Practical Intrusion Analysis: Prevention and Detection for the Twenty-First Century: Prevention and Detection for the Twenty-First Century (häftad)
Fler böcker inom
Format
Häftad (Paperback)
Språk
Engelska
Antal sidor
480
Utgivningsdatum
2009-07-01
Upplaga
1
Förlag
ADDISON-WESLEY
Illustratör/Fotograf
illustrations
Illustrationer
illustrations
Dimensioner
234 x 177 x 27 mm
Vikt
781 g
Antal komponenter
1
ISBN
9780321591807

Practical Intrusion Analysis: Prevention and Detection for the Twenty-First Century: Prevention and Detection for the Twenty-First Century

av Ryan Trost
Häftad,  Engelska, 2009-07-01

Slutsåld

Practical Intrusion Analysis provides a solid fundamental overview of the art and science of intrusion analysis.

Nate Miller, Cofounder, Stratum Security

The Only Definitive Guide to New State-of-the-Art Techniques in Intrusion Detection and Prevention

Recently, powerful innovations in intrusion detection and prevention have evolved in response to emerging threats and changing business environments. However, security practitioners have found little reliable, usable information about these new IDS/IPS technologies. In Practical Intrusion Analysis, one of the fields leading experts brings together these innovations for the first time and demonstrates how they can be used to analyze attacks, mitigate damage, and track attackers.

Ryan Trost reviews the fundamental techniques and business drivers of intrusion detection and prevention by analyzing todays new vulnerabilities and attack vectors. Next, he presents complete explanations of powerful new IDS/IPS methodologies based on Network Behavioral Analysis (NBA), data visualization, geospatial analysis, and more.

Writing for security practitioners and managers at all experience levels, Trost introduces new solutions for virtually every environment. Coverage includes
  • Assessing the strengths and limitations of mainstream monitoring tools and IDS technologies
  • Using Attack Graphs to map paths of network vulnerability and becoming more proactive about preventing intrusions
  • Analyzing network behavior to immediately detect polymorphic worms, zero-day exploits, and botnet DoS attacks
  • Understanding the theory, advantages, and disadvantages of the latest Web Application Firewalls
  • Implementing IDS/IPS systems that protect wireless data traffic
  • Enhancing your intrusion detection efforts by converging with physical security defenses
  • Identifying attackers geographical fingerprints and using that information to respond more effectively
  • Visualizing data traffic to identify suspicious patterns more quickly
  • Revisiting intrusion detection ROI in light of new threats, compliance risks, and technical alternatives
Includes contributions from these leading network security experts:

Jeff Forristal, a.k.a. Rain Forest Puppy, senior security professional and creator of libwhisker

Seth Fogie, CEO, Airscanner USA; leading-edge mobile security researcher; coauthor of Security Warrior

Dr. Sushil Jajodia, Director, Center for Secure Information Systems; founding Editor-in-Chief, Journal of Computer Security

Dr. Steven Noel, Associate Director and Senior Research Scientist, Center for Secure Information Systems, George Mason University

Alex Kirk, Member, Sourcefire Vulnerability Research Team

...
Visa hela texten

Kundrecensioner

Har du läst boken? Sätt ditt betyg »

Övrig information

Ryan Trost, Director of Security and Data Privacy Officer at Comprehensive Health Services, oversees the organization's security and privacy decisions. He teaches Ethical Hacking, Intrusion Detection, and Data Visualization at Northern Virginia Community College. He is one of the world's leading experts in geospatial intrusion detection techniques. Trost participated as a RedTeamer in the first annual Collegiate Cyber Defensive Competition (CCDC), and served as a Senior Security consultant for several government agencies before transitioning to the private sector. He holds an MS degree in Computer Science from George Washington University.

Innehållsförteckning

Preface     xv

Chapter 1: Network Overview     1

Chapter 2: Infrastructure Monitoring     31

Chapter 3: Intrusion Detection Systems     53

Chapter 4: Lifecycle of a Vulnerability     87

Chapter 5: Proactive Intrusion Prevention and Response via Attack Graphs     119

Chapter 6: Network Flows and Anomaly Detection     151

Chapter 7: Web Application Firewalls     185

Chapter 8: Wireless IDS/IPS     209

Chapter 9: Physical Intrusion Detection for IT     235

Chapter 10: Geospatial Intrusion Detection     275

Chapter 11: Visual Data Communications     347

Chapter 12: Return on Investment: Business Justification     391

Appendix: Bro Installation Guide     435

Index     441

 

Du kanske gillar