- Taschenbuch: 345 Seiten
- Verlag: O'Reilly and Associates; Auflage: 1 (13. Februar 2014)
- Sprache: Englisch
- ISBN-10: 1449357903
- ISBN-13: 978-1449357900
- Größe und/oder Gewicht: 17,8 x 2 x 23,3 cm
- Durchschnittliche Kundenbewertung: Schreiben Sie die erste Bewertung
- Amazon Bestseller-Rang: Nr. 139.963 in Fremdsprachige Bücher (Siehe Top 100 in Fremdsprachige Bücher)
Network Security Through Data Analysis: Building Situational Awareness (Englisch) Taschenbuch – 13. Februar 2014
|Neu ab||Gebraucht ab|
Wird oft zusammen gekauft
Kunden, die diesen Artikel gekauft haben, kauften auch
Es wird kein Kindle Gerät benötigt. Laden Sie eine der kostenlosen Kindle Apps herunter und beginnen Sie, Kindle-Bücher auf Ihrem Smartphone, Tablet und Computer zu lesen.
Geben Sie Ihre E-Mail-Adresse oder Mobiltelefonnummer ein, um die kostenfreie App zu beziehen.
Mehr über den Autor
Über den Autor und weitere Mitwirkende
Michael Collins is the chief scientist for RedJack, LLC., a Network Security and Data Analysis company located in the Washington D.C. area. Prior to his work at RedJack, Dr. Collins was a member of the technical staff at the CERT/Network Situational Awareness group atCarnegie Mellon University. His primary focus is on network instrumentation and traffic analysis, in particular on the analysis of large traffic datasets. Dr. Collins graduated with a PhD in Electrical Engineering from Carnegie Mellon University in 2008, he holds Master's and Bachelor's Degrees from the same institution.
Welche anderen Artikel kaufen Kunden, nachdem sie diesen Artikel angesehen haben?
Die hilfreichsten Kundenrezensionen auf Amazon.com (beta)
The author mentions the target for this book are network administrators and operational security analyts. I would add networking students and hackers on the top of this target. The content is very easy to follow though.
The book is divided into three sections (data, tools and analytics). It contains a total of 15 self-contained chapters.
The data section (chapters 1-4) covers the way to collect, storage and organize data. This part discuss about sensors, the best place to set them, the tooling to interface them and the issues/solutions related to the vast amount of data generated.
The tool section (chatpers 5-9) keeps the focus on tools. It covers analysis, visualization and reporting aspects. Some of these tools are SiLK, R, Graphviz, nmap, Wireshark or netcat.
The analytics section (chapters 10-15) studies the nature of the networking traffic and how some mathematical and statistical models can be used to examine data. Among the different analysis you can find useful information related to DDoS attacks, scanning patterns or port correlations approaches.
This book is interesting. It is a great update in this topic and it faces the recent issue of ‘big data’ and massive analysis from a network security perspective.
At the same time, I found the jargon of the author a bit thick along some chapters. I guess it is the result of trying to generalize some concepts and techniques while he introduces concrete examples.
As mentioned, I think this book contains good stuff. It covers a broad spectrum of topics so it could be a great book to jump in this area too. The author makes a good job and he talks from experience.
The exploration of volume and time analysis was particularly interesting to me as I do similar work however, only goes far enough to give the reader or anyone willing to try the code presented in the book an idea of what is to be expected. Probably wise of the author not to go too deep and demonstrate a wide range of analysis missing in data centers and security operations.
I found the book to insightful and useful and good for anyone looking to make the leap to the higher echelons of detection.
This isn't another user guide for existing monitor and alerting software, it is a tool for security analysts to use when actively trying to understand the overwhelming and generalized information they gather through such tools. With the examples and details provided, network engineers can dig deeper to better understand the source of threats and desired targets on their network. There's more to Network Security than just responding to software alerts and this book provides a good foothold into the more advanced analysis.
Breaks down the analysis problem effectively, clearly and simply. Starts from the beginning, allow new comers to get the full background needed to come up to speed rapidly.