基于數(shù)據(jù)分析的網(wǎng)絡(luò)安全（影印版第2版）

定　價(jià)：￥99.00

作　者：	Michael Collins
出版社：	東南大學(xué)出版社
叢編項(xiàng)：
標(biāo)　簽：	暫缺

購(gòu)買(mǎi)這本書(shū)可以去

ISBN：	9787564177300	出版時(shí)間：	2018-06-01	包裝：
開(kāi)本：		頁(yè)數(shù)：		字?jǐn)?shù)：

內(nèi)容簡(jiǎn)介

　　傳統(tǒng)入侵檢測(cè)和日志分析已不足以保護(hù)當(dāng)今的復(fù)雜網(wǎng)絡(luò)。《基于數(shù)據(jù)分析的網(wǎng)絡(luò)安全（第2版影印版）》這本實(shí)用指南的第2版中，安全研究員MichaelCollins向信息安全人員展示了新的網(wǎng)絡(luò)流量數(shù)據(jù)收集分析技術(shù)和工具。你將會(huì)理解網(wǎng)絡(luò)如何被使用以及哪些行動(dòng)是加固和防護(hù)系統(tǒng)所必需的?！痘跀?shù)據(jù)分析的網(wǎng)絡(luò)安全（第2版影印版）》通過(guò)3個(gè)部分檢視了收集和組織數(shù)據(jù)的過(guò)程、多種分析工具以及各種分析場(chǎng)景和技術(shù)。新章節(jié)關(guān)注活躍監(jiān)控和流量處理、內(nèi)部威脅檢測(cè)、數(shù)據(jù)挖掘、回歸與機(jī)器學(xué)習(xí)，還有其他主題。

作者簡(jiǎn)介

　　邁克爾·柯林斯，是位于華盛頓的網(wǎng)絡(luò)安全與數(shù)據(jù)分析公司RedJack有限責(zé)任公司的首席科學(xué)家。他主要關(guān)注于網(wǎng)絡(luò)設(shè)備和流量分析，特別是大規(guī)模流量數(shù)據(jù)集的分析。

圖書(shū)目錄

Preface
Part Ⅰ．Data
1． Organizing Data： Vantage， Domain， Action， and Validity
Domain
Vantage
Choosing Vantage
Actions： What a Sensor Does with Data
Validity and Action
Internal Validity
External Validity
Construct Validity
Statistical Validity
Attacker and Attack Issues
Further Reading
2． Vantage： Understanding Sensor Placement in Networks
The Basics of Network Layering
Network Layers and Vantage
Network Layers and Addressing
MAC Addresses
IPv4 Format and Addresses
IPv6 Format and Addresses
Validity Challenges from Middlebox Network Data
Further Reading
3． Sensors in the Network Domain
Packet and Frame Formats
Rolling Buffers
Limiting the Data Captured from Each Packet
Filtering Specific Types of Packets
What If It's Not Ethernet?
NetFlow
NetFlow v5 Formats and Fields
NetFlow Generation and Collection
Data Collection via IDS
Classifying IDSs
IDS as Classifier
Improving IDS Performance
Enhancing IDS Detection
Configuring Snort
Enhancing IDS Response
Prefetching Data
Middlebox Logs and Their Impact
VPN Logs
Proxy Logs
NAT Logs
Further Reading
4． Data in the Service Domain
What and Why
Logfiles as the Basis for Service Data
Accessing and Manipulating Logfiles
The Contents of Logfiles
The Characteristics of a Good Log Message
Existing Logfiles and How to Manipulate Them
Stateful Logfiles
Further Reading
5． Sensors in the Service Domain
Representative Logfile Formats
HTTP： CLF and ELF
Simple Mail Transfer Protocol (SMTP)
Sendmail
Microsoft Exchange： Message Tracking Logs
Additional Useful Logfiles
Staged Logging
LDAP and Directory Services
……