Geir Olav Dyrkolbotn
About
Maj/Dr. Geir Olav Dyrkolbotn is an officer in the Norwegian Armed Forces at the Norwegian Defence Cyber Academy (NDCA) and an associate professor at Center for Cyber and Information Security (CCIS) at the Norwegian University of Science and Technology (NTNU). He is currently head of the NTNU Malware Lab and the research group for cyber defence at CCIS. Geir Olav holds a PhD in information security from Gjøvik University College (HiG) and a MSc in computer science from the NTNU. His career includes more than 25 years in the Norwegian Armed Forces, where he holds the rank of Major. His career has focused on operation, maintenance and security in tactical communication systems and the last 15 years on defensive cyber operations, computer network defense and operational security. His research interest include cyber defense, reverse engineering and malware analysis, side-channel attacks and machine learning.
Publications
2024
-
Waltoft-Olsen, Andrè Jung;
Johnson, Phillip;
Dyrkolbotn, Geir Olav;
Øverlier, Lasse.
(2024)
Exploring a Low-Cost Hardware Reverse Engineering Approach: A Use Case Experiment.
IFIP Advances in Information and Communication Technology
Academic article
2023
-
Waltoft-Olsen, Andrè Jung;
Øverlier, Lasse;
Dyrkolbotn, Geir Olav;
Sharma, Arvind.
(2023)
Smart Grid challenges - Device Trustworthiness.
OpenProceedings
Academic chapter/article/Conference paper
-
Banin, Sergii;
Dyrkolbotn, Geir Olav;
Franke, Katrin.
(2023)
Malware detection and classification using low-level features.
Norges teknisk-naturvitenskapelige universitet
Doktoravhandlinger ved NTNU (11)
Doctoral dissertation
-
Sharma, Arvind;
Dyrkolbotn, Geir Olav;
Øverlier, Lasse;
Waltoft-Olsen, Andrè Jung;
Franke, Katrin;
Katsikas, Sokratis.
(2023)
A State-of-the-Art Reverse Engineering Approach for Combating Hardware Security Vulnerabilities at the System and PCB Level in IoT Devices. IEEE-Physical Assurance and Inspection of Electronics (PAINE-2022),USA.
IEEE Xplore Digital Library
Academic article
2021
-
Banin, Sergii;
Dyrkolbotn, Geir Olav.
(2021)
Detection of Previously Unseen Malware using Memory Access Patterns Recorded Before the Entry Point.
IEEE conference proceedings
Academic chapter/article/Conference paper
-
Alendal, Gunnar;
Dyrkolbotn, Geir Olav;
Axelsson, Stefan.
(2021)
Digital Forensic Acquisition Kill Chain – Analysis and Demonstration.
IFIP Advances in Information and Communication Technology
Academic article
-
Alendal, Gunnar;
Axelsson, Stefan;
Dyrkolbotn, Geir Olav.
(2021)
Leveraging The USB Power Delivery Implementation For Digital Forensic Acquisition.
IFIP Advances in Information and Communication Technology
Academic article
-
Alendal, Gunnar;
Axelsson, Stefan;
Dyrkolbotn, Geir Olav.
(2021)
Chip chop — smashing the mobile phone secure chip for fun and digital forensics.
Forensic Science International: Digital Investigation
Academic article
-
Jensen, Øyvind;
Shalaginov, Andrii;
Dyrkolbotn, Geir Olav.
(2021)
Study of Blacklisted Malicious Domains from a Microsoft Windows End-user Perspective: Is It Safe Behind the Wall?.
Norsk Informasjonssikkerhetskonferanse (NISK)
Academic article
-
Shalaginov, Andrii;
Dyrkolbotn, Geir Olav;
Alazab, Mamoun.
(2021)
Review of the Malware Categorization in the Era of Changing Cybethreats Landscape: Common Approaches, Challenges and Future Needs.
Springer
Academic chapter/article/Conference paper
2020
-
Banin, Sergii;
Dyrkolbotn, Geir Olav.
(2020)
Detection of Running Malware Before it Becomes Malicious.
Lecture Notes in Computer Science (LNCS)
Academic article
-
Karresand, Nils Martin Mikael;
Dyrkolbotn, Geir Olav;
Axelsson, Stefan.
