Practical Intrusion Analysis: Prevention and Detection for the Twenty-First Century

Practical Intrusion Analysis: Prevention and Detection for the Twenty-First Century
ISBN-10
0321591887
ISBN-13
9780321591883
Category
Computers
Pages
480
Language
English
Published
2009-06-24
Publisher
Pearson Education
Author
Ryan Trost

Description

“Practical Intrusion Analysis provides a solid fundamental overview of the art and science of intrusion analysis.” –Nate Miller, Cofounder, Stratum Security The Only Definitive Guide to New State-of-the-Art Techniques in Intrusion Detection and Prevention Recently, powerful innovations in intrusion detection and prevention have evolved in response to emerging threats and changing business environments. However, security practitioners have found little reliable, usable information about these new IDS/IPS technologies. In Practical Intrusion Analysis, one of the field’s leading experts brings together these innovations for the first time and demonstrates how they can be used to analyze attacks, mitigate damage, and track attackers. Ryan Trost reviews the fundamental techniques and business drivers of intrusion detection and prevention by analyzing today’s new vulnerabilities and attack vectors. Next, he presents complete explanations of powerful new IDS/IPS methodologies based on Network Behavioral Analysis (NBA), data visualization, geospatial analysis, and more. Writing for security practitioners and managers at all experience levels, Trost introduces new solutions for virtually every environment. Coverage includes Assessing the strengths and limitations of mainstream monitoring tools and IDS technologies Using Attack Graphs to map paths of network vulnerability and becoming more proactive about preventing intrusions Analyzing network behavior to immediately detect polymorphic worms, zero-day exploits, and botnet DoS attacks Understanding the theory, advantages, and disadvantages of the latest Web Application Firewalls Implementing IDS/IPS systems that protect wireless data traffic Enhancing your intrusion detection efforts by converging with physical security defenses Identifying attackers’ “geographical fingerprints” and using that information to respond more effectively Visualizing data traffic to identify suspicious patterns more quickly Revisiting intrusion detection ROI in light of new threats, compliance risks, and technical alternatives Includes contributions from these leading network security experts: Jeff Forristal, a.k.a. Rain Forest Puppy, senior security professional and creator of libwhisker Seth Fogie, CEO, Airscanner USA; leading-edge mobile security researcher; coauthor of Security Warrior Dr. Sushil Jajodia, Director, Center for Secure Information Systems; founding Editor-in-Chief, Journal of Computer Security Dr. Steven Noel, Associate Director and Senior Research Scientist, Center for Secure Information Systems, George Mason University Alex Kirk, Member, Sourcefire Vulnerability Research Team

Get the book

Amazon.com
Amazon.com
Search the book
eBay.com
eBay.com
Search the book

Similar books

  • Family History Digital Libraries
    Family History Digital Libraries
    By William Sims Bainbridge

    One named Sara and Timberlake had 11 male workers, 1 female worker, and 4 children workers, so it might have employed the Minor family.

  • Foundation Dreamweaver MX
    Foundation Dreamweaver MX
    By Craig Grannell, Jerome Turner, Matt Stephens

    So here's what we need to do to arrive at our layout: s Create the main table to hold all the page elements. s Deal with the navigation area which is ...

  • Cisco CCNA Certification, 2 Volume Set: Exam 200-301
    Cisco CCNA Certification, 2 Volume Set: Exam 200-301
    By Todd Lammle

    This inclusive, two-book set provides what you need to know to succeed on the new CCNA exam. The set includes Understanding Cisco Networking Technologies: Volume 1 and the CCNA Certification Study Guide: Volume 2.

  • CompTIA Network+ Study Guide: Exam N10-006
    CompTIA Network+ Study Guide: Exam N10-006
    By Todd Lammle

    ... you can use: –a –A –c –n –r –R –S –s All nbtstat switches are case sensitive. Generally speaking, lowercase switches deal with NetBIOS names of hosts, ...

  • CompTIA Network+ Study Guide with Online Labs: N10-007 Exam
    CompTIA Network+ Study Guide with Online Labs: N10-007 Exam
    By Todd Lammle, Jon Buhagiar

    ... you can use: –a –A –c –n –r –R –S –s All nbtstat switches are case sensitive. Generally speaking, lowercase switches deal with NetBIOS names of hosts, ...

  • CCNA: Cisco Certified Network Associate FastPass
    CCNA: Cisco Certified Network Associate FastPass
    By Todd Lammle

    S The S reference point defines the point between the customer router and an ... with the letter E deal with using ISDN on the existing telephone network.

  • Stranger in the Chat Room
    Stranger in the Chat Room
    By Todd Hafer, Jedd Hafer

    A sequel to In the Chat Room With God finds a group of teens contacted by a mysterious and increasingly malevolent character who claims to know about their encounters with the Almighty and challenges their beliefs. Original.

  • Error Correction Coding: Mathematical Methods and Algorithms
    Error Correction Coding: Mathematical Methods and Algorithms
    By Todd K. Moon

    M M−1∑ k=0 −∞ ∞ k=0 The average energy per signal E s ∫ can be related to the ... we will deal primarily with additive white Gaussian noise (AWGN), ...

  • Security+ Training Guide
    Security+ Training Guide
    By Todd King

    ... to deal with most , but unfortunately not all , of these potential threats . ... The S / MIME standard implements encryption for message content using ...

  • CCDA: Cisco Certified Design Associate Study Guide: Exam 640-861
    CCDA: Cisco Certified Design Associate Study Guide: Exam 640-861
    By Todd Lammle, Andy Barkl

    S reference point The S reference point defines the reference point between ... with the letter E deal with using ISDN on the existing telephone network.