Geir Olav Dyrkolbotn defends PhD-thesis    

On Monday, 12th of December, Geir Olav Dyrkolbotn defended his doctoral thesis "Reverse Engineering Microprocessor Content Using Electromagnetic Radiation", after a successful trial lecture about anonymity in partially trusted networks. Geir Olav (third from right) is the second PhD candidate who finished the PhD track in information security here at Gjøvik University College.

Defense Geir Olav

Abstract of Ph.D.-dissertation:
Due to the continuing reduction in transistor size, microprocessor technology continues to shrink in size yet increase in power. This development has made possible devices such as smart phones and smart cards. As we become more and more dependent upon these devices and use them increasingly for sensitive information, protecting the device and the information they contain becomes ever more important. An increasing number of systems rely upon microprocessor devices (e.g. smart cards) for security related applications, however, it is well known that sensitive information can escape via side-channels such as power consumption and electromagnetic radiation.

This thesis is concerned with how electromagnetic radiation can be used to reverse engineer microprocessor content. Contributions were made that help build a more realistic model of the arsenal available to an adversary engaged in reverse engineering microprocessor content by the electromagnetic side-channel. An improved understanding of this arsenal can facilitate better risk assessment as well as defensive measures.

The contributions of this thesis include: (i) a new attack, wireless covert channel attack, that intentionally correlates secret information with the electromagnetic side-channel by means of a subversive code. The attack resembles wireless skimming and highlights the importance of life-cycle security measures, (ii) contribution towards better understanding of what and how much of the
available electromagnetic radiation is necessary to launch an attack. This includes a method for in-depth analysis of the electromagnetic side-channel, (iii) a new power model that, by considering layout dependent phenomena, offers better understanding of underlying phenomena. The new power model can improve side-channel exploitation capabilities and finally, (iv) as a consequence of
the new power model, a non-invasive method for reverse engineering physical properties based on electromagnetic radiation is proposed.

Accepted Grant from Leiv Eiriksson Mobility Programme 2012    

PhD student Hai Thanh Nguyen with supervision of Professor Katrin Franke and support of Dean Morten Irgens at NISLab recently received a grant from the Leiv Eiriksson Mobility Programme 2012 of The Research Council of Norway. Following this programme, Hai Thanh Nguyen will be working with Professor Manfred Warmuth at University California Santa Cruz, USA on several machine learning topics for security and forensic from 1-July-2012.

With launching the project, the Norwegian Information Security Laboratory (NISlab) at Gjøvik University College (GUC) in Norway and the Department of Computer Science at the University
of California at Santa Cruz (UCSC) in the US will establish a direct link and will further pursue a long-term collaboration in research, PhD supervision and teaching. The project will also enable
GUC to deepening its expertise and knowledge in computational intelligence for security and forensic applications.

24.11.2011     Knut Wold successfully defended his doctoral thesis    

On Thursday, 24th of November, Knut Wold defended his PhD thesis with the title: "Security Properties of a Class of True Random Number Generators in Programmable Logic" successfully. Beforehand he gave a trial lecture on "PUFs - physically unclonable functions", which the committee found to be acceptable. Knut (2nd from left) is the first PhD candidate successfully completing NISlab's own PhD track in information security.

Relief after the defense, committee members and Knut Wold (2nd from left)

Abstract of the Ph.D.-dissertation:
During the recent years the use of digital communication has increased due to usage of computers with Internet and cellular phones. In order to have a secure communication satisfying confidentiality, integrity and authenticity requirements the information is encrypted by using a cryptographic algorithm. Often this algorithm is public meaning that all the security depends on the used secret key generated by the key source or a true random number generator (TRNG) in a cryptographic system. The purpose of a TRNG is to generate a stream of bits where the next bit is independent of the previous bits and the outcome of the bit (logical zero or logical one) has equal probability to occur.
In this work, a functional and robust TRNG based on XOR of the sampled outputs of several equal length oscillator rings is proposed. The security properties of this TRNG are investigated by theoretical analysis, simulations of its operational behavior and by experiments performed on implementations of the TRNG in programmable logic such as a field programmable gate array (FPGA). The statistical properties of the generated TRNG bit sequences are so good that a post-processor is not needed in order to pass statistical test suites usually used for verifying the quality of randomness. The robustness of this TRNG is demonstrated by performing an attack manipulating the power supply voltage to the FPGA where this TRNG was uninfluenced while for two other reference designs the properties were altered during the attack.
A TRNG based on the proposed design was implemented in a real life cryptographic system with good results showing that this TRNG is practical, secure and robust.

