Network Security Through Data Analysis: From Data to Action [2nd ed] 9781491962848, 9781491962817, 149196281X

Table of contents :
Copyright
Table of Contents
Preface
Audience
Contents of This Book
Changes Between Editions
Conventions Used in This Book
Using Code Examples
O'Reilly Safari
How to Contact Us
Acknowledgments
Part I. Data
Chapter 1. Organizing Data: Vantage, Domain, Action, and Validity
Domain
Vantage
Choosing Vantage
Actions: What a Sensor Does with Data
Validity and Action
Internal Validity
External Validity
Construct Validity
Statistical Validity
Attacker and Attack Issues
Further Reading
Chapter 2. Vantage: Understanding Sensor Placement in Networks
The Basics of Network Layering. Network Layers and VantageNetwork Layers and Addressing
MAC Addresses
IPv4 Format and Addresses
IPv6 Format and Addresses
Validity Challenges from Middlebox Network Data
Further Reading
Chapter 3. Sensors in the Network Domain
Packet and Frame Formats
Rolling Buffers
Limiting the Data Captured from Each Packet
Filtering Specific Types of Packets
What If It's Not Ethernet?
NetFlow
NetFlow v5 Formats and Fields
NetFlow Generation and Collection
Data Collection via IDS
Classifying IDSs
IDS as Classifier
Improving IDS Performance
Enhancing IDS Detection
Configuring Snort. Enhancing IDS ResponsePrefetching Data
Middlebox Logs and Their Impact
VPN Logs
Proxy Logs
NAT Logs
Further Reading
Chapter 4. Data in the Service Domain
What and Why
Logfiles as the Basis for Service Data
Accessing and Manipulating Logfiles
The Contents of Logfiles
The Characteristics of a Good Log Message
Existing Logfiles and How to Manipulate Them
Stateful Logfiles
Further Reading
Chapter 5. Sensors in the Service Domain
Representative Logfile Formats
HTTP: CLF and ELF
Simple Mail Transfer Protocol (SMTP)
Sendmail
Microsoft Exchange: Message Tracking Logs. Additional Useful LogfilesStaged Logging
LDAP and Directory Services
File Transfer, Storage, and Databases
Logfile Transport: Transfers, Syslog, and Message Queues
Transfer and Logfile Rotation
Syslog
Further Reading
Chapter 6. Data and Sensors in the Host Domain
A Host: From the Network's View
The Network Interfaces
The Host: Tracking Identity
Processes
Structure
Filesystem
Historical Data: Commands and Logins
Other Data and Sensors: HIPS and AV
Further Reading
Chapter 7. Data and Sensors in the Active Domain
Discovery, Assessment, and Maintenance. Discovery: ping, traceroute, netcat, and Half of nmapChecking Connectivity: Using ping to Connect to an Address
Tracerouting
Using nc as a Swiss Army Multitool
nmap Scanning for Discovery
Assessment: nmap, a Bunch of Clients, and a Lot of Repositories
Basic Assessment with nmap
Using Active Vantage Data for Verification
Further Reading
Part II. Tools
Chapter 8. Getting Data in One Place
High-Level Architecture
The Sensor Network
The Repository
Query Processing
Real-Time Processing
Source Control
Log Data and the CRUD Paradigm
A Brief Introduction to NoSQL Systems.

Polecaj historie

Network security through data analysis: from data to action [Second edition] 9781449357900, 9781491962848, 1491962844

821 153 8MB Read more

Statistics and Data Analysis Through R 9798560999926

This book focuses on the implementation of statistics and data analysis through R. It deals first with the Exploratory D

2,009 397 3MB Read more

Intelligent Data Analysis: From Data Gathering to Data Comprehension 1119544459, 9781119544456

This book focuses on methods and tools for intelligent data analysis, aimed at narrowing the increasing gap between data

1,332 127 15MB Read more

DataStory: Explain Data and Inspire Action Through Story 1940858984, 9781940858982

Scientists have proven that stories make the brain light up in ways no other form of communication does. Using story fra

4,051 765 4MB Read more

Qualitative Data Analysis from Start to Finish 9780857021397

526 122 586KB Read more

Statistics and data analysis : from elementary to intermediate 9780137444267, 0137444265

This book provides a one-year calculus-based coverage of statistics and data analysis that spans from the very beginning

4,761 1,136 23MB Read more

Gnuplot in Action, 2nd Edition: Understanding data with graphs 9781633430181

Gnuplot in Action, 2nd Edition is a major revision of this authoritative guide for developers, engineers, and scientists

1,006 289 23MB Read more

The Econometric Analysis of Network Data 0128117710, 9780128117712

The Econometric Analysis of Network Data serves as an entry point for advanced students, researchers, and data scientist

1,056 139 3MB Read more

Data Network Design [3 ed.]

Design a successful data network with help from this definitive guide. Covering all the key processes and technologies -

1,327 158 73MB Read more

Data Science for Marketing Analytics: A practical guide to forming a killer marketing strategy through data analysis with Python, 2nd Edition [2 ed.] 1800560478, 9781800560475

Turbocharge your marketing plans by making the leap from simple descriptive statistics in Excel to sophisticated predict

102 41 50MB Read more