Browsing NTNU Open by Author "Dyrkolbotn, Geir Olav"
Now showing items 1-20 of 42
-
An Inquiry into the Nature and Causes of Misapprehension between the Server Room and Boardroom
Sagelvmo, Ulrik Andreas (Master thesis, 2023)I en æra med rask teknologisk utvikling, tar denne avhandlingen et kritisk blikk på de bakenforliggende årsakene til at feiltolkninger oppstår mellom toppledelsen og cybersikkerhet eksperter. Oppgaven fremhever behovet for ... -
Automated triage of samples for malware analysis
Thoresen, Halvor Mydske (Master thesis, 2017)As people continue to rely increasingly on information systems, the threat landscape will keep evolving. To combat and defeat new threats we need good cyber threat intelligence. Analysis of malicious software is a popular ... -
Chip chop — smashing the mobile phone secure chip for fun and digital forensics
Alendal, Gunnar; Axelsson, Stefan; Dyrkolbotn, Geir Olav (Peer reviewed; Journal article, 2021)Performing mobile phone acquisition today requires breaking—often hardware assisted—security. In recent years, Embedded Secure Element (eSE) hardware has been introduced in mobile phones, with a view towards increasing the ... -
Correlating High- and Low-Level Features: Increased Understanding of Malware Classification
Banin, Sergii; Dyrkolbotn, Geir Olav (Journal article; Peer reviewed, 2019)Malware brings constant threats to the services and facilities used by modern society. In order to perform and improve anti-malware defense, there is a need for methods that are capable of malware categorization. As malware ... -
Creating a map of user data in NTFS to improve file carving
Karresand, Nils Martin Mikael; Warnqvist, Asalena; Lindahl, David; Axelsson, Stefan; Dyrkolbotn, Geir Olav (Journal article; Peer reviewed, 2019)Digital forensics and, especially, file carving are burdened by the large amounts of data that need to be processed. Attempts to solve this problem include efficient carving algorithms, parallel processing in the cloud and ... -
Cyber Security in the Cellular Internet of Things
Hyndøy, Henrik (Master thesis, 2022)Med inntoget av mobilteknologier som 4G og 5G har telekommunikasjonsnettverk blitt et attraktivt operatøralternativ for Internet of Things (IoT). Nettene tilbyr sikkerhet implementert av mobiloperatørene, en distribuert ... -
Detecting packed and encrypted malware samples using STAtic Malware-as-Image Network Analysis (STAMINA)
Jønsson, Robin Berg (Master thesis, 2021)Vi ser daglig over 350,000 [1] skadevarer eller såkalte potensielt uønskede applikasjoner. Omfanget er så stort at det ikke er mulig for analytikere å prosessere og analysere alle disse filene. I tillegg så har vi flere ... -
Detecting PowerShell obfuscation using machine learning
Authen, Mats (Master thesis, 2021)PowerShell har blitt veldig populært blant angripere. Grunnen er at PowerShell gir muligheten til å "leve av landet" i et kompromittert system, og enkelheten ved å utføre såkalte filløse angrep, ved å holde skadelige ... -
Detection of Previously Unseen Malware using Memory Access Patterns Recorded Before the Entry Point
Banin, Sergii; Dyrkolbotn, Geir Olav (Chapter, 2021)Recently it has been shown, that it is possible to detect malware based on the memory access patterns produced before executions reaches its Entry Point. In this paper, we investigate the usefulness of memory access patterns ... -
Detection of Running Malware Before it Becomes Malicious
Banin, Sergii; Dyrkolbotn, Geir Olav (Peer reviewed; Journal article, 2020)As more vulnerabilities are being discovered every year [17], malware constantly evolves forcing improvements and updates of security and malware detection mechanisms. Malware is used directly on the attacked systems, thus ... -
Development of a customized remote access trojan (RAT) for educational purposes within the field of malware analysis
Johansen, Marie Brettingen (Master thesis, 2022)Hver dag blir oppdages og registreres store mengder ondsinnet programvare i forskjellige databaser hos forskjellige institutter, selskaper og leverandører. Tallet på eksisterende skadevare har økt drastisk for hvert år som ... -
Digital Forensic Acquisition Kill Chain – Analysis and Demonstration
Alendal, Gunnar; Dyrkolbotn, Geir Olav; Axelsson, Stefan (Journal article; Peer reviewed, 2021)The increasing complexity and security of consumer products pose major challenges to digital forensics. Gaining access to encrypted user data without user credentials is a very difficult task. Such situations may require ... -
Digital Forensic Acquisition of mobile phones in the Era of Mandatory Security: Offensive Techniques, Security Vulnerabilities and Exploitation
Alendal, Gunnar (Doctoral theses at NTNU;2022:94, Doctoral thesis, 2022)The increased use of consumer electronics like computers, mobile phones, smart watches, external hard drives, etc. has made digital forensics more important for law enforcement. Consumer products now contain more information ... -
Digital Forensic Usage of the Inherent Structures in NTFS
Karresand, Nils Martin Mikael (Doctoral theses at NTNU;2023:171, Doctoral thesis, 2023)Digital forensic investigators have for a long time been burdened by an increasing amount of data to handle. Many solutions have been proposed. A yet unexplored feature is to use the inherent structures left by the allocation ... -
Disk Cluster Allocation Behavior in Windows and NTFS
Karresand, Nils Martin Mikael; Axelsson, Stefan; Dyrkolbotn, Geir Olav (Journal article; Peer reviewed, 2019)The allocation algorithm of a file system has a huge impact on almost all aspects of digital forensics, because it determines where data is placed on storage media. Yet there is only basic information available on the ... -
An Empirical Study of the NTFS Cluster Allocation Behavior Over Time
Karresand, Nils Martin Mikael; Dyrkolbotn, Geir Olav; Axelsson, Stefan (Peer reviewed; Journal article, 2020)The amount of data to be handled in digital forensic investigations is continuously increasing, while the tools and processes used are not developed accordingly. This especially affects the digital forensic subfield of ... -
Exploiting Vendor-Defined Messages in the USB Power Delivery Protocol
Alendal, Gunnar; Axelsson, Stefan; Dyrkolbotn, Geir Olav (Journal article; Peer reviewed, 2019)The USB Power Delivery protocol enables USB-connected devices to negotiate power delivery and exchange data over a single connection such as a USB Type-C cable. The protocol incorporates standard commands;however, it also ... -
Exploring the PE header and the Rich header for effective Malware Classification and Triage
Forfot, Alexander Daniel (Master thesis, 2021)Bruken av kjørbare filer for å introdusere og legge til skadelig programvare i systemer har vært mye brukt av ondsinnede aktører siden internett først ble introdusert. Denne progresjonen har bare økt parallelt med den ... -
Exploring Trojanized Closed-Source Software Supply Chain Attacks Through Differential Malware Analysis
Refsnes, Magnus Walmsnæss (Master thesis, 2023)I de siste årene så har det vært en økning av angrep gjennom kompromittert forsyninskjede for programvare. SolarWinds angrepet i 2020 var et ondsinnet angrep som ble gjennomført av en avansert trussel aktør som hadde hold ... -
Finding Educationally Friendly Malware
Bjørkhaug, Aleksander (Master thesis, 2021)Denne rapporten er en masteroppgave som har mål om å undersøke hva utdanningsvennlig skadevare kan være, og hjelpe lærere med å finne dem. Vi ønsker å finne hva som identifiserer skadevaren som utdanningsvennlig, og lage ...