01.11.2011     Colorlab presentation: 09.11.2011, 14.00-14.40, Room A-110    

Speaker: Xingbo Wang (Colorlab, GUC)
Title: Filter array for multispectral acquisition: Design of spectral filters, spatial arrangement, demosaicing, and application to biometrics

Abstract: Recent improvements in nanotechnologies permit the design of accurate spectral filters, at the level of a sub pixel, directly printed on a silicon layer. This new technology permits the design of multispectral imaging devices of reduced size and lower cost that enable a multispectral acquisition with a single shot at the cost of spatial resolution.
The purpose of this thesis is first to evaluate if and how SFA(Spectral Filter Array) based multispectral imaging devices could be used with the benefits to biometrics and security. A second aspect would be to propose and develop solutions based on SFA. The research work includes the investigation of the possibilities and the optimization of the combination of selected spectral filters, their number, their spatial arrangement and interpolation methods, considering different indicators mostly based on biometric applications.

Short bio: Having followed several career paths within research, media and engineering, Xingbo determined to resume his education, in relentless pursuit of knowledge about colour and imaging science. He started his PhD with the Colorlab soon after obtaining his MSc degree in Color in Informatics and Media Technology from an Erasmus Mundus master programme of the same name. An SMPTE member, he always has a passionate interest in the application of image acquisition to the realm of motion picture and television.

31.10.2011     Guest Presentation: 01.11.2011, 14.30-15.30, Room A-110    

Speaker: Kalman Graffi (University Paderborn, Germany)
Title: Secure Social Service Hosting in Peer-to-Peer Systems

Abstract: The phenomenon of online social networks reaches millions of users in the Internet nowadays. In these, users present themselves, their interests and their social links which they use to interact with other users. The talk elaborates on current challenges and approaches to implement online social networks based on a peer-to-peer platform. The talk motivates various security challenges in a peer-to-peer environment and presents LifeSocial, a p2p-based platform for online social networks. It provides the functionality of common online social networks in a totally distributed manner, while providing some secure functions.
LifeSocial is plugin-based, thus extensible in its functionality, providing secure communication and access-controlled storage as well as monitored quality of service, addressing the needs of both, users and system providers. The platform operates solely on the resources of the users, eliminating the concentration of crucial operational costs for one provider. The talk points out the potential of the p2p paradigm in the field of online social networks and discusses open security problems.

Short bio: Dr.-Ing. Kalman Graffi (University of Paderborn) is a Postdoctoral Researcher at the Theory of Distributed Systems group of the University of Paderborn. Until January 2011, Kalman was member of the research group "Peer-to-Peer Systems" at the Multimedia Communications Lab at the Technical University of Darmstadt, Germany. Kalman received a diploma degree both in mathematics and computer science from the University of Darmstadt, Germany, in 2006. From 2006 to 2010, he was a PhD student at the Multimedia Communications Lab. In 2010, Kalman finished his PhD on monitoring and management of peer-to-peer systems at the Technical University of Darmstadt "mit Auszeichnung" (summa cum laude). Findings from his research have been published in more than 20 refereed scholarly publications.
Kalman's research focus is on the quality and security of peer-to-peer systems, one of the main application areas are peer-to-peer based online social networks.

21.10.2011     Guest Presentation: 24.10.2011, 14.00-16.00, Room A-111    

Speaker: Shigefumi Yamada (Fujitsu, Japan)

Title: Guest presentation on palm vein, template aging, multimodal biometrics

Abstract: Fujitsu has developed the fingerprint authentication, the palm vein authentication and a biometric authentication server until now. I have worked on developing the fingerprint matching algorithm for the authentication server and local PC authentication, the biometric server scheme and the multimodal biometrics combining the palm vein and the fingerprints for about 10 years. In my presentation, I will explain our biometric products and techniques as follows:

 - Fujitsu's biometrics
 - Description of Palm vein authentication
 - Evaluation of Template aging (season variation) about fingerprint
 - Multimodal biometrics combining the palm vein and three fingerprints
 - etc.

01.10.2011     HiG team takes part in international competition, finishes 10th out of 78    

Friday night, November 30th to October 1st, 23 students from HiG formed a team to compete with 77 teams from all over the world in a contest in information security organized by the RWTH University Aachen (Germany). The goal of this "Capture the flag" competition in information security was to investigate and protect a computer system under time pressure and to exploit vulnerabilities in computer systems of the other teams. Every team started with an identically configured system and had less than one hour to prepare before it could be attacked by others. In addition, several challenges needed to be solved to score extra points.

Competition was tight. Out of the more than 70 teams, half came from Europe, a quarter from the U.S.A., and another quarter from Russia and Asian countries. Most of the teams had experience from similar competitions and study at universities with high reputation. HiG's team was formed by students in software security (3rd year bachelor in information security) and students attending ethical hacking and penetration testing (2nd year master in information security). Students applied the knowledge gained in their study programs and organized themselves into specialized groups focusing on attack, defence, system administration, and coordination. Competition started at five o'clock Friday afternoon end ended four o'clock Saturday morning.

This first time participation concluded with 10th place based on the score for challenges solved (scoreboard), offensive and defensive actions. At ten o'clock, we even were 4th of all teams.

Students considered the activity to be fun and a rich learning experience, and recommended to repeat the exercise next year. We have to think back a long time to remember when we had seen so many students working hard on a Friday night.

