{{sellerTotalView > 1 ? __("sellers", {number: sellerTotalView}) : __("seller", {number: sellerTotalView}) }}, {{numTotalView > 1 ? __("items", {number: numTotalView}) : __("item", {number: numTotalView}) }}
免运费
Yami

Nickname

请告诉我们怎么更好地称呼你

更新你的名字
账户 订单 收藏
{{ inviteNavTitle }}
退出登录

切换配送区域

不同区域的库存和配送时效可能存在差异.

历史邮编

{{email ? __('Got it!') : __('Restock Alert')}}

我们将在商品到货后第一时间通知你。

取消
Yami

京东图书

基于数据分析的网络安全(影印版)

{{buttonTypePin == 3 ? __("Scan to view more PinGo") : __("Scan to start")}}

基于数据分析的网络安全(影印版)

{{__(":people-members", {'people': item.limit_people_count})}} {{ itemCurrency }}{{ item.valid_price }} {{ itemCurrency }}{{ item.invalid_price }} {{ itemDiscount }}
后结束
{{ itemCurrency }}{{ item.valid_price }}
{{ itemCurrency }}{{ priceFormat(item.valid_price / item.bundle_specification) }}/{{ item.unit }}
{{ itemDiscount }}
{{ itemCurrency }}{{ item.valid_price }} {{ itemCurrency }}{{ priceFormat(item.valid_price / item.bundle_specification) }}/{{ item.unit }} {{ itemCurrency }}{{ item.invalid_price }} {{itemDiscount}}
{{ itemCurrency }}{{ item.valid_price }}
后结束促销
后开始秒杀 后结束秒杀
{{ getSeckillDesc(item.seckill_data) }}
{{ __( "Pay with Gift Card to get sale price: :itemCurrency:price", { 'itemCurrency' : itemCurrency, 'price' : (item.giftcard_price ? priceFormat(item.giftcard_price) : '0.00') } ) }} ({{ itemCurrency }}{{ priceFormat(item.giftcard_price / item.bundle_specification) }}/{{ item.unit }}) 详情
商品有效期

已下架

当前地址无法配送
已售完

商品描述

展开全部描述
内容简介

《基于数据分析的网络安全(影印版)》分成3个部分,包括采集和组织数据的流程、多种分析工具以及几个不同的分析场景和技术。它很适合网络管理员和熟悉脚本的运行安全分析员。传统的入侵检测和日志分析已经不足以保护今天的复杂网络。在这本实用指南里,安全研究员Michael Collins为你展示了多个采集和分析网络流量数据集的技术和工具。你将理解你的网络是如何被利用的以及有哪些必要手段来保护和改善它。
目录

