Reports & Articles

The following page lists articles and reports (co-)published by the Centre researchers.

The papers are available for download on our Portal and NS WAN. Access to the Portal is open to the members of NATO and NATO-related entities, officials and academia of the NATO countries and NATO CCD COE partner organisations.

To sign up, write to portal -at- ccdcoe.org and provide following information: Name, affiliation, contact information. Please give at least 7 days for the processing of your request. The centre has a right to refuse access to the Portal.

2013

Cyber Security Status Watch, 2012 Q4 report. NATO CCD COE Publications.

Vaarandi, R. (2013). Detecting Anomalous Network Traffic in Organizational Private Networks. Proceedings of the 2013 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, pp. 288-295, 2013

Vaarandi, R. & Niziński P. (2013). A Comparative Analysis of Open-Source Log Management Solutions for Security Monitoring and Network Forensics. NATO CCD COE Publications.

2012

Czosseck, C. (2012). Evaluation of Nation-state Level Botnet Mitigation Strategies Using DEMATEL. Published in proceedings of 11th  European Conference on Information Warfare and Security.

Czosseck, C.; Kråvik, M.; Podins, K.; Schlösser, M. (2012). Joint Investigation of a Zeus-infected Web Service Hosted in a Latvian Data Centre. NATO CCD COE Publications.

Geers, K. (2012). Strategic Cyber Defense: Which Way Forward? Journal of Homeland Security and Emergency Management 9(1)(2) 1-12 (2012).

De Falco, M. (2012). Stuxnet Facts Report. A Technical and Strategic Analysis. NATO CCD COE Publications.

Kaska, K. (2012). Conficker: Considerations in Law and Legal Policy. NATO CCD COE Publications.

Ottis, R. (2012). Cyber Security Organisation. NATO CCD COE Publications.

Podins, K. & Barasoain, A. (2012). Application Level Attacks Study. NATO CCD COE Publications.

Podins, K. & Czosseck C. (2012). A Vulnerability-Based Model of Cyber Weapons and its
Implications for Cyber Conflict. Published in proceedings of 11th European Conference on Information Warfare and Security.

San Roman, R.; Benaventre, D.; Hernandez, A. (2012). NECCS-2. 2nd Study of Cyber Security in Network Enabled Capabilities. NATO CCD COE Publications.

Tyugu, E. (2012). Command and Control of Cyber Weapons. In Czosseck, C.; Ottis, R.; Ziolkowski, K. (Eds.) 4th International Conference on Cyber Conflict. Proceedings 2012. Tallinn: CCD COE Publications, p 333-343.

Vaarandi, R. &  Grimaila, M. R. (2012). Security Event Processing with Simple Event Correlator. Information Systems Security Association (ISSA) Journal 10(8), pp. 30-37.

Vihul, L.; Czosseck, C.; Dr Ziolkowski, K.; Aasmann, L; Ivanov, I. A.; Dr Brüggemann, S. (2012). Legal Implications of Countering Botnets. Joint report from the NATO Cooperative Cyber Defence Centre of Excellence and European Network and Information Security Agency.

Dr Ziolkowski, K. (2012). Stuxnet - Legal Considerations. NATO CCD COE Publications.

Dr Ziolkowski, K. (2012). Ius ad bellum in Cyberspace - Some Thoughts on the "Schmitt-Criteria" for use of Force. In Czosseck, C.; Ottis, R.; Ziolkowski, K. (Eds.) 4th International Conference on Cyber Conflict. Proceedings 2012. Tallinn: CCD COE Publications, p 295-309.

2011

Alberghs, G.; Grigorenko, P.; Kivimaa, J. (2011). Quantitative system reliability approach for optimizing IT security costs in an AI environment. In: 12th Symposium on Programming Languages and Software Tools, SPLST'11 : Tallinn, Estonia, 5-7 October 2011, Proceedings: (Eds.) Penjam, Jaan. Tallinn: TUT Press, 2011, 219 - 230.

Czosseck, C.; Klein, G.; Leder, F. (2011). On the Arms Race Around Botnets - Setting Up and Taking Down Botnets. In Czosseck, C.; Tyugu, E.; Wingfield, T. (Eds.) 3rd International Conference on Cyber Conflict. Proceedings 2011. Tallinn: NATO CCD COE Publications, p 95-105.

