Atsiliepimai
Aprašymas
This book is designed to provide a starting point for researchers and students in the field of network security. The goal is to help them understand the problem domain, learn how to build an experimental set, and conduct experiments. This book focuses on concepts related to securing computer networks and does not cover cryptography. The book covers the areas of intrusion detection, intrusion prevention, and response systems. This includes processing data collected from network traffic and post-processing alerts generated by the intrusion detection system. Alert post-processing methods include alert aggregation and alert correlation. This book covers the theoretical concepts used in this field of work, supported by empirical examples, to show the reader how these tasks are possible. Concepts such as statistics, principal component analysis, dimensionality reduction, feature selection, classification methods, clustering methods, and expert systems are discussed in this book and used in examples. Finding and creating suitable datasets is also explained in this book. The examples provided are MS-Windows based, coded in C++, and explained in full detail. The examples are implemented in environments such as WEKA, CLIPS, and Visual Studio. The book covers methods for preventing and responding to intrusions. In addition to current methods in this field, the registry and MS-Windows Firewall are among the sections discussed in two chapters of the book. The book focuses primarily on wired networks or networks using TCP/IP-based connections, but there is also discussion of the applicability of these methods to other technologies and methods, such as Wi-Fi, Cookies, Fingerprinting, and Honeypots.
This book is designed to provide a starting point for researchers and students in the field of network security. The goal is to help them understand the problem domain, learn how to build an experimental set, and conduct experiments. This book focuses on concepts related to securing computer networks and does not cover cryptography. The book covers the areas of intrusion detection, intrusion prevention, and response systems. This includes processing data collected from network traffic and post-processing alerts generated by the intrusion detection system. Alert post-processing methods include alert aggregation and alert correlation. This book covers the theoretical concepts used in this field of work, supported by empirical examples, to show the reader how these tasks are possible. Concepts such as statistics, principal component analysis, dimensionality reduction, feature selection, classification methods, clustering methods, and expert systems are discussed in this book and used in examples. Finding and creating suitable datasets is also explained in this book. The examples provided are MS-Windows based, coded in C++, and explained in full detail. The examples are implemented in environments such as WEKA, CLIPS, and Visual Studio. The book covers methods for preventing and responding to intrusions. In addition to current methods in this field, the registry and MS-Windows Firewall are among the sections discussed in two chapters of the book. The book focuses primarily on wired networks or networks using TCP/IP-based connections, but there is also discussion of the applicability of these methods to other technologies and methods, such as Wi-Fi, Cookies, Fingerprinting, and Honeypots.
Atsiliepimai