Publications

• Gabor Visky, Alexander Rohl, Risto Vaarandi, Sokratis Katsikas and Olaf M. Maennel. Hacking on the High Seas: How Automated Reverse-Engineering Can Assist Vulnerability Discovery of a Proprietary Communication Protocol. Proceedings of the 2024 IEEE Conference on Local Computer Networks, pp. 1-7, 2024
• Gabor Visky, Dariana Khisteva, Risto Vaarandi and Olaf M. Maennel. Towards an Open-source Intrusion Detection System Integration Into Marine Vehicles. Proceedings of the 2024 International Symposium on Electronics in Marine, pp. 263-268, 2024
• Gabor Visky, Aleksei Šiganov, Muaan ur Rehman, Risto Vaarandi, Hayretdin Bahsi and Leonidas Tsiopoulos. Hybrid Cybersecurity Research and Education Environment for Maritime Sector. Proceedings of the 2024 IEEE International Conference on Cyber Security and Resilience, pp. 644-651, 2024
• Risto Vaarandi and Alejandro Guerra-Manzanares. Network IDS alert classification with active learning techniques. Journal of Information Security and Applications, vol. 81, article 103687, 2024 (accepted version of the paper)
• Risto Vaarandi and Alejandro Guerra-Manzanares. Stream clustering guided supervised learning for classifying NIDS alerts. Future Generation Computer Systems, vol. 155, pp. 231-244, 2024
• Seyed Mohammad Hadi Mirsadeghi, Hayretdin Bahsi, Risto Vaarandi and Wissem Inoubli. Learning From Few Cyber-Attacks: Addressing the Class Imbalance Problem in Machine Learning-Based Intrusion Detection in Software-Defined Networking. IEEE Access, vol. 11, pp. 140428-140442, 2023
• Orkhan Gasimov, Risto Vaarandi and Mauno Pihelgas. Comparative Analysis of Pattern Mining Algorithms for Event Logs. Proceedings of the 2023 IEEE International Conference on Cyber Security and Resilience, pp. 1-7, 2023
• Frank Korving and Risto Vaarandi. DACA: Automated Attack Scenarios and Dataset Generation. Proceedings of the 2023 International Conference on Cyber Warfare and Security, pp. 550-559, 2023
• Risto Vaarandi and Sten Mäses. How to Build a SOC on a Budget. Proceedings of the 2022 IEEE International Conference on Cyber Security and Resilience, pp. 171-177, 2022
• Risto Vaarandi. A Stream Clustering Algorithm for Classifying Network IDS Alerts. Proceedings of the 2021 IEEE International Conference on Cyber Security and Resilience, pp. 14-19, 2021
• Risto Vaarandi and Mauno Pihelgas. NetFlow Based Framework for Identifying Anomalous End User Nodes. Proceedings of the 2020 International Conference on Cyber Warfare and Security, pp. 448-456, 2020
• Emin Caliskan and Risto Vaarandi. Career Development in Cyber Security: Bootcamp Training Programs. Proceedings of the 2020 International Conference on Cyber Warfare and Security, pp. 503-511, 2020
• Emin Caliskan, Risto Vaarandi and Birgy Lorenz. Improving Learning Efficiency and Evaluation Fairness for Cyber Security Courses: A Case Study. Proceedings of the 2019 Computing Conference, Vol. 2, AISC Vol. 998, Springer, pp. 622-638, 2019
• Bernhards Blumbergs, Rain Ottis and Risto Vaarandi. Crossed Swords: A Cyber Red Team Oriented Technical Exercise. Proceedings of the 2019 European Conference on Cyber Warfare and Security, pp. 37-44, 2019
• Risto Vaarandi, Bernhards Blumbergs and Markus Kont. An Unsupervised Framework for Detecting Anomalous Messages from Syslog Log Files. Proceedings of the 2018 IEEE/IFIP Network Operations and Management Symposium, pp. 1-6, 2018
• Chen Zhuge and Risto Vaarandi. Efficient Event Log Mining with LogClusterC. Proceedings of the 2017 IEEE International Conference on Big Data Security on Cloud, pp. 261-266, 2017
• Bernhards Blumbergs and Risto Vaarandi. Bbuzz: A Bit-aware Fuzzing Framework for Network Protocol Systematic Reverse Engineering and Analysis. Proceedings of the 2017 IEEE MILCOM Conference, pp. 707-712, 2017