(2020)
An Empirical Study of the NTFS Cluster Allocation Behavior Over Time.
Forensic Science International: Digital Investigation
Academic article
2019
-
Alendal, Gunnar;
Axelsson, Stefan;
Dyrkolbotn, Geir Olav.
(2019)
Exploiting Vendor-Defined Messages in the USB Power Delivery Protocol.
IFIP Advances in Information and Communication Technology
Academic article
-
Banin, Sergii;
Dyrkolbotn, Geir Olav.
(2019)
Correlating High- and Low-Level Features: Increased Understanding of Malware Classification.
Lecture Notes in Computer Science (LNCS)
Academic article
-
Karresand, Nils Martin Mikael;
Warnqvist, Asalena;
Lindahl, David;
Axelsson, Stefan;
Dyrkolbotn, Geir Olav.
(2019)
Creating a map of user data in NTFS to improve file carving.
IFIP Advances in Information and Communication Technology
Academic article
-
Karresand, Nils Martin Mikael;
Axelsson, Stefan;
Dyrkolbotn, Geir Olav.
(2019)
Disk Cluster Allocation Behavior in Windows and NTFS.
Mobile Networks and Applications
Academic article
-
Karresand, Nils Martin Mikael;
Axelsson, Stefan;
Dyrkolbotn, Geir Olav.
(2019)
Using NTFS cluster allocation behavior to find the location of user data.
Digital Investigation. The International Journal of Digital Forensics and Incident Response
Academic article
2018
-
Banin, Sergii;
Dyrkolbotn, Geir Olav.
(2018)
Multinomial malware classification via low-level features.
Digital Investigation. The International Journal of Digital Forensics and Incident Response
Academic article
-
Alendal, Gunnar;
Dyrkolbotn, Geir Olav;
Axelsson, Stefan.
(2018)
Forensics Acquisition — Analysis and Circumvention of Samsung Secure Boot enforced Common Criteria Mode.
Digital Investigation. The International Journal of Digital Forensics and Incident Response
Academic article
2017
-
Helkala, Kirsi Marjaana;
Knox, Benjamin James;
Jøsok, Øyvind;
Lugo, Ricardo;
Sütterlin, Stefan;
Dyrkolbotn, Geir Olav.
(2017)
Supporting the Human in Cyber Defence.
Lecture Notes in Computer Science (LNCS)
Academic article
2012
-
Dyrkolbotn, Geir Olav;
Wold, Knut;
Snekkenes, Einar.
(2012)
Layout Dependent Phenomena A New Side-channel Power Model.
Journal of Computers
Academic article
2011
-
Dyrkolbotn, Geir Olav;
Wold, Knut;
Snekkenes, Einar.
(2011)
Security Implications of Crosstalk in Switching CMOS Gates.
Lecture Notes in Computer Science (LNCS)
Academic article
-
Dyrkolbotn, Geir Olav.
(2011)
Reverse Engineering Microprocessor Content Using Electromagnetic Radiation.
Doctoral Dissertations at Gjøvik University College (2/2011)
Doctoral dissertation
2010
-
Dyrkolbotn, Geir Olav.
(2010)
Non-Invasive Reverse Engineering of the Relative Position of Bus Wires.
Tapir Akademisk Forlag
Academic chapter/article/Conference paper
2009
-
Dyrkolbotn, Geir Olav;
Snekkenes, Einar.
(2009)
Modified Template Attack: Detecting Address Bus Signals of Equal Hamming Weight.
Tapir Akademisk Forlag
Academic chapter/article/Conference paper
-
Dyrkolbotn, Geir Olav;
Snekkenes, Einar.
(2009)
Electromagnetic Side Channel: A Comparison of Multi-Class Feature Selection Methods.
ACTA Press
Academic chapter/article/Conference paper
2007
-
Dyrkolbotn, Geir Olav.
(2007)
Analysis of the Wireless Covert Channel Attack Carrier Frequency Selection.
Tapir Akademisk Forlag
Academic chapter/article/Conference paper
2006
-
Dyrkolbotn, Geir Olav;
Snekkenes, Einar.
(2006)
A wireless covert channel on smart cards.
Springer
Academic chapter/article/Conference paper
Journal publications
-
Waltoft-Olsen, Andrè Jung;
Johnson, Phillip;
Dyrkolbotn, Geir Olav;
Øverlier, Lasse.
