Traditional intrusion detection and logfile analysis are no longer enough to protect today’s complex networks. In this practical guide, security researcher Michael Collins shows you several techniques and tools for collecting and analyzing network traffic datasets. You’ll understand how your network is used, and what actions are necessary to protect and improve it.

Divided into three sections, the updated second edition of this book examines the process of collecting and organizing data, various tools for analysis, and several different analytic scenarios and techniques. It’s ideal for network administrators and operational security analysts familiar with scripting.

Table of Contents

Chapter 1 Organizing Data: Vantage, Domain, Action and Validity
Chapter 2 Vantage: Understanding Sensor Placement in Networks
Chapter 3 Sensors in the Network Domain
Chapter 4 Data in the Service Domain
Chapter 5 Sensors in the Service Domain
Chapter 6 Data and Sensors in the Host Domain
Chapter 7 Data and Sensors in the Active Domain
Chapter 8 Getting Data In One Place
Chapter 9 The SiLK Suite
Chapter 10 Reference and Lookup: Tools for Figuring Out Who Someone Is
Chapter 11 Exploratory Data Analysis and Visualization
Chapter 12 On Analyzing Text-
Chapter 13 On Fumbling
Chapter 14 On Volume and Time
Chapter 15 On Graphs
Chapter 16 On Insider Threat
Chapter 17 On Threat Intelligence
Chapter 18 On Network Mapping
Chapter 19 On Working with Ops

Book Details

Title: Network Security through Data Analysis: From Data to Action, 2nd Edition
Author: Michael Collins
Length: 400 pages
Edition: 2
Language: English
Publisher: O'Reilly Media
Publication Date: 2017-08-25
ISBN-10: 1491962844
ISBN-13: 9781491962848