Network security through data analysis : from data to action / Michael Collins.

Author
Collins, Michael (Michael Patrick) [Browse]
Format
Book
Language
English
Εdition
Second edition.
Published/​Created
  • Beijin ; Boston : O'Reilly Media, [2017]
  • ©2017
Description
xxii, 401 pages : illustrations ; 23 cm

Availability

Copies in the Library

Location Call Number Status Location Service Notes
Engineering Library - Stacks TK5105.59 .C64 2017 Browse related items Request

    Details

    Subject(s)
    Summary note
    Traditional intrusion detection and logfile analysis are no longer enough to protect today’s complex networks. In the updated second edition of this practical guide, security researcher Michael Collins shows InfoSec personnel the latest techniques and tools for collecting and analyzing network traffic datasets. You’ll understand how your network is used, and what actions are necessary to harden and defend the systems within it. In three sections, this book examines the process of collecting and organizing data, various tools for analysis, and several different analytic scenarios and techniques. New chapters focus on active monitoring and traffic manipulation, insider threat detection, data mining, regression and machine learning, and other topics. -- Provided by publisher.
    Bibliographic references
    Includes bibliographical references and index.
    Contents
    • Part 1. Data. Organizing data : vantage, domain, action, and validity
    • Vantage : understanding sensor placement in networks
    • Sensors in the network domain
    • Data in the service domain
    • Sensors in the service domain
    • Data and sensors in the host domain
    • Data and sensors in the active domain
    • Part 2. Tools. Getting data in one place
    • The SiLK suite
    • Reference and lookup : tools for figuring out who someone is
    • Part 3. Analytics. Exploratory data analysis and visualization
    • On analyzing text
    • On fumbling
    • On volume and time
    • On graphs
    • On insider threat
    • On threat intelligence
    • Application identification
    • On network mapping
    • On working with Ops.
    ISBN
    • 1491962844 ((paperback))
    • 9781491962848 ((paperback))
    LCCN
    2018304668
    OCLC
    966378503
    Statement on language in description
    Princeton University Library aims to describe library materials in a manner that is respectful to the individuals and communities who create, use, and are represented in the collections we manage. Read more...
    Other views
    Staff view

    Supplementary Information