19.05.2011     Distinct Forensic Lecture: 20.05.2011, 10-14.00, Room A113    

10:00 - 12:00 -- Mobil / device forensics -- Ketil Froyn and Olav Tolo, Kripos

12:00 - 14:00 -- Cyber crime / law (Lov og Rett i Cyberspace) -- Inger Marie Sunde, PhD, Førstestatsadvokat

Short bios:
Inger Marie Sunde is a State Prosecutor (Førstestatsadvokat) with the Norwegian Police and an Associate Professor with the Norwegian Police Academy, and she has a long career in the area of Cyber Crime investigation and prosecution. She holds a Norwegian Law degree, and a Master in Laws from Harvard University. She was instrumental in establishing the Norwegian National Computer Crime Laboratory in Økokrim in 2003, has prosecuted several high profile computer crime cases, published the book "Lov og Rett i Cyberspace", and she earned a Ph.D. degree in the topic at the University of Oslo in 2010.

Ketil Froyn and Olav Tolo are experienced special investigators in the area of digital forensics at the High Tech Crime Unit in Kripos.

11.05.2011     Scientific Presentation: 18.05.2011, 09.00, Room "Ørneredet"    

Speaker: Siv Hilde Houmb

Title: Using Real Open Thinking to Improve Decision Making in Security Investment

Making well-founded security investment decisions is hard: several alternatives may need to be considered, the alternatives’ space is often diffuse, and many decision parameters that are traded-off are uncertain or incomplete. The talk will present and demonstrate a method that supports decision makers in the process of making well-founded and balanced security investment decisions. The method has two fundamental ingredients, staging and learning, that fit into a continuous decision cycle. Furthermore, the method takes advantage of Real Options thinking, not only to select a decision option, but also to compound it with other options in following decision iterations, after reflection on the decision alternatives previously implemented. Additionally, the method is supported by the SecInvest tool for trade-off analysis that considers decision parameters, including cost, risks, context (such as time-to-market and B2B trust), and expected benefits when evaluating the various decision alternatives. The output of the tool, a fitness score for each decision alternative, allows to compare the evaluations of the decision makers involved as well as to include learning and consequent adjustments of decision parameters. The method will be demonstrated using a three decision alternatives example.
Short bio:
Dr. Siv Hilde Houmb is the director and senior advisor of Secure-NOK AS, a small consultancy company specializing in IT security investments. She focus on balancing security with costs and other business, project and company specific constraints, including law and regulations. She is a risk analyst and has worked on various security related topics since the last 15 years, including identity management, cryptography (including key management), virus and spam protection and economic aspects of security.
Dr. Houmb holds a PhD in Security (Computer Science) from Norwegian University of Science and Technology (NTNU), Norway, awarded 30 November 2007. She has her background from Telecoms with 11 years as a security and computer specialist at Telenor ASA, Norway, and various specialist task force (STF) projects at the European Telecommunication Standards Institute (ETSI). She has also worked as a guest researcher on topics related to security risk management and security trade-off analysis at Colorado State University (US) and as a post doc at the University of Twente (the Netherlands) on balancing security in extended enterprises.

12.04.2011     Scientific Presentation: 12.04.2011, 10.00, Room "Ørneredet"    

Speaker: Stewart Kowalski

Title: Modeling the Attacker

Abstract: IS/IT systems around the world are being attacked by both external and internal attackers. Organizations in the public and private sectors are investing more capital and operational resources to deal with these attacks. However without an adequate model of the attackers it is difficult to measure how effective and efficient the use of these resources will be in the long run. It can be that the IS/IT security measures that are being implemented only turn the current situation into a never ending cat and mouse game where the mouse always finds new ways to keep the cat busy. In this lecture Stewart Kowalski presents his past and current research in modeling the attackers of IS/IT systems using a socio-technical engineering approach.

 Short bio:
Stewart Kowalski received his Ph D. from the Royal Institute of Technology, Stockholm, Sweden in 1994. He has over 25 years of experience with security issues in computer and telecommunication systems. He has both extensive industrial and academic experience. He has worked for a number of major telecommunication players including Ericsson, Huawei, TeliaSonera, HP, and Digital. He has published over 50 papers in the information security area and has taught IT security and information security courses at technical institutions, universities, and business schools. The major focus of his research is applied socio-technical analysis to security in ICT systems. He is currently an associate professor at the Department of Computer and Systems Sciences at Stockholm University.

