Security Data Visualization: Graphical Techniques for Network Analysis

Greg Conti

Security Data Visualization: Graphical Techniques for Network Analysis
  • 出版商: No Starch Press
  • 出版日期: 2007-10-01
  • 售價: $1,860
  • 貴賓價: 9.5$1,767
  • 語言: 英文
  • 頁數: 272
  • 裝訂: Paperback
  • ISBN: 1593271433
  • ISBN-13: 9781593271435
  • 相關分類: Data-visualization資訊安全

    • 海外代購書籍(需單獨結帳)

買這商品的人也買了...

相關主題

商品描述

Description

Information overload. If you're responsible for maintaining your network's security, you're living with it every day. Logs, alerts, packet captures, and even binary files take time and effort to analyze using text-based tools—and once your analysis is complete, the picture isn't always clear, or timely. And time is of the essence.

Information visualization is a branch of computer science concerned with modeling complex data using interactive images. When applied to network data, these interactive graphics allow administrators to quickly analyze, understand, and respond to emerging threats and vulnerabilities.

Security Data Visualization is a well-researched and richly illustrated introduction to the field. Greg Conti, creator of the network and security visualization tool RUMINT, shows you how to graph and display network data using a variety of tools so that you can understand complex datasets at a glance. And once you've seen what a network attack looks like, you'll have a better understanding of its low-level behavior—like how vulnerabilities are exploited and how worms and viruses propagate.

You'll learn how to use visualization techniques to:

  • Audit your network for vulnerabilities using free visualization tools, such as AfterGlow and RUMINT
  • See the underlying structure of a text file and explore the faulty security behavior of a Microsoft Word document
  • Gain insight into large amounts of low-level packet data
  • Identify and dissect port scans, Nessus vulnerability assessments, and Metasploit attacks
  • View the global spread of the Sony rootkit, analyze antivirus effectiveness, and monitor widespread network attacks
  • View and analyze firewall and intrusion detection system (IDS) logs

Security visualization systems display data in ways that are illuminating to both professionals and amateurs. Once you've finished reading this book, you'll understand how visualization can make your response to security threats faster and more effective.

 

Table of Contents

Acknowledgments
Introduction
Chapter 1: An Overview of Information Visualization
Chapter 2: The Beauty of Binary File Visualization
Chapter 3: Port Scan Visualization
Chapter 4: Vulnerability Assessment and Exploitation
Chapter 5: One Night on My ISP
Chapter 6: A Survey of Security Visualization
Chapter 7: Firewall Log Visualization
Chapter 8: Intrusion Detection Log Visualization
Chapter 9: Attacking and Defending Visualization Systems
Chapter 10: Creating a Security Visualization System
Chapter 11: Unexplored Territory
Chapter 12: Teaching Yourself

商品描述(中文翻譯)

**描述**

資訊過載。如果您負責維護網路安全,您每天都在面對這個問題。日誌、警報、封包擷取,甚至二進位檔案都需要時間和精力來使用基於文本的工具進行分析—而且一旦您的分析完成,情況並不總是清晰或及時的。而時間至關重要。

資訊視覺化是計算機科學的一個分支,專注於使用互動圖像來建模複雜數據。當應用於網路數據時,這些互動圖形使管理員能夠快速分析、理解並應對新出現的威脅和漏洞。

《安全數據視覺化》是對該領域的深入研究和豐富插圖的介紹。RUMINT 網路和安全視覺化工具的創建者 Greg Conti 向您展示如何使用各種工具來繪製和顯示網路數據,以便您能夠一目了然地理解複雜的數據集。一旦您看到網路攻擊的樣子,您將更好地理解其低層行為—例如漏洞是如何被利用的,以及蠕蟲和病毒是如何傳播的。

您將學會如何使用視覺化技術來:

- 使用免費的視覺化工具(如 AfterGlow 和 RUMINT)對您的網路進行漏洞審計
- 查看文本檔案的底層結構,並探索 Microsoft Word 文件的安全行為缺陷
- 獲取大量低層封包數據的見解
- 識別和剖析端口掃描、Nessus 漏洞評估和 Metasploit 攻擊
- 查看 Sony rootkit 的全球擴散,分析防病毒效果,並監控廣泛的網路攻擊
- 查看和分析防火牆和入侵檢測系統(IDS)日誌

安全視覺化系統以對專業人士和業餘愛好者都有啟發性的方式顯示數據。當您讀完這本書後,您將理解視覺化如何使您對安全威脅的反應更快、更有效。

**目錄**

致謝
介紹
**第 1 章:** 資訊視覺化概述
**第 2 章:** 二進位檔案視覺化的美
**第 3 章:** 端口掃描視覺化
**第 4 章:** 漏洞評估與利用
**第 5 章:** 在我的 ISP 的一夜
**第 6 章:** 安全視覺化調查
**第 7 章:** 防火牆日誌視覺化
**第 8 章:** 入侵檢測日誌視覺化
**第 9 章:** 攻擊與防禦視覺化系統
**第 10 章:** 創建安全視覺化系統
**第 11 章:** 未探索的領域
**第 12 章:** 自學

類似商品