Data-Driven Security: Analysis, Visualization and Dashboards Epub Download

Data-Driven Security: Analysis, Visualization and Dashboards [Paperback]

Author: Jay Jacobs | Language: English | ISBN: 1118793722 | Format: PDF, EPUB

• Description
• Book Details
• Table of Contents
• Book Preview
• Reviews

Data-Driven Security: Analysis, Visualization and Dashboards Epub Download
Download books file now Data-Driven Security: Analysis, Visualization and Dashboards Epub Download for everyone book 4shared, mediafire, hotfile, and mirror link

Uncover hidden patterns of data and respond with countermeasures

Security professionals need all the tools at their disposal to increase their visibility in order to prevent security breaches and attacks. This careful guide explores two of the most powerful ? data analysis and visualization. You'll soon understand how to harness and wield data, from collection and storage to management and analysis as well as visualization and presentation. Using a hands-on approach with real-world examples, this book shows you how to gather feedback, measure the effectiveness of your security methods, and make better decisions.

Everything in this book will have practical application for information security professionals.

• Helps IT and security professionals understand and use data, so they can thwart attacks and understand and visualize vulnerabilities in their networks
• Includes more than a dozen real-world examples and hands-on exercises that demonstrate how to analyze security data and intelligence and translate that information into visualizations that make plain how to prevent attacks
• Covers topics such as how to acquire and prepare security data, use simple statistical methods to detect malware, predict rogue behavior, correlate security events, and more
• Written by a team of well-known experts in the field of security and data analysis

Lock down your networks, prevent hacks, and thwart malware by improving visibility into the environment, all through the power of data and Security Using Data Analysis, Visualization, and Dashboards.

Direct download links available for Data-Driven Security: Analysis, Visualization and Dashboards Epub Download

• Paperback: 352 pages
• Publisher: Wiley; 1 edition (February 24, 2014)
• Language: English
• ISBN-10: 1118793722
• ISBN-13: 978-1118793725
• Product Dimensions: 9.1 x 7.3 x 0.9 inches
• Shipping Weight: 1.8 pounds (View shipping rates and policies)

Introduction xv

Chapter 1 • The Journey to Data-Driven Security 1

A Brief History of Learning from Data  2

Nineteenth Century Data Analysis  2

Twentieth Century Data Analysis  3

Twenty-First Century Data Analysis 4

Gathering Data Analysis Skills 5

Domain Expertise 6

Programming Skills 8

Data Management  10

Statistics  12

Visualization (aka Communication) 14

Combining the Skills  15

Centering on a Question 16

Creating a Good Research Question  17

Exploratory Data Analysis 18

Summary   18

Recommended Reading 19

Chapter 2 • Building Your Analytics Toolbox: A Primer on Using R and Python for Security Analysis  21

Why Python? Why R? And Why Both?  22

Why Python?  23

Why R?  23

Why Both? 24

Jumpstarting Your Python Analytics with Canopy   24

Understanding the Python Data Analysis and Visualization Ecosystem 25

Setting Up Your R Environment 29

Introducing Data Frames 33

Organizing Analyses 36

Summary   37

Recommended Reading 38

Chapter 3 • Learning the “Hello World” of Security Data Analysis 39

Solving a Problem  40

Getting Data41

Reading In Data 43

Exploring Data  47

Homing In on a Question 58

Summary   70

Recommended Reading 70

Chapter 4 • Performing Exploratory Security Data Analysis  71

Dissecting the IP Address73

Representing IP Addresses 73

Segmenting and Grouping IP Addresses  75

Locating IP Addresses  77

Augmenting IP Address Data80

Association/Correlation, Causation, and Security Operations Center Analysts Gone Rogue  86