11.04.2011     Scientific Presentation: 11.04.2011, 10.30, Room "Ørneredet"    

Speaker: Wolfgang Boehmer

Title: Information Security Management Systems Cybernetics

Abstract: With the widespread dissemination of information technology in enterprises and households in the mid-90’s, discussions began on how to manage it. Meanwhile, in the area of enterprise security management systems worldwide, enforced use of the Deming cycle initially worked against the implementation of policies. Standard management systems include ISMS (Information Security Management System) as specified in ISO/IEC 27001:2005, BCM (Business Continuity Management System) as specified in BS 25999:2008, and ITSM (Information Technology Service Management System) as specified in ISO/IEC 20000:2005. In contrast to policies, these best-practice management systems continue to operate today with no formal method. Management systems have, however, some advantages, which policies do not have (e.g. a feedback loop). Furthermore, we present a field study, cited here, which highlights the advantages of management systems in practice.
Moreover, this presentation shows how a formal description of an information security management system can be created by means of discrete-event systems theory and how an target function for management systems can be defined.
Nevertheless in developing individual security concepts, risk based information security management systems (ISMS) according to ISO 27001 have established themselves in addition to policies in the field of IT infrastructures. Particularly in the field of critical infrastructures, however, it has been shown that despite functioning security concepts, the stuxnet virus was able to spread through industrial systems (infection). Nevertheless – the existing security policies and management systems are not useless, but rarely take effect in behavioral risk. In this presentation, we demonstrate the trust/Investor game of the Game Theory in order to improve IT security concepts. In this case we study one game in a multi-layer game to analyzing the infection path of the stuxnet virus as an example.

 Short bio:
Dr. rer. nat. Wolfgang BOEHMER was a Ph.D. Student of the Max-Planck-Institute and he hold an Ph.D. in a applied physics from the University of Hamburg (Germany). Now he works as a research scientist and lecturer in Information Security, Computer Science Department, Security Engineering Group from the Technische Universitaet Darmstadt (Germany). His research interests focus on security management systems, control systems, risk analysis, applied Game Theory in the field of security in large and small enterprises, business continuity management systems (BCMS) and mobile networks. Furthermore he has more than 20 years experience as a consultant in different branches.

22.03.2011     Scientific Presentation: 28.03.2011, 10.00, Room "Ørneredet"    

Speaker: Lothar Fritsch

Title: Management of Privacy Risks in Information Systems

Abstract: The lecture will introduce the concept of information privacy management. Following an introduction of Privacy-enhancing technologies (PETs) and their assumptions and market failures, Lothar Fritsch will present the components of privacy management from the system owner's perspective - as an IT management issue. The lecture will present an overview over information privacy management methods, followed by a discussion of the challenges in operationalization of privacy risk, and the major issues in deployment of treatment measures. The lecture provides insights in the low uptake of PETs, and explains the difficulties in handling information privacy for organizations.

 Short bio:
Lothar Fritsch is a research scientist at the Norwegian Computing Centre (Norsk Regnesentral, NR). More information can be found on

22.03.2011     Scientific Presentation: 24.03.2011, 10.00, Room "Ørneredet"    

Speaker: Finn Olav Sveen

Title: The Dynamics of Incident Reporting Systems

Abstract: Modern information systems are complex socio-technical systems. The complexity itself creates openings for human error to occur during design and use of these systems. Additionally, various intentionally malicious actors threaten the systems themselves and the benefits we derive from them. Since it is inherently difficult, if not impossible, to design watertight security systems at design time, it is necessary to implement routines for incident reporting and handling. Not all incidents can be detected automatically by technical systems. Consequently the human factor plays a major role. Research on information security incident reporting systems is scarce. This presentation will compare two existing studies on two different such systems, and also compare the findings to industrial safety reporting systems. The two information security reporting systems differ in size of constituency and mission. One operates at a high coordinating level with hundreds of organizations and thousands of users, while the other is an internal team in a medium sized business. The presentation will show the differences and similarities of these systems.

 Short bio:
Finn Olav Sveen has a bachelor’s degree in computer science from Buskerud University College, a Master of Science in industrial and information management from University of Agder, and a PhD from University of Navarra, Spain. He is primarily interested in the management aspects of information security with focus on human factors such as user awareness. He is currently adjunct associate professor at Gjøvik University College where he teaches incident response and security planning.

22.02.2011     Distinct Forensic Lecture: 25.02.2011, 10.00, Room A226    

Speaker: Professor Petter Gottschalk (Handelshøyskolen BI, Oslo)

Title: White-collar crime and Knowledge management in policing financial crime

Abstract: His talk on White-collar crime is in the challenging intersection of economics and finance, forensics and legal aspects as well as knowledge discovery and management. The presentation will have two parts: 1. Financial crime in general and white-collar crime in particular 2. Knowledge management in policing financial crime.

Please send a short note to if you are planning to be present.

 Short bio:
2000 Professor of Management, Norwegian School of Management (BI)
1994 CEO and President, Norwegian Computing Center (NR)
1988 CEO and President, ABB Datacables
1984 CIO, ABB Norway
1982 Systems Manager, ITT Norway
1980 Researcher, Resource Policy Group
1975 Researcher, Norwegian Paper Institute
1998 Doctor of Business Administration (DBA), Brunel University, UK
1980 Master of Science (MSc), Dartmouth College and MIT, USA
1975 Master of Business Administration (MBA), Technical University of > Berlin, Germany

20.02.2011     Norwegian Biometrics Laboratory presentation: 22.02.2011, 13.45-15.15, Room A126    

Speaker: Prof. Christophe Rosenberger

Title: Overview on keystroke dynamics research activities at the GREYC lab – France

Abstract: The presentation by Prof. Rosenberger will focus on biometric keystroke dynamics research done at the GREYC laboratory and will be preceded by a presentation by Ass. Prof. Patrick Bours from the Norwegian Information Security Laboratory introducing the topic.