• Emin Caliskan, Unal Tatar, Hayretdin Bahsi, Rain Ottis and Risto Vaarandi. Capability Detection and Evaluation Metrics for Cyber Security Lab Exercises. Proceedings of the 2017 International Conference on Cyber Warfare and Security, pp. 407-414, 2017
• Risto Vaarandi, Markus Kont and Mauno Pihelgas. Event Log Analysis with the LogCluster Tool. Proceedings of the 2016 IEEE MILCOM Conference, pp. 982-987, 2016
• Bernhards Blumbergs, Mauno Pihelgas, Markus Kont, Olaf Maennel and Risto Vaarandi. Creating and Detecting IPv6 Transition Mechanism-Based Information Exfiltration Covert Channels. Proceedings of the 2016 Nordic Conference on Secure IT Systems, LNCS Vol. 10014, © Springer, pp. 85-100, 2016, DOI: 10.1007/978-3-319-47560-8_6 (extended version of the paper)
• Risto Vaarandi and Mauno Pihelgas. LogCluster - A Data Clustering and Pattern Mining Algorithm for Event Logs. Proceedings of the 2015 International Conference on Network and Service Management, pp. 1-7, 2015
• Risto Vaarandi, Bernhards Blumbergs and Emin Caliskan. Simple Event Correlator - Best Practices for Creating Scalable Configurations. Proceedings of the 2015 IEEE CogSIMA Conference, pp. 96-100, 2015
• Risto Vaarandi and Mauno Pihelgas. Using Security Logs for Collecting and Reporting Technical Security Metrics. Proceedings of the 2014 IEEE MILCOM Conference, pp. 294-299, 2014
• Risto Vaarandi and Pawel Nizinski. Comparative Analysis of Open-Source Log Management Solutions for Security Monitoring and Network Forensics. Proceedings of the 2013 European Conference on Information Warfare and Security, pp. 278-287, 2013
• Risto Vaarandi. Detecting Anomalous Network Traffic in Organizational Private Networks. Proceedings of the 2013 IEEE CogSIMA Conference, pp. 285-292, 2013
• Risto Vaarandi and Michael R. Grimaila. Security Event Processing with Simple Event Correlator. Information Systems Security Association (ISSA) Journal 10(8), pp. 30-37, 2012
• Risto Vaarandi. Methods for Detecting Important Events and Knowledge from Data Security Logs. Proceedings of the 2011 European Conference on Information Warfare and Security, pp. 261-267, 2011
• Risto Vaarandi and Karlis Podins. Network IDS Alert Classification with Frequent Itemset Mining and Data Clustering. Proceedings of the 2010 International Conference on Network and Service Management, pp. 451-456, 2010
• Risto Vaarandi. Real-time Classification of IDS Alerts with Data Mining Techniques. Proceedings of the 2009 IEEE MILCOM Conference, pp. 1786-1792, 2009
• Risto Vaarandi. Mining Event Logs with SLCT and LogHound. Proceedings of the 2008 IEEE/IFIP Network Operations and Management Symposium, pp. 1071-1074, 2008
• Risto Vaarandi. Simple Event Correlator for real-time security log monitoring. Hakin9 Magazine 1/2006 (6), pp. 28-39, 2006
• Risto Vaarandi. Tools and Techniques for Event Log Analysis. PhD Thesis, Tallinn University of Technology, 2005
• Risto Vaarandi. A Breadth-First Algorithm for Mining Frequent Patterns from Event Logs. Proceedings of the 2004 IFIP International Conference on Intelligence in Communication Systems, LNCS Vol. 3283, © Springer-Verlag, pp. 293-308, 2004
• Risto Vaarandi. A Data Clustering Algorithm for Mining Patterns From Event Logs. Proceedings of the 2003 IEEE Workshop on IP Operations and Management, pp. 119-126, 2003
• Risto Vaarandi. A Clustering Algorithm for Logfile Data Sets. Technical Report, University of Kuopio, 2003
• Risto Vaarandi. SEC - a Lightweight Event Correlation Tool. Proceedings of the 2002 IEEE Workshop on IP Operations and Management, pp. 111-115, 2002
• Risto Vaarandi. Platform Independent Event Correlation Tool for Network Management. Proceedings of the 2002 IEEE/IFIP Network Operations and Management Symposium, pp. 907-910, 2002
• Risto Vaarandi. Platform Independent Tool for Local Event Correlation. Acta Cybernetica 15(4), pp. 705-723, 2002