(2024)
Exploring a Low-Cost Hardware Reverse Engineering Approach: A Use Case Experiment.
IFIP Advances in Information and Communication Technology
Academic article
-
Sharma, Arvind;
Dyrkolbotn, Geir Olav;
Øverlier, Lasse;
Waltoft-Olsen, Andrè Jung;
Franke, Katrin;
Katsikas, Sokratis.
(2023)
A State-of-the-Art Reverse Engineering Approach for Combating Hardware Security Vulnerabilities at the System and PCB Level in IoT Devices. IEEE-Physical Assurance and Inspection of Electronics (PAINE-2022),USA.
IEEE Xplore Digital Library
Academic article
-
Alendal, Gunnar;
Dyrkolbotn, Geir Olav;
Axelsson, Stefan.
(2021)
Digital Forensic Acquisition Kill Chain – Analysis and Demonstration.
IFIP Advances in Information and Communication Technology
Academic article
-
Alendal, Gunnar;
Axelsson, Stefan;
Dyrkolbotn, Geir Olav.
(2021)
Leveraging The USB Power Delivery Implementation For Digital Forensic Acquisition.
IFIP Advances in Information and Communication Technology
Academic article
-
Alendal, Gunnar;
Axelsson, Stefan;
Dyrkolbotn, Geir Olav.
(2021)
Chip chop — smashing the mobile phone secure chip for fun and digital forensics.
Forensic Science International: Digital Investigation
Academic article
-
Jensen, Øyvind;
Shalaginov, Andrii;
Dyrkolbotn, Geir Olav.
(2021)
Study of Blacklisted Malicious Domains from a Microsoft Windows End-user Perspective: Is It Safe Behind the Wall?.
Norsk Informasjonssikkerhetskonferanse (NISK)
Academic article
-
Banin, Sergii;
Dyrkolbotn, Geir Olav.
(2020)
Detection of Running Malware Before it Becomes Malicious.
Lecture Notes in Computer Science (LNCS)
Academic article
-
Karresand, Nils Martin Mikael;
Dyrkolbotn, Geir Olav;
Axelsson, Stefan.
(2020)
An Empirical Study of the NTFS Cluster Allocation Behavior Over Time.
Forensic Science International: Digital Investigation
Academic article
-
Alendal, Gunnar;
Axelsson, Stefan;
Dyrkolbotn, Geir Olav.
(2019)
Exploiting Vendor-Defined Messages in the USB Power Delivery Protocol.
IFIP Advances in Information and Communication Technology
Academic article
-
Banin, Sergii;
Dyrkolbotn, Geir Olav.
(2019)
Correlating High- and Low-Level Features: Increased Understanding of Malware Classification.
Lecture Notes in Computer Science (LNCS)
Academic article
-
Karresand, Nils Martin Mikael;
Warnqvist, Asalena;
Lindahl, David;
Axelsson, Stefan;
Dyrkolbotn, Geir Olav.
(2019)
Creating a map of user data in NTFS to improve file carving.
IFIP Advances in Information and Communication Technology
Academic article
-
Karresand, Nils Martin Mikael;
Axelsson, Stefan;
Dyrkolbotn, Geir Olav.
(2019)
Disk Cluster Allocation Behavior in Windows and NTFS.
Mobile Networks and Applications
Academic article
-
Karresand, Nils Martin Mikael;
Axelsson, Stefan;
Dyrkolbotn, Geir Olav.
(2019)
Using NTFS cluster allocation behavior to find the location of user data.
Digital Investigation. The International Journal of Digital Forensics and Incident Response
Academic article
-
Banin, Sergii;
Dyrkolbotn, Geir Olav.
(2018)
Multinomial malware classification via low-level features.
Digital Investigation. The International Journal of Digital Forensics and Incident Response
Academic article
-
Alendal, Gunnar;
Dyrkolbotn, Geir Olav;
Axelsson, Stefan.
(2018)
Forensics Acquisition — Analysis and Circumvention of Samsung Secure Boot enforced Common Criteria Mode.
Digital Investigation. The International Journal of Digital Forensics and Incident Response
Academic article
-
Helkala, Kirsi Marjaana;
Knox, Benjamin James;
Jøsok, Øyvind;
Lugo, Ricardo;
Sütterlin, Stefan;
Dyrkolbotn, Geir Olav.
