Blar i NTNU Open på forfatter "Dyrkolbotn, Geir Olav"
-
Forensics Acquisition — Analysis and Circumvention of Samsung Secure Boot enforced Common Criteria Mode
Alendal, Gunnar; Dyrkolbotn, Geir Olav; Axelsson, Stefan (Journal article; Peer reviewed, 2018)The acquisition of data from mobile phones have been a mainstay of criminal digital forensics for a number of years now. However, this forensic acquisition is getting more and more difficult with the increasing security ... -
Hunting malicious scripts using machine learning
Brevig, Torstein (Master thesis, 2020)Siden datamaskiner er i bruk overalt i samfunnet, har ondsinnet programvare (skadevare) vokst til en stor trussel. For eksempel har bruken av ransomware økt de siste årene. En måte å spre slik skadevare på er ved bruk av ... -
Hunting malicious scripts using machine learning
Lien, Tormod Haus (Master thesis, 2021)Datasystemer har blitt mer og mer avgjørende for samfunnet vårt, noe som betyr at disse systemene har blitt mer verdifulle enn noen gang før, og er derfor utsatt for interaksjoner fra personer med ondsinnede hensikter. Det ... -
Interpretation of File System Metadata in a Criminal Investigation Context
Nordvik, Rune (Doctoral theses at NTNU;2024:115, Doctoral thesis, 2024)The reliable reconstruction of digital events is imperative for solving criminal cases. Computers, servers, mobile and IoT devices, vehicles, and EV charging infrastructure all use either local or remote storage (cloud). ... -
Layout Dependent Phenomena A New Side-channel Power Model
Dyrkolbotn, Geir Olav; Wold, Knut; Snekkenes, Einar (Journal article; Peer reviewed, 2012)The energy dissipation associated with switching in CMOS logic gates can be used to classify the microprocessor’s activity. In VLSI design, layout dependent phenomena, such as capacitive crosstalk, become a major ... -
Leveraging The USB Power Delivery Implementation For Digital Forensic Acquisition
Alendal, Gunnar; Axelsson, Stefan; Dyrkolbotn, Geir Olav (Peer reviewed; Journal article, 2021)Modern consumer devices present major challenges in digital forensic investigations due to security mechanisms that protect user data. The entire physical attack surface of a seized device such as a mobile phone must be ... -
Malware detection and classification using low-level features
Banin, Sergii (Doctoral theses at NTNU;2023:11, Doctoral thesis, 2023)Nowadays, computers and computer systems are involved in most areas of our lives. Employees and users of manufacturing and transportation, banking and healthcare, education, and entertainment rely on computers and networks ... -
Mind the Gap - An Exploratory Study of Commercial and Military Computer Security Incident Response Teams (CSIRTs) - Are Incident Response (IR) and Computer Security Incident Response Teams (CSIRTs) Forensic ready in the information domain?
Ringstad, Jan Terje (Master thesis, 2017)The challenges related to overwhelming amounts of data and information are emerging in the cybersecurity profession. Operators and decision makers need to process vast amounts of information to get the best basis possible ... -
Multinomial malware classification based on call graphs
Østbye, Morten Oscar (Master thesis, 2017)Ever since the computer was invented, people have found ways to evolve interaction or simplify tasks with computational resources, this for both good and bad. For the known lifespan of the digital age, malicious software ... -
Multinomial malware classification using control flow graphs
Håland, Magnus Simonsen (Master thesis, 2019)I disse dager med personlige datamaskiner og Internett har skadelig programvare (skadevare) blitt en økende trussel. Antall hendelser som involverer skadevare, som har forårsaker betydelige skader for både private og ... -
Multinomial malware classification via low-level features
Banin, Sergii; Dyrkolbotn, Geir Olav (Journal article; Peer reviewed, 2018)Because malicious software or (”malware”) is so frequently used in a cyber crimes, malware detection and relevant research became a serious issue in the information security landscape. However, in order to have an appropriate ... -
Real-Time Event Correlation for Windows Event Logs
Ingesen, Martin (Master thesis, 2020)Nye sårbarheter og angrepsvektor blir funnet hver dag. Cyberangrep kan kritisk skade og påvirke bedrifter som blir angrepet. Mange av disse truslene fokuserer på å penetrere nettverket til bedriften for å stjele verdifull ... -
Reverse Engineering Microprocessor Content Using Electromagnetic Radiation
Dyrkolbotn, Geir Olav (Doktorgradsavhandlinger ved Høgskolen i Gjøvik;2/2011, Doctoral thesis, 2011-11-28)Moore’s law has, for almost half a century, described a trend in which the number of transistors in integrated circuits have been doubled every year. Properties, such as processing speed, memory capacity and physical size ... -
Similarity-based Intelligent Malware Type Detection through Multiple Sources of Dynamic Characteristics
Denzer, Thilo (Master thesis, 2019)Malware analysts face challenges related to increasing number of malware variants emerging every year. Conventional classification of Windows PE32 executables into benign and malicious is no longer sufficient and needs ... -
Study of Blacklisted Malicious Domains from a Microsoft Windows End-user Perspective: Is It Safe Behind the Wall?
Jensen, Øyvind; Shalaginov, Andrii; Dyrkolbotn, Geir Olav (Peer reviewed; Journal article, 2020)The Internet is a dangerous place, _lled with di_erent cyber threats, including malware. To withstand this, blacklists have been utilized for a long time to block known infection and delivery sources. However, through ... -
The Cyber Threat Landscape on Blacklisted Malicious Domains
Jensen, Øyvind (Master thesis, 2019)Internett er en farlig plass, fylt med forskjellige typer skadevare. Derfor har svartelister blitt benyttet i lengre tid for å blokkere kjente infeksjons- og leveringskilder. Ved å blokkere domener trenger vi ikke å bekymre ... -
Threat mitigation and national security: A mixed methods study of perceptions on cyber security information sharing among Norwegian organizations
Amundsen, Mikkel; Sunde, Fanny Chaba (Master thesis, 2022)Norske virksomheter blir i økende grad utsatt for målrettede cyberangrep som forsterker behovet for en helhetlig tilnærming til nasjonal sikkerhet. I dagens cyberlandskap har nasjonal sikkerhet i stor grad blitt ... -
Threat mitigation and national security: A mixed methods study of perceptions on cyber security information sharing among Norwegian organizations
Amundsen, Mikkel; Sunde, Fanny Chaba (Master thesis, 2022)Norske virksomheter blir i økende grad utsatt for målrettede cyberangrep som forsterker behovet for en helhetlig tilnærming til nasjonal sikkerhet. I dagens cyberlandskap har nasjonal sikkerhet i stor grad blitt ... -
Triage of PE-files through divide-and-conquer clustering
Bae, Sturla Høgdahl (Master thesis, 2020)Antallet nye, unike ondsinnede filer som oppdages hver dag øker stadig. Grunnen til at det oppdages så mange nye filer, er ikke at det lages så mange helt nye varianter av skadevare hver dag, men fordi små endringer blir ... -
Using NTFS cluster allocation behavior to find the location of user data
Karresand, Nils Martin Mikael; Axelsson, Stefan; Dyrkolbotn, Geir Olav (Journal article; Peer reviewed, 2019)Digital forensics is heavily affected by the large and increasing amount of data to be processed. To solve the problem there is ongoing research to find more efficient carving algorithms, use parallel processing in the ...