13:45-14:15 “Introduction into Biometric Keystroke Dynamics” by Ass.Prof. Bours

14:15-15:15 “Overview on keystroke dynamics research activities at the GREYC lab – France” by Prof. Rosenberger

Both presentations will take place in room A126 in the A-building at Gjøvik University College. Attending the presentations is free but registration by email to is appreciated.

 Short bio: Prof. Rosenberger is a full professor at ENSICAEN in France. He obtained his PhD from the University of Rennes I in 1999. Since 2007 he is a member of the GREYC Laboratory. He leads the “E-payment & Biometrics” research unit in this lab. His research interest are concerned with biometrics.

02.12.2010     Scientific seminar: 03.12.2010, 12.00-13.00, Room K113    

Speaker: Dr. Erik Hjelmås

Title: Virtual laboratories in practice

Abstract: In this talk our speaker will explain the setup of a server-based virtual laboratory used in two courses at IMT. The lab environment is flexible and built using a combination of open source virtualization management tools. The lab can be used for training in restricted environments and also for test/qa networks. Our Speaker will also discuss how to allow students to perform a limited set of commands with administrator privileges on a remote server by using ssh keys.

 Short bio: here

18.10.2010     IMT Friday Scientific Seminar: 05.11.2010, 12.00-13.00, Room K113    

Speaker: Aditya Sole

Title: Implementing ISO 12646 standards for soft proofing in a standardized printing workflow according to PSO
The paper defines one of the many ways to setup a soft proofing workstation comprising of a monitor display and viewing booth. Soft proofing requirements defined by ISO 12646 standards are explained. Method and procedure to perform ambient light measurements using X-rite EyeOne Pro spectrophotometer is proposed. Adobe Photoshop CS4 software is used to simulate the printer profile on to the monitor display in order to compare with a hardcopy, rendered with the printer profile, in the viewing booth.
Based on the method proposed a soft-proofing station is setup and evaluated against parameters defined in ISO 12646 standards. Only one monitor display (NEC SpectraView LCD2180WG LED) and viewing booth (JUST ColorCommunicator 2) are evaluated against the ISO 12646 standard parameters.
As part of further work of the paper, recently, two other displays (EIZO CG241W and Apple Cinema Display) are evaluated against the ISO 12646 standards for soft proofing. The displays were evaluated using the UDACT software (same was used to evaluate the NEC display in the paper). The EIZO display is measured using a TSR along with a spectrophotometer to compare the gamuts obtained of the EIZO monitor using two different measurement instruments. The EIZO display performs well and can be used as a monitor display at a soft-proofing workstation in a standardized printing workflow. The performance of Apple Cinema display is poor and is not suitable for soft proofing. The gamut of EIZO is similar to NEC and is capable of reproducing most of the colors from the ISO standard printing profile (ISO_Coated_v2_300_eci.icc) as per the ISO 12646 requirements.
Aditya completed his MSc in Digital Color Imaging from London College of Communication, University of the Arts, London, UK in 2006. After completing his Masters he did work in the Digital Print industry in the UK in 2007. Since 2008 he is working as a Laboratory Engineer at the Norwegian Color Research Laboratory, Gjøvik University College.

18.10.2010     Scientific seminar: 22.10.2010, 12.00-13.00, Room K113    

Speaker: Dr. Hanno Langweg

Title: Software quality: state of the industry - experiences from a medium-sized enterprise

Abstract: I am going to share some of my experience working in industry with a focus on software quality. In the real world resources are limited, and you have to work with the people and constraints that exist. First observation: a significant share of software development is maintenance, and revenue to spend on maintenance may be low, in effect restricting the level of quality. This should not stop you from getting better. Second observation: the highly skilled people you need for the most challenging work are those that are most difficult to integrate in a team. This should not stop you from getting better.

 Short bio: Hanno Langweg received his Diplom-Informatiker degree in computer science from University of Bonn in 2001, and his Dr. rer. nat. degree also from University of Bonn in 2008. He has been working with computer security since 1996 and was a PhD student with NISlab from 2003 to 2006. Taking a break from full-time academic research, he worked as a programmer, software architect, consultant, developer evangelist, and team lead with eQ-3 Entwicklung/ELV Elektronik for almost four years. He returned to NISlab in October 2010 to strengthen information security with respect to software development and operating systems.

08.10.2010     Receive International Attention    

Researchers at NISlab receive international attention with their article about user-authentication on mobile phones using biometric gait recognition.

The article «Unobrusive User-Authentication on Mobile Phones using Biometric Gait Recognition» is a paper coming from the PhD research by Mohammad Derawi (GuC) and Claudia Nickel (Hochschule Darmstadt), the article is written in cooperation with Patrick Bours and Christoph Busch at Gjøvik University College. Former test have used specialized equipment for the measurements, but now they have used an ordinary mobile phone for the first time.

