HAPPY BOOKSGIVING
Use code BOOKSGIVING during checkout to save 40%-55% on books and eBooks. Shop now.
Register your product to gain access to bonus material or receive a coupon.
This eBook includes the following formats, accessible from your Account page after purchase:
EPUB The open industry format known for its reflowable content and usability on supported mobile devices.
PDF The popular standard, used most often with the free Acrobat® Reader® software.
This eBook requires no passwords or activation to read. We customize your eBook by discreetly watermarking it with your name, making it uniquely yours.
“Practical Intrusion Analysis provides a solid fundamental overview of the art and science of intrusion analysis.”
—Nate Miller, Cofounder, Stratum Security
The Only Definitive Guide to New State-of-the-Art Techniques in Intrusion Detection and Prevention
Recently, powerful innovations in intrusion detection and prevention have evolved in response to emerging threats and changing business environments. However, security practitioners have found little reliable, usable information about these new IDS/IPS technologies. In Practical Intrusion Analysis, one of the field’s leading experts brings together these innovations for the first time and demonstrates how they can be used to analyze attacks, mitigate damage, and track attackers.
Ryan Trost reviews the fundamental techniques and business drivers of intrusion detection and prevention by analyzing today’s new vulnerabilities and attack vectors. Next, he presents complete explanations of powerful new IDS/IPS methodologies based on Network Behavioral Analysis (NBA), data visualization, geospatial analysis, and more.
Writing for security practitioners and managers at all experience levels, Trost introduces new solutions for virtually every environment. Coverage includes
Includes contributions from these leading network security experts:
Jeff Forristal, a.k.a. Rain Forest Puppy, senior security professional and creator of libwhisker
Seth Fogie, CEO, Airscanner USA; leading-edge mobile security researcher; coauthor of Security Warrior
Dr. Sushil Jajodia, Director, Center for Secure Information Systems; founding Editor-in-Chief, Journal of Computer Security
Dr. Steven Noel, Associate Director and Senior Research Scientist, Center for Secure Information Systems, George Mason University
Alex Kirk, Member, Sourcefire Vulnerability Research Team
Preface xv
Chapter 1: Network Overview 1
Chapter 2: Infrastructure Monitoring 31
Chapter 3: Intrusion Detection Systems 53
Chapter 4: Lifecycle of a Vulnerability 87
Chapter 5: Proactive Intrusion Prevention and Response via Attack Graphs 119
Chapter 6: Network Flows and Anomaly Detection 151
Chapter 7: Web Application Firewalls 185
Chapter 8: Wireless IDS/IPS 209
Chapter 9: Physical Intrusion Detection for IT 235
Chapter 10: Geospatial Intrusion Detection 275
Chapter 11: Visual Data Communications 347
Chapter 12: Return on Investment: Business Justification 391
Appendix: Bro Installation Guide 435
Index 441