geir Olav Dyrkolbotn
Førsteamanuensis
Institutt for informasjonssikkerhet og kommunikasjonsteknologiBakgrunn og aktiviteter
Geir Olav Dyrkolbotn er major i Cyberforsvaret og førsteamanuensis ved Center for Cyber and Information Security (CCIS) ved NTNU. Han leder NTNU Malware Lab og forskningsgruppe for Cyber Defence ved CCIS. Geir Olav har doktorgrad (PhD) i informasjonssikkerhet fra Høgskolen i Gjøvik og sivilingeniør grad innen computer science fra Norges Tekniske Høgskole (NTH). Han har mer enn 25 års erfaring fra Forsvaret. Han har i løpet av karrieren fokusert på drift, vedlikehold og sikkerhet i Forsvaret kommunikasjons-infrastruktur. De siste årene har fokuset vært på defensive cyber operasjoner, forsvar av datanettverk og risiko håndtering. Forskningsinteresser inkluderer: cyber defence, reverse engineering, analyse av malware, side-kanal angrep og maskin læring.
Emner
- IIKG6500 - Cyber Tactics
- IMT4213 - Cyber Tactics
- IMT4116 - Reverse Engineering and Malware Analysis
- IMT4214 - Cyber Intelligence
- IIKG6501 - Cyber Intelligence
Vitenskapelig, faglig og kunstnerisk arbeid
Et utvalg av nyere tidsskriftspublikasjoner, kunstneriske produksjoner, bok, inklusiv bokdeler og rapport-del. Se alle publikasjoner i databasen
Tidsskriftspublikasjoner
- (2021) Chip chop — smashing the mobile phone secure chip for fun and digital forensics. Forensic Science International: Digital Investigation. vol. 37.
- (2021) Leveraging The USB Power Delivery Implementation For Digital Forensic Acquisition. IFIP Advances in Information and Communication Technology. vol. 612.
- (2021) Digital Forensic Acquisition Kill Chain – Analysis and Demonstration. IFIP Advances in Information and Communication Technology. vol. 612.
- (2021) Study of Blacklisted Malicious Domains from a Microsoft Windows End-user Perspective: Is It Safe Behind the Wall?. Norsk Informasjonssikkerhetskonferanse (NISK).
- (2020) Detection of Running Malware Before it Becomes Malicious. Lecture Notes in Computer Science (LNCS). vol. 12231.
- (2020) An Empirical Study of the NTFS Cluster Allocation Behavior Over Time. Forensic Science International: Digital Investigation. vol. 33.
- (2019) Exploiting Vendor-Defined Messages in the USB Power Delivery Protocol. IFIP Advances in Information and Communication Technology. vol. 569.
- (2019) Correlating High- and Low-Level Features: Increased Understanding of Malware Classification. Lecture Notes in Computer Science (LNCS). vol. 11689.
- (2019) Disk Cluster Allocation Behavior in Windows and NTFS. Mobile Networks and Applications.
- (2019) Using NTFS cluster allocation behavior to find the location of user data. Digital Investigation. The International Journal of Digital Forensics and Incident Response. vol. 29.
- (2019) Creating a map of user data in NTFS to improve file carving. IFIP Advances in Information and Communication Technology. vol. 569.
- (2018) Forensics Acquisition — Analysis and Circumvention of Samsung Secure Boot enforced Common Criteria Mode. Digital Investigation. The International Journal of Digital Forensics and Incident Response. vol. 24.
- (2018) Multinomial malware classification via low-level features. Digital Investigation. The International Journal of Digital Forensics and Incident Response. vol. 26.
- (2017) Supporting the Human in Cyber Defence. Lecture Notes in Computer Science (LNCS). vol. 10683.
- (2012) Layout Dependent Phenomena A New Side-channel Power Model. Journal of Computers. vol. 7 (4).
- (2011) Security Implications of Crosstalk in Switching CMOS Gates. Lecture Notes in Computer Science (LNCS). vol. 6531.
Del av bok/rapport
- (2021) Detection of Previously Unseen Malware using Memory Access Patterns Recorded Before the Entry Point. 2020 IEEE International Conference on Big Data.
- (2021) Review of the Malware Categorization in the Era of Changing Cybethreats Landscape: Common Approaches, Challenges and Future Needs. Malware Analysis Using Artificial Intelligence and Deep Learning.
- (2010) Non-Invasive Reverse Engineering of the Relative Position of Bus Wires. Norwegian Information Security Conference = Norsk Informasjonssikkerhetskonferanse : NISK 2010 . Gjøvik University College, Gjøvik, 23-24 November 2010.
- (2009) Electromagnetic Side Channel: A Comparison of Multi-Class Feature Selection Methods. SPPRA 2009, Proceeding of Signal Processing, Pattern Recognition and Applications.