-This is a first and important step to making an app on your phone that can recognize your walking and will lock the phone when it is stolen and detects a different way of walking, says Associate Professor Patrick Bours at NISlab.

Read the article «Unobrusive User-Authentication on Mobile Phones using Biometric Gait Recognition»

The article has been picked up by media all over the world:

 Technology Review
 UMBC ebiquity

22.09.2010     Scientific seminar: 24.09.2010, 12.00-13.00, Room K113    

Speaker: PhD student Mark Seeger

Title: Intrusion Prevention and Malware Detection – Using Tightly Coupled Coprocessors for Host Security

Abstract: This talk will start with a motivation, answering the question "What kind of coprocessors are used and what benefits do they have?". First benchmark results of practical tests are also presented, as well as a short introduction to the ongoing research in this field.

 Short bio of Mark Seeger: Mark M. Seeger started his scientific career in 2003 at the University of Applied Sciences Darmstadt (h da, Germany), where he studied computer science. During his bachelor studies, he became ITIL-certified (Foundation Certificate in IT Service Management) and spent two semesters abroad in Singapore where he worked as an application engineer for T-Systems Singapore. He also received an award for his outstanding social commitment.
 After his graduation in 2007 (B.Sc.), he consecutively started his Master studies. During this time, he worked part-time as a student assistant and later as a laboratory engineer at his university. In parallel to this, he did a three month internship with IBM in Frankfurt and also started as a freelancer at the Institute of Applied Sciences Darmstadt (aiDa, Germany).
 After receiving his M.Sc. in 2009, he started his Ph.D. at the Center for Advanced Security Research Darmstadt (CASED, Germany) and the Gjøvik University College (GUC, Norway) right away. He belongs to the department of secure services at CASED and to the Norwegian Information Security Laboratory (NISlab at the GUC and works on modern methods for intrusion prevention and malware detection. In this broad field, he focuses on host intrusion detection performed by off-host devices (i.e. coprocessors) such as the graphics processing unit (GPU).

16.09.2010     Opening Ceremony: New Digital Forensics Research Laboratory at GUC (September 20th, 13:30-17:00, Room K113)    
  The Digital Forensics Research Laboratory at GUC will be formally opened by Minister of Government Administration, Reform and Church Affairs, Rigmor Aasrud, on Monday. In connection with the formal opening of the focus laboratory and the establishment of the first master track in digital forensics in Norway, there will be a small seminar with representatives from the National Criminal Investigation Service (KRIPOS), the Police's Data and Material Service, Norwegian Defence Communication and Information Center, the Norwegian Police University College, Norsis and similar organizations. Please see the attached document for the program. You are welcome to attend the seminar and the opening, but you will need to inform Kari about your intended participation, send her an email at (kari.lauritzen @ The new laboratory will be located in the A-building in the University College (A113). The program of the ceremony can be downloaded here: Program Opening Ceremony Forensics Lab 
04.09.2010   PhD student workshop meeting in Bergen (September 1st-3rd 2010)      

The NISNet resource network project was funding a workshop meeting for PhD students in Norway working on IT-security. From September 1st until 3rd the students were hosted by the University of Bergen to present their state-of-the-art research, discuss pressing and unsolved problems, expand their personal networks and enjoy the beautiful city of Bergen. The industry side was represented by Thales Norge, the largest number of participants was in fact coming from NISLab.

NISNet Bergen meeting 

25.06.2010   NISlab wins Oppland Research and Development prize 2010      
   Norwegian Information Security Laboratory (NISLab) at Gjøvik University College was awarded Oppland's Research and Development prize under the Mjøs conference on Friday 25/6/2010. "This is absolutely fantastic, and a feather in the cap for the researchers in the laboratory," said the head of the laboratory, Patrick Bours.
 It's a feather in the cap for Gjøvik University College has invested targeted and strategic to be a pro-active and research-intensive institution, emphasizes Bours. The result also shows because Gjøvik University College had the largest increase in research based funding in 2009 among the state colleges in Norway.
 Patrick Bours took with him his whole family from the Netherlands in 2005 to begin at the Norwegian Information Security Lab, and he has not regretted for a day. -The environment in the laboratory is fantastic, with research of international standard, and Gjøvik area is a great place to stay for a family with young children.
 -This prize is a concrete result of the long-term strategy and commitment attached to the Project Inland University, emphasizes the dean of the Faculty of Informatics and Media Technology, Morten Irgens.
 Irgens adds that while the college is building its international research expertise, it looks at itself increasingly as an important instrument for value creation in Norway and in the Innland region. -Sustainable value creation, whether it is through innovation in existing organizations or bold entrepreneurship, is one of the major social challenges. We are a partner in meeting this challenge, emphasizes Irgens.
 According to the prize statutes have the recipients of R&D award conducted research and development in scientific, educational or artistic areas that maintain high academic goals in a domestic and / or international context. The award will be based on the merits, and is a reward for activities that have contributed to promoting the institution's role and reputation, and encourage continued effort.
 The citation reads in part that NISlab has established itself within a few years as a strong, productive and highlighted research environment that sets Oppland on the map both nationally and internationally. County spokesman Audun Tron was not in doubt: "This is a very well deserved recognition of the academic environment at NISLab. During the last few years NISlab linked some of the best researchers in information security to itself and the academic environment grows and evolves constantly.
15.06.2010   PhD Trial Presentation: June 24th 2010, 10.00-11.00, K109      