Mapping Outside the Continents90

Visualizing the ZeuS Botnet  92

Visualizing Your Firewall Data 98

Summary 100

Recommended Reading101

Chapter 5 • From Maps to Regression  103

Simplifying Maps  105

How Many ZeroAccess Infections per Country?  108

Changing the Scope of Your Data 111

The Potwin Effect  113

Is This Weird?  117

Counting in Counties 120

Moving Down to Counties 122

Introducing Linear Regression  125

Understanding Common Pitfalls in Regression Analysis 130

Regression on ZeroAccess Infections  131

Summary 136

Recommended Reading   136

Chapter 6 • Visualizing Security Data 137

Why Visualize?  138

Unraveling Visual Perception 139

Understanding the Components of Visual Communications 144

Avoiding the Third Dimension 144

Using Color 146

Putting It All Together 148

Communicating Distributions 154

Visualizing Time Series 156

Experiment on Your Own 157

Turning Your Data into a Movie Star  158

Summary  159

Recommended Reading   160

Chapter 7 • Learning from Security Breaches  161

Setting Up the Research   162

Considerations in a Data Collection Framework 164

Aiming for Objective Answers  164

Limiting Possible Answers  164

Allowing “Other,” and “Unknown” Options  164

Avoiding Conflation and Merging the Minutiae  165

An Introduction to VERIS 166

Incident Tracking  168

Threat Actor 168

Threat Actions 169

Information Assets 173

Attributes  173

Discovery/Response 176

Impact  176

Victim 177

Indicators  179

Extending VERIS with Plus 179

Seeing VERIS in Action  179

Working with VCDB Data 181

Getting the Most Out of VERIS Data 185

Summary 189

Recommended Reading   189

Chapter 8 • Breaking Up with Your Relational Database  191

Realizing the Container Has Constraints   195

Constrained by Schema  196

Constrained by Storage  198

Constrained by RAM  199

Constrained by Data  200

Exploring Alternative Data Stores   200

BerkeleyDB  201

Redis 203

Hive 207

MongoDB  210

Special Purpose Databases 214

Summary  215

Recommended Reading 216

Chapter 9 • Demystifying Machine Learning 217

Detecting Malware 218

Developing a Machine Learning Algorithm  220

Validating the Algorithm 221

Implementing the Algorithm  222

Benefiting from Machine Learning  226

Answering Questions with Machine Learning  226

Measuring Good Performance 227

Selecting Features  228

Validating Your Model  230

Specific Learning Methods 230

Supervised  231

Unsupervised 234

Hands On: Clustering Breach Data  236

Multidimensional Scaling on Victim Industries  238

Hierarchical Clustering on Victim Industries 240

Summary 242

Recommended Reading   243

Chapter 10 • Designing Effective Security Dashboards 245

What Is a Dashboard, Anyway? 246

A Dashboard Is Not an Automobile  246

A Dashboard Is Not a Report  248

A Dashboard Is Not a Moving Van  251

A Dashboard Is Not an Art Show 253

Communicating and Managing “Security” through Dashboards 258

Lending a Hand to Handlers 258

Raising Dashboard Awareness  260

The Devil (and Incident Response Delays) Is in the Details 262

Projecting “Security” 263

Summary 267

Recommended Reading   267

Chapter 11 • Building Interactive Security Visualizations  269

Moving from Static to Interactive270

Interaction for Augmentation  271

Interaction for Exploration  274

Interaction for Illumination  276

Developing Interactive Visualizations 281

Building Interactive Dashboards with Tableau  281

Building Browser-Based Visualizations with D3 284

Summary 294

Recommended Reading   295

Chapter 12 • Moving Toward Data-Driven Security 297

Moving Yourself toward Data-Driven Security 298

The Hacker  299

The Statistician  302

The Security Domain Expert 302

The Danger Zone  303

Moving Your Organization toward Data-Driven Security   303

Ask Questions That Have Objective Answers  304

Find and Collect Relevant Data 304

Learn through Iteration  305

Find Statistics 306

Summary 308

Recommended Reading   308

Appendix A • Resources and Tools  309

Appendix B • References  313

Index •  321

The book covers the concepts, tools and techniques that can be used to analyze different types of information security data sets and explains many of the common pitfalls in both approach and interpretation of the results of this analysis. It's effectively a perfect introduction to data science/analysis for information security!

The book starts off by introducing the reader to what data analysis is, covering historical concepts and how to create a good question to answer with analysis, rather than simply analyzing data for the sake of it.

It then moves on to provide an introduction to the R programming language, a free statistical programming language, and also how they us Python in conjunction with R to analyze data.

The book is very practically oriented, encouraging the reader to start playing around with both Python and R by providing full coded examples of all the analysis performed in each chapter. To make life easier, all the code examples can be downloaded from the books website and any data sets used for analysis are either publicly available already or can be downloaded with the source code.

Once you get your head around the basics of using the tools for analysis, the book then walks through examples of the different types of analysis that information security data sets may require, covering things like exploring data sets of malware infections, performing regression analysis on malware data and applying machine learning to breach data. Throughout the examples, the book puts a strong emphasis on visualization of data including both the common mistakes in presenting data analysis and also looks both at static and interactive visualization.

{shorttile} Epub Download

Please Wait...