Network Security Through Data Analysis: Building Situational Awareness (Paperback)
Michael Collins
- 出版商: O'Reilly
- 出版日期: 2014-02-23
- 定價: $1,650
- 售價: 9.5 折 $1,568
- 貴賓價: 9.0 折 $1,485
- 語言: 英文
- 頁數: 348
- 裝訂: Paperback
- ISBN: 1449357903
- ISBN-13: 9781449357900
-
相關分類:
Data Science、資訊安全
立即出貨(限量) (庫存=2)
買這商品的人也買了...
-
$880$695 -
$880$581 -
$550$468 -
$450$428 -
$620$527 -
$780$663 -
$520$411 -
$480$379 -
$550$468 -
$580$458 -
$400$380 -
$450$356 -
$580$493 -
$650$585 -
$580$458 -
$980$774 -
$500$395 -
$680$578 -
$360$306 -
$780$616 -
$500$395 -
$500$395 -
$580$493 -
$520$411 -
$690$538
相關主題
商品描述
Traditional intrusion detection and logfile analysis are no longer enough to protect today’s complex networks. In this practical guide, security researcher Michael Collins shows you several techniques and tools for collecting and analyzing network traffic datasets. You’ll understand how your network is used, and what actions are necessary to protect and improve it.
Divided into three sections, this book examines the process of collecting and organizing data, various tools for analysis, and several different analytic scenarios and techniques. It’s ideal for network administrators and operational security analysts familiar with scripting.
- Explore network, host, and service sensors for capturing security data
- Store data traffic with relational databases, graph databases, Redis, and Hadoop
- Use SiLK, the R language, and other tools for analysis and visualization
- Detect unusual phenomena through Exploratory Data Analysis (EDA)
- Identify significant structures in networks with graph analysis
- Determine the traffic that’s crossing service ports in a network
- Examine traffic volume and behavior to spot DDoS and database raids
- Get a step-by-step process for network mapping and inventory
商品描述(中文翻譯)
傳統的入侵檢測和日誌分析已不足以保護現今複雜的網絡。在這本實用指南中,安全研究人員Michael Collins向您展示了幾種收集和分析網絡流量數據集的技術和工具。您將了解到如何使用您的網絡以及保護和改善它所需的行動。
本書分為三個部分,分別探討了數據收集和組織的過程、各種分析工具,以及幾種不同的分析場景和技術。適合熟悉腳本編寫的網絡管理員和運營安全分析師閱讀。
- 探索用於捕獲安全數據的網絡、主機和服務傳感器
- 使用關聯數據庫、圖形數據庫、Redis和Hadoop存儲數據流量
- 使用SiLK、R語言和其他工具進行分析和可視化
- 通過探索性數據分析(EDA)檢測異常現象
- 通過圖形分析識別網絡中的重要結構
- 確定網絡中正在通過服務端口的流量
- 檢查流量量和行為以檢測DDoS和數據庫入侵
- 獲得網絡映射和清單的逐步過程