Speaker: PhD student Kirsi Marjaana Helkala

Title : Authentication in Health Services

 Abstract : This thesis contributes by offering new knowledge on the topic of authentication in health services. The overall goal of the research has been to learn how authentication is done in health services, to point out possible places for improvements, and to develop new authentication mechanisms or enhance existing ones in such a way that they become more secure and user friendly. However, replacing an old authentication mechanism with a new one is not an easy task. A key question in this context is how we know that the new method really is better than the old one?
 Different properties of different authentication alternatives make a selection of authentication products difficult. Often, selection of a product is done among similar types of authentication products and is based only on cost or security of the product. However, there are other issues that should be taken into account e.g. strict hygiene standards and actual user group and user environment. This thesis presents a novel method for authentication product ranking within an extensive variety of authentication products (passwords, biometrics, and tokens).
 In order to develop the ranking method, the knowledge of authentication methods in a wide range of applications had to be gathered. Therefore, three additional research questions were approached: To what extent are the assumptions on the use of and need for authentication in the health sector valid, is it possible to rank and strengthen methodologies for user generated passwords, and is it possible to identify biometric methods particularly suitable for the health service environment?

14.06.2010   Scientific seminar: June 18th 2010, 09.00-10.00, K109      

Speaker: PhD student Lisa Rajbhandari

Title : Privacy Risk Analysis

Abstract : Every individual has a right to privacy of their personal information. Today, with the advancement of information technology, there is a growing risk to privacy as the identity information is being used widely. The purpose of our research is to identify and understand the risks encountered in privacy context using game theory.

07.05.2010   Scientific seminar: May 7th 2010, 11.00-12.00, A128      

Speaker: PhD student Knut Wold

Title : Demonstration of power analysis attack against smart card

Abstract : Smart cards are today used in many applications where the security of the cards is of crucial importance. Power analysis attacks is a method of revealing the secret information (typically an encryption key) from the smart card by using the fact that the dynamic power consumption of a CMOS device depends on the data being processed. By measuring several traces of a signal proportional to the power consumption of the smart card and with some knowledge of the encryption algorithm, a statistical approach can be used to find the encryption key. In this demonstration a differential power attack (DPA) against a smart card is performed and the secret key used in the encryption is determined.

23.04.2010   Scientific seminar: April 23rd 2010, 14.00-15.00, K113      

Speaker: MSc student Štěpán Mráček

Title : Biometric Recognition of 3D Faces

Abstract : Face recognition is one of the most used biometric modalities. In everyday life we recognize other people by their faces. The detection of anatomical features like nose, eyes, and mouth position within the face does not pose any difficulties for humans. Furthermore, we can recognize faces from various angles, even if face expressions are present or a part of the face is covered. In this presentation, an automatic modular 3D face recognition pipeline will be described. The algorithm is developed, tested and evaluated on the Face Recognition Grand Challenge (FRGC) database. During the preprocessing part, facial landmarks are located on the face surface and the three dimensional model is aligned to a predefined position. In the comparison module, the input probe scan is compared to the gallery template. There are three fundamental face recognition algorithms employed during the recognition pipeline -- the eigenface method (PCA), the recognition using histogram-based features, and the recognition based on the anatomical features of the face. Finally the decision module fuses the scores provided by the utilized recognition techniques.

09.04.2010   Scientific seminar: April 09th 2010, 11.00-12.00, K113      

Speaker: PhD Bian Yang

Title : Biometric Template Protection: State of Arts Algorithms and Standardisation

 Abstract : Biometrics based applications are widely developed and deployed nowadays. Because of the "uniqueness", biometrics seems to provide a good means to identification and verification for human beings. However, this "uniqueness" can cause severe security and privacy concerns if the biometric templates are not properly protected during storage and transmission. Standard encryption (DES, AES, etc) can be an option to encrypt biometric templates but in many cases it is insufficient because the encrypted template needs decryption to invert to its plain-text for comparison. This is insecure in some applications as full access to samples or unprotected biometric features is given to the potentially untrusted entity that conducts the comparison. Template protection addresses this problem by designing new encryption mechanisms which are required to be irreversible and unlinkable, while providing desirable biometric performance for the applications.
 This presentation will give an overview of the state of art algorithms (including algorithms from the TURBINE partners and the GUC group) proposed in recent years for template protection and our standardisation work on this topic in ISO/IEC JTC1 SC27 24745.

