Network Security Through Data Analysis (Anglais) Broché – 14 février 2014
|Neuf à partir de||Occasion à partir de|
Produits fréquemment achetés ensemble
Les clients ayant acheté cet article ont également acheté
Descriptions du produit
Aucun appareil Kindle n'est requis. Téléchargez l'une des applis Kindle gratuites et commencez à lire les livres Kindle sur votre smartphone, tablette ou ordinateur.
Pour obtenir l'appli gratuite, saisissez votre adresse e-mail ou numéro de téléphone mobile.
Détails sur le produit
En savoir plus sur l'auteur
Quels sont les autres articles que les clients achètent après avoir regardé cet article?
Commentaires en ligne
Commentaires client les plus utiles sur Amazon.com (beta)
The author mentions the target for this book are network administrators and operational security analyts. I would add networking students and hackers on the top of this target. The content is very easy to follow though.
The book is divided into three sections (data, tools and analytics). It contains a total of 15 self-contained chapters.
The data section (chapters 1-4) covers the way to collect, storage and organize data. This part discuss about sensors, the best place to set them, the tooling to interface them and the issues/solutions related to the vast amount of data generated.
The tool section (chatpers 5-9) keeps the focus on tools. It covers analysis, visualization and reporting aspects. Some of these tools are SiLK, R, Graphviz, nmap, Wireshark or netcat.
The analytics section (chapters 10-15) studies the nature of the networking traffic and how some mathematical and statistical models can be used to examine data. Among the different analysis you can find useful information related to DDoS attacks, scanning patterns or port correlations approaches.
This book is interesting. It is a great update in this topic and it faces the recent issue of ‘big data’ and massive analysis from a network security perspective.
At the same time, I found the jargon of the author a bit thick along some chapters. I guess it is the result of trying to generalize some concepts and techniques while he introduces concrete examples.
As mentioned, I think this book contains good stuff. It covers a broad spectrum of topics so it could be a great book to jump in this area too. The author makes a good job and he talks from experience.
The exploration of volume and time analysis was particularly interesting to me as I do similar work however, only goes far enough to give the reader or anyone willing to try the code presented in the book an idea of what is to be expected. Probably wise of the author not to go too deep and demonstrate a wide range of analysis missing in data centers and security operations.
I found the book to insightful and useful and good for anyone looking to make the leap to the higher echelons of detection.
This isn't another user guide for existing monitor and alerting software, it is a tool for security analysts to use when actively trying to understand the overwhelming and generalized information they gather through such tools. With the examples and details provided, network engineers can dig deeper to better understand the source of threats and desired targets on their network. There's more to Network Security than just responding to software alerts and this book provides a good foothold into the more advanced analysis.
Breaks down the analysis problem effectively, clearly and simply. Starts from the beginning, allow new comers to get the full background needed to come up to speed rapidly.