With Early Release ebooks, you get books in their earliest form—the author's raw and unedited content as he or she writes—so you can take advantage of these technologies long before the official release of these titles. You'll also receive updates when significant changes are made, new chapters are available, and the final ebook bundle is released.
Traditional intrusion detection and logfile analysis are no longer enough to protect today’s complex networks. In this practical guide, security researcher Michael Collins shows you several techniques and tools for collecting and analyzing network traffic datasets. You’ll understand how your network is used, and what actions are necessary to protect and improve it.
Divided into three sections, the updated second edition of this book examines the process of collecting and organizing data, various tools for analysis, and several different analytic scenarios and techniques. It’s ideal for network administrators and operational security analysts familiar with scripting.
Chapter 1Organizing Data: Vantage, Domain, Action and Validity
Chapter 2Vantage: Understanding Sensor Placement in Networks
Chapter 3Sensors in the Network Domain
Chapter 4Data in the Service Domain
Chapter 5Sensors in the Service Domain
Chapter 6Data and Sensors in the Host Domain
Chapter 7Data and Sensors in the Active Domain
Chapter 8Getting Data In One Place
Chapter 9The SiLK Suite
Chapter 10Reference and Lookup: Tools for Figuring Out Who Someone Is
Chapter 11Exploratory Data Analysis and Visualization
Michael Collins is the chief scientist for RedJack, LLC., a NetworkSecurity and Data Analysis company located in the WashingtonD.C. area. Prior to his work at RedJack, Dr. Collins was a member ofthe technical staff at the CERT/Network Situational Awareness group at Carnegie Mellon University. His primary focus is on networkinstrumentation and traffic analysis, in particular on the analysis oflarge traffic datasets.Dr. Collins graduated with a PhD in Electrical Engineering fromCarnegie Mellon University in 2008, he holds Master's and Bachelor'sDegrees from the same institution.