Network Security Through Data Analysis
From Data to Action
2nd Edition
Will be published approx. on 25. August 2017
Book
Paperback/Softback
421 pages
978-1-4919-6284-8 (ISBN)
Description
Traditional intrusion detection and logfile analysis are no longer enough to protect today's complex networks. In the updated second edition of this practical guide, security researcher Michael Collins shows InfoSec personnel the latest techniques and tools for collecting and analyzing network traffic datasets. You'll understand how your network is used, and what actions are necessary to harden and defend the systems within it.
In three sections, this book examines the process of collecting and organizing data, various tools for analysis, and several different analytic scenarios and techniques. New chapters focus on active monitoring and traffic manipulation, insider threat detection, data mining, regression and machine learning, and other topics.
You'll learn how to:
Use sensors to collect network, service, host, and active domain data
Work with the SiLK toolset, Python, and other tools and techniques for manipulating data you collect
Detect unusual phenomena through exploratory data analysis (EDA), using visualization and mathematical techniques
Analyze text data, traffic behavior, and communications mistakes
Identify significant structures in your network with graph analysis
Examine insider threat data and acquire threat intelligence
Map your network and identify significant hosts within it
Work with operations to develop defenses and analysis techniques
In three sections, this book examines the process of collecting and organizing data, various tools for analysis, and several different analytic scenarios and techniques. New chapters focus on active monitoring and traffic manipulation, insider threat detection, data mining, regression and machine learning, and other topics.
You'll learn how to:
Use sensors to collect network, service, host, and active domain data
Work with the SiLK toolset, Python, and other tools and techniques for manipulating data you collect
Detect unusual phenomena through exploratory data analysis (EDA), using visualization and mathematical techniques
Analyze text data, traffic behavior, and communications mistakes
Identify significant structures in your network with graph analysis
Examine insider threat data and acquire threat intelligence
Map your network and identify significant hosts within it
Work with operations to develop defenses and analysis techniques
More details
Edition
2nd Revised edition
Language
English
Place of publication
Sebastopol
United States
Target group
Professional and scholarly
Edition type
Revised edition
Product notice
Paperback (trade)
Unsewn / adhesive bound
Dimensions
Height: 231 mm
Width: 177 mm
Thickness: 27 mm
Weight
742 gr
ISBN-13
978-1-4919-6284-8 (9781491962848)
Copyright in bibliographic data and cover images is held by Nielsen Book Services Limited or by the publishers or by their respective licensors: all rights reserved.
Schweitzer Classification
Other editions
Additional editions
E-Book
09/2017
O'Reilly
€42.49
Available for download
E-Book
09/2017
O'Reilly
€42.49
Available for download
Previous edition
Book
03/2014
1st Edition
O'Reilly
€41.00
Article exhausted; check for reprint
Person
Michael Collins is the chief scientist for RedJack, LLC., a NetworkSecurity and Data Analysis company located in the WashingtonD.C. area. Prior to his work at RedJack, Dr. Collins was a member ofthe technical staff at the CERT/Network Situational Awareness group at Carnegie Mellon University. His primary focus is on networkinstrumentation and traffic analysis, in particular on the analysis oflarge traffic datasets.Dr. Collins graduated with a PhD in Electrical Engineering fromCarnegie Mellon University in 2008, he holds Master's and Bachelor'sDegrees from the same institution.