(2017)
Supporting the Human in Cyber Defence.
Lecture Notes in Computer Science (LNCS)
Academic article
-
Dyrkolbotn, Geir Olav;
Wold, Knut;
Snekkenes, Einar.
(2012)
Layout Dependent Phenomena A New Side-channel Power Model.
Journal of Computers
Academic article
-
Dyrkolbotn, Geir Olav;
Wold, Knut;
Snekkenes, Einar.
(2011)
Security Implications of Crosstalk in Switching CMOS Gates.
Lecture Notes in Computer Science (LNCS)
Academic article
Part of book/report
-
Waltoft-Olsen, Andrè Jung;
Øverlier, Lasse;
Dyrkolbotn, Geir Olav;
Sharma, Arvind.
(2023)
Smart Grid challenges - Device Trustworthiness.
OpenProceedings
Academic chapter/article/Conference paper
-
Banin, Sergii;
Dyrkolbotn, Geir Olav.
(2021)
Detection of Previously Unseen Malware using Memory Access Patterns Recorded Before the Entry Point.
IEEE conference proceedings
Academic chapter/article/Conference paper
-
Shalaginov, Andrii;
Dyrkolbotn, Geir Olav;
Alazab, Mamoun.
(2021)
Review of the Malware Categorization in the Era of Changing Cybethreats Landscape: Common Approaches, Challenges and Future Needs.
Springer
Academic chapter/article/Conference paper
-
Dyrkolbotn, Geir Olav.
(2010)
Non-Invasive Reverse Engineering of the Relative Position of Bus Wires.
Tapir Akademisk Forlag
Academic chapter/article/Conference paper
-
Dyrkolbotn, Geir Olav;
Snekkenes, Einar.
(2009)
Modified Template Attack: Detecting Address Bus Signals of Equal Hamming Weight.
Tapir Akademisk Forlag
Academic chapter/article/Conference paper
-
Dyrkolbotn, Geir Olav;
Snekkenes, Einar.
(2009)
Electromagnetic Side Channel: A Comparison of Multi-Class Feature Selection Methods.
ACTA Press
Academic chapter/article/Conference paper
-
Dyrkolbotn, Geir Olav.
(2007)
Analysis of the Wireless Covert Channel Attack Carrier Frequency Selection.
Tapir Akademisk Forlag
Academic chapter/article/Conference paper
-
Dyrkolbotn, Geir Olav;
Snekkenes, Einar.
(2006)
A wireless covert channel on smart cards.
Springer
Academic chapter/article/Conference paper
Report
-
Banin, Sergii;
Dyrkolbotn, Geir Olav;
Franke, Katrin.
(2023)
Malware detection and classification using low-level features.
Norges teknisk-naturvitenskapelige universitet
Doktoravhandlinger ved NTNU (11)
Doctoral dissertation
-
Dyrkolbotn, Geir Olav.
(2011)
Reverse Engineering Microprocessor Content Using Electromagnetic Radiation.
Doctoral Dissertations at Gjøvik University College (2/2011)
Doctoral dissertation
Teaching
Courses
Outreach
2017
-
LectureDyrkolbotn, Geir Olav. (2017) Low Level Malware Analysis for Improved Attack Detection and Triage. NTNU Cyber and Information Security Day Starmus Festival 2017, Cyber and Information Security Day , Trondheim 2017-06-20 - 2017-06-20
-
LectureNovikov, Sergey; Gjære, Erlend Andreas; Dyrkolbotn, Geir Olav; Hjelsvold, Rune; McCallum, Simon. (2017) Gamification of Information Security Education. NTNU Starmus Festival 2017, Cyber and Information Security Day , Trondheim 2017-06-20 - 2017-06-20
-
Academic lectureHelkala, Kirsi Marjaana; Knox, Benjamin James; Lugo, Ricardo Gregorio; Sütterlin, Stefan; Dyrkolbotn, Geir Olav; Svendsen, Nils Kalstad. (2017) Supporting the Human in Cyber Defence. 3rd Workshop On The Security Of Industrial Control Systems & Of Cyber-Physical Systems in Conjunction With ESORICS 2017 2017-09-11 -