Publications
- Risto Vaarandi and Sten Mäses.
How to Build a SOC on a Budget.
Proceedings of the 2022 IEEE International Conference on
Cyber Security and Resilience, pp. 171-177, 2022
- Risto Vaarandi.
A Stream Clustering Algorithm for Classifying
Network IDS Alerts.
Proceedings of the 2021 IEEE International Conference on
Cyber Security and Resilience, pp. 14-19, 2021
- Risto Vaarandi and Mauno Pihelgas.
NetFlow Based Framework for Identifying Anomalous
End User Nodes.
Proceedings of the 2020 International Conference on Cyber
Warfare and Security, pp. 448-456, 2020
- Emin Caliskan and Risto Vaarandi.
Career Development in Cyber Security: Bootcamp
Training Programs.
Proceedings of the 2020 International Conference on Cyber
Warfare and Security, pp. 503-511, 2020
- Emin Caliskan, Risto Vaarandi and Birgy Lorenz.
Improving Learning Efficiency and Evaluation Fairness for
Cyber Security Courses: A Case Study.
Proceedings of the 2019 Computing Conference, Vol. 2,
AISC Vol. 998, Springer, pp. 622-638, 2019
- Bernhards Blumbergs, Rain Ottis and Risto Vaarandi.
Crossed Swords: A Cyber Red Team Oriented Technical Exercise.
Proceedings of the 2019 European Conference on
Cyber Warfare and Security, pp. 37-44, 2019
- Risto Vaarandi, Bernhards Blumbergs and Markus Kont.
An Unsupervised Framework for Detecting Anomalous Messages
from Syslog Log Files.
Proceedings of the 2018 IEEE/IFIP Network Operations and
Management Symposium, pp. 1-6, 2018
- Chen Zhuge and Risto Vaarandi.
Efficient Event Log Mining with LogClusterC.
Proceedings of the 2017 IEEE International Conference on
Big Data Security on Cloud, pp. 261-266, 2017
- Bernhards Blumbergs and Risto Vaarandi.
Bbuzz: A Bit-aware Fuzzing Framework for Network Protocol
Systematic Reverse Engineering and Analysis.
Proceedings of the 2017 IEEE MILCOM Conference, pp. 707-712, 2017
- Emin Caliskan, Unal Tatar, Hayretdin Bahsi, Rain Ottis
and Risto Vaarandi.
Capability Detection and Evaluation Metrics for Cyber
Security Lab Exercises.
Proceedings of the 2017 International Conference on
Cyber Warfare and Security, pp. 407-414, 2017
- Risto Vaarandi, Markus Kont and Mauno Pihelgas.
Event Log Analysis with the LogCluster Tool.
Proceedings of the 2016 IEEE MILCOM Conference, pp. 982-987, 2016
- Bernhards Blumbergs, Mauno Pihelgas, Markus Kont, Olaf Maennel
and Risto Vaarandi.
Creating and Detecting IPv6 Transition Mechanism-Based Information
Exfiltration Covert Channels.
Proceedings of the 2016 Nordic Conference on Secure IT Systems,
LNCS Vol. 10014,
© Springer, pp. 85-100, 2016,
DOI:
10.1007/978-3-319-47560-8_6
(extended version of the paper)
- Risto Vaarandi and Mauno Pihelgas.
LogCluster - A Data Clustering and Pattern Mining Algorithm
for Event Logs.
Proceedings of the 2015 International Conference on Network and Service
Management, pp. 1-7, 2015
- Risto Vaarandi, Bernhards Blumbergs and Emin Caliskan.
Simple Event Correlator - Best Practices for Creating Scalable
Configurations.
Proceedings of the 2015 IEEE CogSIMA Conference, pp. 96-100, 2015
- Risto Vaarandi and Mauno Pihelgas.
Using Security Logs for Collecting and Reporting
Technical Security Metrics.
Proceedings of the 2014 IEEE MILCOM Conference, pp. 294-299, 2014
- Risto Vaarandi and Pawel Nizinski.
Comparative Analysis of Open-Source Log Management Solutions
for Security Monitoring and Network Forensics.
Proceedings of the 2013 European Conference on Information
Warfare and Security, pp. 278-287, 2013
- Risto Vaarandi.
Detecting Anomalous Network Traffic in Organizational Private
Networks.
Proceedings of the 2013 IEEE CogSIMA Conference, pp. 285-292, 2013
- Risto Vaarandi and Michael R. Grimaila.
Security Event Processing with Simple Event Correlator.
Information Systems Security Association (ISSA) Journal 10(8),
pp. 30-37, 2012
- Risto Vaarandi.
Methods for Detecting Important Events and Knowledge
from Data Security Logs.
Proceedings of the 2011 European Conference on Information
Warfare and Security, pp. 261-267, 2011
- Risto Vaarandi and Karlis Podins.
Network IDS Alert Classification with Frequent Itemset Mining and
Data Clustering.
Proceedings of the 2010 International Conference on Network and Service
Management, pp. 451-456, 2010
- Risto Vaarandi.
Real-time Classification of IDS Alerts with Data Mining Techniques.
Proceedings of the 2009 IEEE MILCOM Conference, pp. 1786-1792, 2009
- Risto Vaarandi.
Mining Event Logs with SLCT and LogHound.
Proceedings of the 2008 IEEE/IFIP Network Operations and Management
Symposium, pp. 1071-1074, 2008
- Risto Vaarandi.
Simple Event Correlator for real-time security log monitoring.
Hakin9 Magazine 1/2006 (6), pp. 28-39, 2006
- Risto Vaarandi.
Tools and Techniques for Event Log Analysis.
PhD Thesis, Tallinn University of Technology, 2005
- Risto Vaarandi.
A Breadth-First Algorithm for Mining Frequent Patterns from Event Logs.
Proceedings of the 2004 IFIP International Conference on Intelligence in
Communication Systems,
LNCS Vol. 3283,
© Springer-Verlag, pp. 293-308, 2004
- Risto Vaarandi.
A Data Clustering Algorithm for Mining Patterns From Event Logs.
Proceedings of the 2003 IEEE Workshop on IP Operations and
Management, pp. 119-126, 2003
- Risto Vaarandi.
A Clustering Algorithm for Logfile Data Sets.
Technical Report, University of Kuopio, 2003
- Risto Vaarandi.
SEC - a Lightweight Event Correlation Tool.
Proceedings of the 2002 IEEE Workshop on IP Operations and
Management, pp. 111-115, 2002
- Risto Vaarandi.
Platform Independent Event Correlation Tool for Network Management.
Proceedings of the 2002 IEEE/IFIP Network Operations and Management
Symposium, pp. 907-910, 2002
- Risto Vaarandi.
Platform Independent Tool for Local Event Correlation.
Acta Cybernetica 15(4), pp. 705-723, 2002