Czosseck, C.; Ottis, R.; Talihärm, A.-M. (2011). Estonia After the 2007 Cyber Attacks: Legal, Strategic and Organisational Changes in Cyber Security. Proceedings of the 10th European Conference on Information Warfare and Security at the Tallinn University of Technology Tallinn, Estonia 7-8 July 2011, pp. 57-64. Reprinted in 2011 in the Journal of Cyber Warfare and Terrorism, Vol 1, Issue 1.

Czosseck, C. & Podins, K. (2011). An Usage-Centric Botnet Taxonomy. Proceedings of the 10th European Conference on Information Warfare and Security at the Tallinn University of Technology Tallinn, Estonia 7-8 July 2011, pp. 65-72.

Ganuza, N.; Hernández, A.; Benavente, D. (2011). An Introductory Study to Cyber Security in NEC. NATO CCD COE Publications.

Geers, K. (2011). Heading off hackers. In per Concordiam, Vol 2, Issue 2, pp. 23-27.

Geers, K. (2011). Sun Tzu and Cyber War. NATO CCD COE Publications.

Kivimaa, J. & Kirt, T. (2011). Evolutionary Algorithms for Optimal Selection of Security Measures. Proceedings of the 10th European Conference on Information Warfare and Security at the Tallinn University of Technology Tallinn, Estonia 7-8 July 2011, pp. 172-184.

Kotkas, V.; Ojamaa, A.; Grigorenko, P.; Maigre, R.; Harf, M.; Tyugu, E. (2011). CoCoViLa as a multifunctional simulation platform. In: SIMUTOOLS 2011 - 4th International ICST Conference on Simulation Tools and Techniques : March 21-25 - Barcelona, Spain Brussels: ICST, p. 1 - 8.

Lorents, P.; Matsak, E. (2011). Applying time-dependent algebraic systems for describing situations. Research paper presented at IEEE CogSIMA 2011.

Maigre, R.; Tyugu, E. (2011). Composition of Services on Hierarchical Service Models. In: EJC 2011 : 21st European-Japanese Conference on Information Modelling and Knowledge Bases. [in print]

Ottis, R. (2011) Theoretical Offensive Cyber Militia Models. In: Proceedings of the 6th International Conference on Information Warfare and Security, Washington DC. Reading: Academic Publishing Limited, p 307-313.

Talihärm, A.-M. (2011)  International Criminal Cooperation in the Context of Cyber Incidents. In: Proceedings of the 10th European Conference on Information Warfare and Security ECIW-2011, The Institute of Cybernetics at the Tallinn University of Technology, Tallinn, Estonia 7-8 July 2011

Tikk, E. (2011). Ten Rules for Cyber Security. In: Survival. Global Politics and Strategy, vol. 53 no. 3, p. 119-132.

Tyugu, E. (2011). Artificial Intelligence in Cyber Defense. In Czosseck, C.; Tyugu, E.; Wingfield, T. (Eds.) 3rd International Conference on Cyber Conflict. Proceedings 2011. Tallinn: NATO CCD COE Publications, p 95-105.

Vaarandi, R. (2011). Methods for Detecting Important Events and Knowledge from Data Security Logs. Proceedings of the 10th European Conference on Information Warfare and Security at the Tallinn University of Technology Tallinn, Estonia 7-8 July 2011, pp. 261-267.

2010

Geers, K. (2010). A Brief Introduction to Cyber Warfare. Common Defense Quarterly Spring (2010).

Geers, K. (2010). The Challenge of Cyber Attack Deterrence. Computer Law & Security Review, 26(3), 298-303

Geers, K. (2010). Cyber Weapons Convention. Computer Law & Security Review, 26(5), 547-551.

Geers, K. (2010). Live Fire Exercise: Preparing for Cyber War. Journal of Homeland Security and Emergency Management: Vol. 7 : Iss. 1, Article 74.

Kaska, K; Talihärm, A.-M.; Tikk, E. (2010). Developments in the Legislative, Policy and Organisational Landscapes in Estonia since 2007. In: Tikk, E. & Talihärm, A.-M. (Eds.). International Cyber Security Legal and Policy Proceedings. Tallinn: CCD COE Publications, pp 40-66.

