Security Data Visualization
Security Data Visualization
副标题: Graphical Techniques for Network Analysis
ISBN: 9781593271435
出版社: No Starch Press
出版年: 2007-10-01
页数: 244
定价: USD 49.95
装帧: Paperback
内容简介
Information overload. If you're responsible for maintaining your network's security, you're living with it every day. Logs, alerts, packet captures, and even binary files take time and effort to analyze using text-based tools - and once your analysis is complete, the picture isn't always clear, or timely. And time is of the essence. Information visualization is a branch of computer science concerned with modeling complex data using interactive images. When applied to network data, these interactive graphics allow administrators to quickly analyze, understand, and respond to emerging threats and vulnerabilities. "Security Data Visualization" is a well-researched and richly illustrated introduction to the field. Greg Conti, creator of the network and security visualization tool RUMINT, shows you how to graph and display network data using a variety of tools so that you can understand complex datasets at a glance. And once you've seen what a network attack looks like, you'll have a better understanding of its low-level behavior - like how vulnerabilities are exploited and how worms and viruses propagate. You'll learn how to use visualization techniques to: Audit your network for vulnerabilities using free visualization tools, such as AfterGlow and RUMINT See the underlying structure of a text file and explore the faulty security behavior of a Microsoft Word document Gain insight into large amounts of low-level packet data Identify and dissect port scans, Nessus vulnerability assessments, and Metasploit attacks View the global spread of the Sony rootkit, analyze antivirus effectiveness, and monitor widespread network attacks View and analyze firewall and intrusion detectionsystem (IDS) logs Security visualization systems display data in ways that are illuminating to both professionals and amateurs. Once you've finished reading this book, you'll understand how visualization can make your response to security threats faster and more effective
作者简介
Gregory Conti, an Assistant Professor of Computer Science at the U.S. Military Academy in West Point, N.Y., has been featured in IEEE Security and Privacy magazine, the Communications of the ACM, and IEEE Computer Graphics and Applications magazine. He has spoken at a wide range of academic and hacker conferences, including Black Hat, DEFCON and the Workshop on Visualization for Computer Security (VizSEC). Conti runs the open source security visualization project, RUMINT, http://www.rumint.org/.
目录
Acknowledgments
Introduction
Chapter 1: An Overview of Information Visualization
Chapter 2: The Beauty of Binary File Visualization
Chapter 3: Port Scan Visualization
Chapter 4: Vulnerability Assessment and Exploitation
Chapter 5: One Night on My ISP
Chapter 6: A Survey of Security Visualization
Chapter 7: Firewall Log Visualization
Chapter 8: Intrusion Detection Log Visualization
Chapter 9: Attacking and Defending Visualization Systems
Chapter 10: Creating a Security Visualization System
Chapter 11: Unexplored Territory
Chapter 12: Teaching Yourself