Network Security Through Data Analysis
Building Situational Awareness
1st Edition
Published on 25. March 2014
Book
345 pages
978-1-4493-5790-0 (ISBN)
Description
Traditional intrusion detection and logfile analysis are no longer enough to protect today's complex networks. In this practical guide, security researcher Michael Collins shows you several techniques and tools for collecting and analyzing network traffic datasets. You'll understand how your network is used, and what actions are necessary to protect and improve it.
Divided into three sections, this book examines the process of collecting and organizing data, various tools for analysis, and several different analytic scenarios and techniques. It's ideal for network administrators and operational security analysts familiar with scripting.
* Explore network, host, and service sensors for capturing security data
* Store data traffic with relational databases, graph databases, Redis, and Hadoop
* Use SiLK, the R language, and other tools for analysis and visualization
* Detect unusual phenomena through Exploratory Data Analysis (EDA)
* Identify significant structures in networks with graph analysis
* Determine the traffic that's crossing service ports in a network
* Examine traffic volume and behavior to spot DDoS and database raids
* Get a step-by-step process for network mapping and inventory
Divided into three sections, this book examines the process of collecting and organizing data, various tools for analysis, and several different analytic scenarios and techniques. It's ideal for network administrators and operational security analysts familiar with scripting.
* Explore network, host, and service sensors for capturing security data
* Store data traffic with relational databases, graph databases, Redis, and Hadoop
* Use SiLK, the R language, and other tools for analysis and visualization
* Detect unusual phenomena through Exploratory Data Analysis (EDA)
* Identify significant structures in networks with graph analysis
* Determine the traffic that's crossing service ports in a network
* Examine traffic volume and behavior to spot DDoS and database raids
* Get a step-by-step process for network mapping and inventory
More details
Other editions
New editions
Book
08/2017
2nd Edition
O'Reilly
€56.00
Article not available at the moment
Person
Michael Collins is the chief scientist for RedJack, LLC., a Network Security and Data Analysis company located in the Washington D.C. area. Prior to his work at RedJack, Dr. Collins was a member of the technical staff at the CERT/Network Situational Awareness group atCarnegie Mellon University. His primary focus is on network instrumentation and traffic analysis, in particular on the analysis of large traffic datasets. Dr. Collins graduated with a PhD in Electrical Engineering from Carnegie Mellon University in 2008, he holds Master's and Bachelor's Degrees from the same institution.