Kirt, T & Kivimaa, J. (2010). Optimizing IT security costs by evolutionary algorithms. In Czosseck, C. and Podins, K. (Eds.) Conference on Cyber Conflict. Proceedings 2010. Tallinn: CCD COE Publications, p 97-109.

Klein, G.; Ojamaa, A.; Grigorenko, P.; Jahnke, M.; Tyugu, E. (2010). Enhancing Response Selection in Impact Estimation Approaches. Military Communications and Information Systems Conference (MCC), September 27-28, 2010, Wroclaw, Poland. , 2010, 7 p.

Lorents, P. & Matsak, E. (2010). Digital solutions for inference rules in decision-supporting systems. Fifth International Conference on Digital Information Management. Thundar Bay, Canada: IEEE, 2010.

Lorents, P. & Matsak, E. (2010). Forecasting and Deductive Systems. In: proceeding of The 30th Annual International Symposium on Forecasting: The 30th Annual International Symposium on Forecasting, San Diego, USA, June 20-23, 2010. San Diego, USA: The International Institute of Forecasters, 2010, 81 - 81.

Lorents, P. & Ottis, R. (2010). Knowledge Based Framework for Cyber Weapons and Conflict. In Czosseck, C. and Podins, K. (Eds.) Conference on Cyber Conflict. Proceedings 2010. Tallinn: CCD COE Publications, p 129-142.

Lorents, P. & Matsak, E. (2010). System mining inference rules from natural language texts.
The 3rd International Multi-Conference on Engeneering and Technological Innovation. International Institute of Informatics and Systemics, 2010, 309 - 314.

Michael, J. B.;  Tikk, E.;  Wahlgren, P.;  Wingfield, T. C. (2010). From Chaos to Collective Defense
Computer. Computer, vol. 43, no. 8, pp. 91-94.

Ottis, R. & Lorents, P. (2010). Cyberspace: Definition and Implications. In Proceedings of the 5th International Conference on Information Warfare and Security, Dayton, OH, US, 8-9 April. Reading: Academic Publishing Limited, pp 267-270.

Ottis, R. (2010). From Pitch Forks to Laptops: Volunteers in Cyber Conflicts. In Czosseck, C. and Podins, K. (Eds.) Conference on Cyber Conflict. Proceedings 2010. Tallinn: CCD COE Publications, p 97-109.

Ottis, R. (2010). Proactive Defence Tactics Against On-Line Cyber Militia. In Proceedings of the 9th European Conference on Information Warfare and Security, Thessaloniki, Greece, 01-02 July. Reading: Academic Publishing Limited, pp 233-237.

Ryan, J. J. C. H.; Ryan D. J.; Tikk, E. (2010). Cybersecurity Regulation: Using Analogies to Develop Frameworks for Regulations. In: Tikk, E. & Talihärm, A.-M. (Eds.). International Cyber Security Legal and Policy Proceedings. Tallinn: CCD COE Publications, 76-99.

Talihärm, A.-M. (2010). Cyberterrorism: in Theory or in Practice? Defence Against Terrorism Review, Vol.3, No. 2, Fall 2010, pp. 59-74

Tikk, E. (2010). IP Addresses Subject to Personal Data Regulation. In: Tikk, E. & Talihärm, A.-M. (Eds.). International Cyber Security Legal and Policy Proceedings. Tallinn: CCD COE Publications, pp 24-39.

Tikk, E. (2010). Global Cyber Security – Thinking About The Niche for NATO. SAIS Review - Volume 30, Number 2, Summer-Fall 2010, pp 105-119

Tikk, E. & Kaska, K. (2010). Legal Cooperation to Investigate Cyber Incidents: Estonian Case Study and Lessons. 9th European Conference on Information Warfare and Security, Thessaloniki, Greece, 01-02 July. Reading: Academic Publishing Limited, pp 288-294

Tyugu, E. (2010). Using knowledge in model-based software development. In: A.Caplinskas, H. Pranevicius, T. Nakatani (eds.) Proc. of the Joint Conference on Knowledge-Based Software Engineering (JCKBSE'10).Technologija, Kaunas, 2010, pp 3 - 6.

Vaarandi, R. & Podins, K. (2010). Detection of illegal gateways in protected networks. CCD COE Publications

Vaarandi, R. & Podins, K. (2010). Network IDS Alert Classification with Frequent Itemset Mining and Data Clustering. Proceedings of the 2010 IEEE Conference on Network and Service Management, pp 451-456.