26.03.2010   Scientific seminar: March 26th 2010, 13.00-14.00, K113      

Speaker: PhD student Mark Seeger

Title : Observation Mechanism and Cost Model for Tightly Coupled Asymmetric Concurrency

Abstract : Whilst the precise objectives and mechanisms used by malicious code will vary widely and may involve wholly unknown techniques to achieve their respective objectives, certain second-order operations such as privilege escalation or concealment of the code's presence or activity are predictable. In particular, concealment mechanisms must modify well-known data structures, which could be detected trivially otherwise. We argue that any such mechanism is necessarily non-atomic and can hence be detected through concurrent observations forcing an interleaved linearization of the malicious code with observations of memory state changes induced in tightly coupled concurrent processing units. Extending previous research for the case of symmetric concurrent observation, we propose a computational model and observation mechanism for the case of tightly coupled asymmetric concurrent processing units as may be found in most current computing environments with particular emphasis on metrics for the cost of forced synchronization and resource contention caused by observations. We argue that the resulting observations will provide a novel sensor datum for intrusion detection but may also be used as a standalone probabilistic detection mechanism particularly suited to detect attacks in progress.

17.03.2010   NISlab partner in EU-project "BEST"      

 The Biometrics European STakeholders (BEST) Network project was started in December 2009 with the participation of NISlab. It is a European Commission ICT Policy Support Programme centred on a European Thematic Network on Trusted information infrastructures and biometric technologies.

Read more >> 

12.03.2010   Scientific seminar: March 12th 2010, 11.00-12.00, A110      

Speaker: PhD student Takashi Watanabe

 Title : Introduction to Side-channel Attacks
 (Security Problems caused by Hardware Implementation)

Abstract : Modern cryptographic algorithms have been developed under the assumption that any information other than the secret key become available to an attacker. However, the information from an actual hardware implementation such as execution time and power consumption were not considered in this context. (These hardware implementation oriented information are called "Side-channel Information", and an attack that use them is called "Side-channel Attack".) As a result, the side-channel information leakage became a weak link of real security systems such as Pay TV. Development of countermeasure is still ongoing today (see the CHES workshops [1]). In this presentation, I will present an overview of the side-channel attacks and introduce what we have done in our recent work.

 [1] Workshop on Cryptographic Hardware and Embedded Systems

10.03.2010   Master Thesis Presentation: March 10th 2010, 13.00-13.45, K109      

Speaker: MSc student Martin Olsen

 Title : Vein Pattern Recognition
 (A Rotation, Translation and Scale Invariant Approach)

Abstract : Finger vein pattern recognition is a biometric modality that uses features found in the blood vessel structure of the fingers. The low contrast between veins and tissue is enhanced using algorithms that operate on a per pixel level and consider the local neighborhood intensity resulting in an image from which the vein structure can be extracted using segmentation. A spectral feature descriptor which is invariant to translation, rotation and scale is applied and used by the comparison subsystem. The methods applied are compared to a previously proposed system for back of hand vein pattern recognition. The experimental results obtained show similar performance between the methods proposed here and the reference system on the same dataset. At the same time sensor image quality and contrast enhancement methods are critical in order to achieve high performance.

24.04.2009   Guest lectur by Prof.Dr. B. Hämmerli    
  Prof. Hämmerli will give a presentation (Information Security Management: Trens in Industry and Research) in Ørneredet at 13.00.
3.10.2008  Rosing award  

The information security students and faculty have been nominated for the Rosing award. The award is given on 17th of November.

Read more on the HiG site.

27.6.2008  PhD defence by Davrondzhon Gafurov  
  On June 27th 2008, at 13.15, Davrondzhon Gafurov , defended his thesis entitled "Performance and Security Analysis of Gait-based User Authentication  . "      The defence took place at Lille auditorium, Informatikkbygningen, Gaustad.
17.6.2008  PhD defence by Nils Kalstad Svendsen  
  On June 17th 2008, at 13.15, Nils Kalstad Svendsen, defended his thesis entitled "Interdependencies in Critical Infrastructures: A Qualitative Approach  to Model Physical, Logical, and Geographical Interdependencies ."    The defence took place at UniK, Kjeller.
17.6.2008  Godkjent doktorgard  
  Les mer: 
25.2.2008  PhD defence by Hanno Langweg  
  On February 25th 2008 at 14:30, Hanno Langweg, defended his thesis entitled "Software Security Metrics for Malware Resilience."  The defence took place at Institute for Informatics III, in Bonn, Germany.
7.11.2007  PhD defence by Lasse Øverlier  
  On November 7th 2007 at 13:15, Lasse Øverlier, defended his thesis entitled  "Anonymity, privacy and hidden services: Improving censorship-resistant publishing."    The defence took place at UniK, Kjeller.
27.08.2007  Sjefsredaktør for anerkjent tidsskrift  
  Les mer: 
15.06.2007  Høgskolestyret sier ja til ny doktorgrad!  
  Les mer: