登入帳戶  | 訂單查詢  | 購物車/收銀台(0) | 在線留言板  | 付款方式  | 運費計算  | 聯絡我們  | 幫助中心 |  加入書簽
會員登入   新用戶登記
HOME新書上架暢銷書架好書推介特價區會員書架精選月讀2023年度TOP分類瀏覽雜誌 臺灣用戶
品種:超過100萬種各類書籍/音像和精品,正品正價,放心網購,悭钱省心 服務:香港台灣澳門海外 送貨:速遞郵局服務站

新書上架簡體書 繁體書
暢銷書架簡體書 繁體書
好書推介簡體書 繁體書

11月出版:大陸書 台灣書
十月出版:大陸書 台灣書
九月出版:大陸書 台灣書
八月出版:大陸書 台灣書
七月出版:大陸書 台灣書
六月出版:大陸書 台灣書
五月出版:大陸書 台灣書
四月出版:大陸書 台灣書
三月出版:大陸書 台灣書
二月出版:大陸書 台灣書
一月出版:大陸書 台灣書
12月出版:大陸書 台灣書
11月出版:大陸書 台灣書
十月出版:大陸書 台灣書
九月出版:大陸書 台灣書

『簡體書』基于数据分析的网络安全(影印版)

書城自編碼: 2490233
分類:簡體書→大陸圖書→計算機/網絡信息安全
作者: [美]柯林 著
國際書號(ISBN): 9787564150075
出版社: 东南大学出版社
出版日期: 2014-10-01

頁數/字數: 325/426000
書度/開本: 16开

售價:HK$ 171.6

我要買

share:

** 我創建的書架 **
未登入.


新書推薦:
汉译名著·哲学经典十种
《 汉译名著·哲学经典十种 》

售價:HK$ 761.2
成吉思汗传:看历代帝王将相谋略 修炼安身成事之根本
《 成吉思汗传:看历代帝王将相谋略 修炼安身成事之根本 》

售價:HK$ 61.6
爱丁堡古罗马史-罗马城的起源和共和国的崛起
《 爱丁堡古罗马史-罗马城的起源和共和国的崛起 》

售價:HK$ 76.8
自伤自恋的精神分析
《 自伤自恋的精神分析 》

售價:HK$ 52.8
大宋悬疑录:貔貅刑
《 大宋悬疑录:貔貅刑 》

售價:HK$ 74.8
不被大风吹倒
《 不被大风吹倒 》

售價:HK$ 65.9
人生解忧:佛学入门四十讲
《 人生解忧:佛学入门四十讲 》

售價:HK$ 107.8
东野圭吾:分身(东野圭吾无法再现的双女主之作 奇绝瑰丽、残忍又温情)
《 东野圭吾:分身(东野圭吾无法再现的双女主之作 奇绝瑰丽、残忍又温情) 》

售價:HK$ 64.9

 

建議一齊購買:

+

HK$ 72.2
《函数式编程思想(影印版)》
+

HK$ 144.3
《高性能Python(影印版)》
+

HK$ 192.4
《高性能浏览器网络(影印版)》
+

HK$ 182.9
《软件定义网络(影印版)》
+

HK$ 196.1
《Python数据分析(影印版)》
內容簡介:
传统的入侵检测和日志分析已经不足以保护今天的复杂网络。在这本实用指南里, 安全研究员Michael Collins为你展示了多个采集和分析网络流量数据集的技术和工具。你将理解你的网络是如何被利用的以及有哪些必要手段来保护和改善它。
關於作者:
MichaelCollins是RedJack有限责任公司的首席科学家。这家公司位于美国华盛顿特区,从事网络安全和数据分析。Michael主要负责网络仪器和流量分析,尤其是大流量数据集。
目錄
Preface
PartⅠ.Data
1.Sensors and Detectors: An Introduction
Vantages: How Sensor Placement Affects Data Collection
Domains: Determining Data That Can Be Collected
Actions: What a Sensor Does with Data
Conclusion
2.Network Sensors
Network Layering and Its Impact on Instrumentation
Network Layers and Vantage
Network Layers and Addressing
Packet Data
Packet and Frame Formats
Rolling Buffers
Limiting the Data Captured from Each Packet
Filtering SpeciFic Types of Packets
What Iflt''s Not Ethernet?
NetFlow
NetFlow v5 Formats and Fields
NetFlow Generation and Collection
Further Reading
3.Host and Service Sensors: Logging Traffic at the Source
Accessing and Manipulating LogFiles
The Contents of Logfiles
The Characteristics of a Good Log Message
Existing Logflles and How to Manipulate Them
Representative Logflle Formats
HTTP: CLF and ELF
SMTP
Microsoft Exchange: Message Tracking Logs
Logfile Transport: Transfers,Syslog,and Message Queues
Transfer and Logfrle Rotation
Syslog
Further Reading
4.Data Storage for Analysis: Relational Databases,Big Data,and Other Options
Log Data and the CRUD Paradigm
Creating a Well—Organized Flat File System: Lessons from SiLK
A Brieflntroduction to NoSQL Systems
What Storage Approach to Use
Storage Hierarchy,Query Times,and Aging
PartⅡ.Tools
5.The SiLK Suite
What Is SiLK and How Does It Work?
Acquiring and Installing SiLK
The DataFiles
Choosing and Formatting Output Field Manipulation: rwcut
Basic Field Manipulation: rwfrlter
Ports and Protocols
Size
IP Addresses
Time
TCP Options
Helper Options
Miscellaneous Filtering Options and Some Hacks
rwfileinfo and Provenance
Combining Information Flows: rwcount
rwset and IP Sets
rwuniq
rwbag
Advanced SiLK Faalities
pmaps
Collecting SiLK Data
YAF
rwptoflow
rwtuc
Further Reading
6.An Introduction to R for Security Analysts
Installation and Setup
Basics of the Language
The R Prompt
R Variables
Writing Functions
Conditionals and Iteration
Using the R Workspace
Data Frames
Visualization
Visualization Commands
Parameters to Visualization
Annotating a Visualization
ExportingVisualization
Analysis: Statistical Hypothesis Testing
Hypothesis Testing
Testing Data
Further Reading
7.Classification and Event Tools: IDS,AV,and SEM
How an IDS Works
Basic Vocabulary
Classifler Failure Rates: Understanding the Base—Rate Fallacy
Applying ClassiFication
Improving IDS Performance
Enhancing IDS Detection
Enhanang IDS Response
Prefetching Data
Further Reading
8.Reference and Lookup: Tools for Figuring Out Who Someone ls
MAC and Hardware Addresses
IP Addressing
IPv4 Addresses,Theu Structure,and Significant Addresses
IPv6 Addresses,Their Structure and Significant Addresses
Checking Connectivity: Using ping to Connect to an Address
Tracerouting
IP Intelligence: Geolocation and Demographics
DNS
DNS Name Structure
Forward DNS Querying Using dig
The DNS Reverse Lookup
Using whois to Find Ownership
Additional Reference Tools
DNSBLs
9.More Tools
Visualization
Graphviz
Communications and Probing
netcat
nmap
Scapy
Packet Inspection and Reference
Wireshark
GeoIP
The NVD,Malware Sites,and the C*Es
Search Engines,Mailing Lists,and People
Further Reading
PartⅢ.Analytics
10.Exploratory Data Analysis and Visualization
The Goal of EDA: Applying Analysis
EDA Workflow
Variables and Visualization
Univariate Visualization: Histograms,QQ Plots,Boxplots,and Rank Plots
Histograms
Bar Plots(Not Pie Charts)
The Quantile—Quantile(QQ)Plot
The Five—Number Summary and the Boxplot
Generating a Boxplot
Bivariate Description
Scatterplots
Contingency Tables
Multivariate Visualization
Operationalizing Security Visualization
Further Reading
11.On Fumbling
Attack Models
Fumbling: Misconfiguration,Automation,and Scanning
Lookup Failures
Automation
Scanning
Identifying Fumbling
TCP Fumbling: The State Machine
ICMP Messages and Fumbling
Identifying UDP Fumbling
Fumbling at the Service Level
HTTP Fumbling
SMTP Fumbling
Analyzing Fumbling
Building Fumbling Alarms
Forensic Analysis of Fumbling
Engineering a Network to Take Advantage of Fumbling
Further Reading
12.Volume and Time Analysis
The Workday and Its Impact on Network Traffic Volume
Beaconing
File Transfers/Raiding
Locality
DDoS,Flash Crowds,and Resource Exhaustion
DDoS and Routing Infrastructure
Applying Volume and Locality Analysis
Data Selection
Using Volume as an Alarm
Using Beaconing as an Alarm
Using Locality as an Alarm
Engineering Solutions
Further Reading
13.Graph Analysis
Graph Attributes: What Is a Graph?
Labeling,Weight,and Paths
Components and Connectivity
Clustering Coeffiaent
Analyzing Graphs
Using Component Analysis as an Alarm
Using Centrality Analysis for Forensics
Using Breadth—First Searches Forensically
Using Centrality Analysis for Engineering
Further Reading
14.Application Identification
Mechanisms for Application Identification
Port Number
Application Identiflcation by Banner Grabbing
Application Identification by Behavior
Application Identification by Subsidiary Site
Application Banners: Identifying and Classifying
Non—Web Banners
Web Client Banners: The User—Agent String
Further Reading
15.Network Mapping
Creating an Initial Network Inventory and Map
Creating an Inventory: Data,Coverage,and Files
Phase Ⅰ: The First Three Questions
Phase Ⅱ: Examining the IP Space
Phase Ⅲ: Identifying Blind and Confusing Traffic
Phase Ⅳ: Identifying Clients and Servers
Identifying Sensing and Blocking Infrastructure
Updating the Inventory: Toward Continuous Audit
Further Reading
Index

 

 

書城介紹  | 合作申請 | 索要書目  | 新手入門 | 聯絡方式  | 幫助中心 | 找書說明  | 送貨方式 | 付款方式 香港用户  | 台灣用户 | 海外用户
megBook.com.hk
Copyright © 2013 - 2024 (香港)大書城有限公司  All Rights Reserved.