Wingfield, T. & Tikk, E. (2010). Frameworks for International Cyber Security: The Cube, the Pyramid, and the Screen. In: Tikk, E. & Talihärm, A.-M. (Eds.). International Cyber Security Legal and Policy Proceedings. Tallinn: CCD COE Publications, pp16-22.

2009

Geers, K. (2009). The Cyber Threat to National Critical Infrastructures: Beyond Theory. The Information Security Journal: A Global Perspective, 18(1) 1-7.

Kivimaa, J. (2009). Applying a Cost Optimizing Model for IT Security. In Proceedings of the 8th European Conference on Information Warfare and Security, ECIW 2009, 6-7 July, Lisbon, Portugal. Reading: Academic Publishing Limited, pp 142-153.

Kivimaa, J.; Ojamaa, A.; Tyugu, E. (2009). Graded Security Expert System. Proc. CRITIS08, Eds. R. Setola, S. Geretshuber. Berlin : Springer, 2009, pp 279-286.

Kivimaa, J; Ojamaa, A.; Tyugu, E. (2009). Managing Evolving Security Situations. MILCOM 2009: Unclassified Proceedings, October 18-21, 2009, Boston, MA. Piscataway, NJ: IEEE, 2009, pp 1 - 7.

Lorents, P.; Ottis, R.; Rikk, R. (2009). Cyber Society and Cooperative Cyber Defence. In Internationalization, Design and Global Development. Lecture Notes in Computer Science, Vol 5623, pp. 180-186.

Lorents, P. & Tyugu, E. (2009). Lattices of knowledge systems. Proc. International Conference on Artificial Intelligence Proc. WORLDCOMP'09: IC-AIŽ2009, Las Vegas, CSREA Press, July 2009.

Maigre, R.; Küngas, P.; Matskin, M.; Tyugu, E. (2009). Dynamic Service Synthesis on a Large Service Model of a Federated Governmental Information System. International Journal on Advances in Intelligent Systems. Vol 2, No 2, pp 181-191.

Ottis, R. (2009). Theoretical Model for Creating a Nation-State Level Offensive Cyber Capability. In Proceedings of the 8th European Conference on Information Warfare and Security, ECIW 2009, 6-7 July, Lisbon, Portugal. Reading: Academic Publishing Limited, pp 177-182.

Podins, K. (2009). Cellular Warfare. In Proceedings of the 8th European Conference on Information Warfare and Security, ECIW 2009, 6-7 July, Lisbon, Portugal. Reading: Academic Publishing Limited, pp 192-197.

Temmingh, R. & Geers, K. (2009). Virtual Plots, Real Revolution. In Czosseck, C. & Geers, K. (Eds.) The Virtual Battlefield: Perspectives on Cyber Warfare. Proceedings 2009. Amsterdam: IOS Press, pp 294-301.

Tikk, E. (2009). Defining Critical Information Infrastructure in the Context of Cyber Threats: The Privacy Perspective. Modelling Cyber Security: Approaches, Methodology, Strategies. NATO Science for Peace and Security Series, Vol 59. Amsterdam: IOS Press.

Tyugu, E. (2009). Computing and Computer Science in the Soviet Baltic Region. In J. Impagliazzo, T. Järvi, P. Paju (Eds.) History of Nordic Computing 2 -- Second IFIP WG 9.7 Conference, HiNC2, Revised Selected Papers. IFIP Advances in Information and Communication Technology, v. 303. Springer, pp 29-37.

Vaarandi, R. (2009). Real-time Classification of IDS Alerts with Data Mining Techniques.
Proceedings of the 2009 IEEE MILCOM Conference , 2009, pp.1786-1792.

2008

Geers, K. (2008). Cyberspace and the Changing Nature of Warfare. Hakin9 E-Book, 19/3 No. 6. SC Magazine.

Ottis, R. (2008). Analysis of the 2007 Cyber Attacks against Estonia from the Information Warfare Perspective. Proceedings of the 7th European Conference on Information Warfare and Security, Plymouth, 2008. Reading: Academic Publishing Limited, pp 163-168.

Vaarandi, R. (2008). Mining Event Logs with SLCT and LogHound. Proceedings of the 2008 IEEE/IFIP Network Operations and Management Symposium, 2008, pp1071--1074.