Preface
PartI.Data
1.Sensors and Detectors: An Introduction
Vantages: How Sensor Placement Affects Data Collection
Domains: Determining Data That Can Be Collected
Actions: What a Sensor Does with Data
Conclusion
2.Network Sensors
Network Layering and Its Impact on Instrumentation
Network Layers and Vantage
Network Layers and Addressing
Packet Data
Packet and Frame Formats
Rolling Buffers
Limiting the Data Captured from Each Packet
Filtering SpeciFic Types of Packets
What Iflt's Not Ethernet?
NetFlow
NetFlow v5 Formats and Fields
NetFlow Generation and Collection
Further Reading
3.Host and Service Sensors: Logging Traffic at the Source
Accessing and Manipulating LogFiles
The Contents of Logfiles
The Characteristics of a Good Log Message
Existing Logflles and How to Manipulate Them
Representative Logflle Formats
HTTP: CLF and ELF
SMTP
Microsoft Exchange: Message Tracking Logs
Logfile Transport: Transfers,Syslog,and Message Queues
Transfer and Logfrle Rotation
Syslog
Further Reading
4.Data Storage for Analysis: Relational Databases,Big Data,and Other Options
Log Data and the CRUD Paradigm
Creating a Well—Organized Flat File System: Lessons from SiLK
A Brieflntroduction to NoSQL Systems
What Storage Approach to Use
Storage Hierarchy,Query Times,and Aging
Partll.Tools
5.The SiLK Suite
What Is SiLK and How Does It Work?
Acquiring and Installing SiLK
The DataFiles
Choosing and Formatting Output Field Manipulation: rwcut
Basic Field Manipulation: rwfrlter
Ports and Protocols
Size
IP Addresses
Time
TCP Options
Helper Options
Miscellaneous Filtering Options and Some Hacks
rwfileinfo and Provenance
Combining Information Flows: rwcount
rwset and IP Sets
rwuniq
rwbag
Advanced SiLK Faalities
pmaps
Collecting SiLK Data
YAF
rwptoflow
rwtuc
Further Reading
6.An Introduction to R for Security Analysts
Installation and Setup
Basics of the Language
The R Prompt
R Variables
Writing Functions
Conditionals and Iteration
Using the R Workspace
Data Frames
Visualization
Visualization Commands
Parameters to Visualization
Annotating a Visualization
ExportingVisualization
Analysis: Statistical Hypothesis Testing
Hypothesis Testing
Testing Data
Further Reading
7.Classification and Event Tools: IDS,AV,and SEM
How an IDS Works
Basic Vocabulary
Classifler Failure Rates: Understanding the Base—Rate Fallacy
Applying ClassiFication
Improving IDS Performance
Enhancing IDS Detection
Enhanang IDS Response
Prefetching Data
Further Reading
8.Reference and Lookup: Tools for Figuring Out Who Someone ls
MAC and Hardware Addresses
IP Addressing
IPv4 Addresses,Theu Structure,and Significant Addresses
IPv6 Addresses,Their Structure and Significant Addresses
Checking Connectivity: Using ping to Connect to an Address
Tracerouting
IP Intelligence: Geolocation and Demographics
DNS
DNS Name Structure
Forward DNS Querying Using dig
The DNS Reverse Lookup
Using whois to Find Ownership
Additional Reference Tools
DNSBLs
9,More Tools
Visualization
Graphviz
Communications and Probing
netcat
nmap
Scapy
Packet Inspection and Reference
Wireshark
GeoIP
The NVD,Malware Sites,and the C*Es
Search Engines,Mailing Lists,and People
Further Reading
Partlll.Analytics
10.Exploratory Data Analysis and Visualization
The Goal of EDA: Applying Analysis
EDA Workflow
Variables and Visualization
Univariate Visualization: Histograms,QQ Plots,Boxplots,and Rank Plots
Histograms
Bar Plots(Not Pie Charts)
The Quantile—Quantile(QQ)Plot
The Five—Number Summary and the Boxplot
Generating a Boxplot
Bivariate Description
Scatterplots
Contingency Tables
Multivariate Visualization
Operationalizing Security Visualization
Further Reading
11.On Fumbling
Attack Models
Fumbling: Misconfiguration,Automation,and Scanning
Lookup Failures
Automation
Scanning
Identifying Fumbling
TCP Fumbling: The State Machine
ICMP Messages and Fumbling
Identifying UDP Fumbling
Fumbling at the Service Level
HTTP Fumbling
SMTP Fumbling
Analyzing Fumbling
Building Fumbling Alarms
Forensic Analysis of Fumbling
Engineering a Network to Take Advantage of Fumbling
Further Reading
12.Volume and Time Analysis
The Workday and Its Impact on Network Traffic Volume
Beaconing
File Transfers/Raiding
Locality
DDoS,Flash Crowds,and Resource Exhaustion
DDoS and Routing Infrastructure
Applying Volume and Locality Analysis
Data Selection
Using Volume as an Alarm
Using Beaconing as an Alarm
Using Locality as an Alarm
Engineering Solutions
Further Reading
13.Graph Analysis
Graph Attributes: What Is a Graph?
Labeling,Weight,and Paths
Components and Connectivity
Clustering Coeffiaent
Analyzing Graphs
Using Component Analysis as an Alarm
Using Centrality Analysis for Forensics
Using Breadth—First Searches Forensically
Using Centrality Analysis for Engineering
Further Reading
14.Application Identification
Mechanisms for Application Identification
Port Number
Application Identiflcation by Banner Grabbing
Application Identification by Behavior
Application Identification by Subsidiary Site
Application Banners: Identifying and Classifying
Non—Web Banners
Web Client Banners: The User—Agent String
Further Reading
15.Network Mapping
Creating an Initial Network Inventory and Map
Creating an Inventory: Data,Coverage,and Files
Phase Ⅰ: The First Three Questions
Phase Ⅱ: Examining the IP Space
Phase Ⅲ: Identifying Blind and Confusing Traffic
Phase Ⅳ: Identifying Clients and Servers
Identifying Sensing and Blocking Infrastructure
Updating the Inventory: Toward Continuous Audit
Further Reading
Index
前言/序言

CHAPTER 2 Network Sensors
A network sensor collects data directly from network traffic without the agency of anintermediary application,making them different from the host—based sensors discussedin Chapter 3.Examples include NetFlow sensors on a router and sensors that collecttraffic using a sniffing tool such as tcpdump.
The challenge ofnetwork traffic is the challenge you face with all log data:actual securityevents are rare,and data costs time and storage space.Where available,log data ispreferable because it‘s clean(a high—level event is recorded in the log data)and compact.The same event in network trafflC would have to be extracted from millions of packets.which can often be redundant,encrypted,or unreadable.At the same time,it is veryeasy for an attacker to manipulate network traffic and produce legitimate—looking butcompletely bogus sessions on the wire.An event summed up in a 300一byte log recordcould easily be megabytes of packet data,wherein only the first 1 0 packets have anyanalytic value.
That’s the bad news.The good news is that network traffiC‘S“protocol agnosticism;’forlack of a better term,means that it is also your best source for identifying blind spots inyour auditing.Host—based collection systems require knowing that the host exists in thefirst place,and there are numerous cases where you’re likely not to know that a particularservice is running until you see its traffic on the wire.Network traffic provides a viewof the network with minimal assumptions--it tells you about hosts on the network youdOn‘t know existed、backdoors you weren’t aware of,attackers already inside your bor—der,and routes through your network you never considered.At the same time,whenvou face a zero—day vulnerability or new malware,packet data may be the only datasource you have.
……

规格参数

品牌 京东图书
品牌属地 中国
ISBN 9787564150075
著者 Michael Collins
出版社 东南大学出版社
印刷时间 2014-10-01
用纸 胶版纸
包装 平装
出版时间 2014-10-01
页数 325
语言 英文
版次 1

免责声明

产品价格、包装、规格等信息如有调整,恕不另行通知。我们尽量做到及时更新产品信息,但请以收到实物为准。使用产品前,请始终阅读产品随附的标签、警告及说明。

查看详情
加入收藏
{{ $isZh ? coupon.coupon_name_sub : coupon.coupon_ename_sub | formatCurrency }}
{{__("Buy Directly")}} {{ itemCurrency }}{{ item.directly_price }}
数量
{{ quantity }}
{{ instockMsg }}
{{ limitText }}
{{buttonTypePin == 3 ? __("Scan to view more PinGo") : __("Scan to start")}}
由 京东图书 销售
送至
{{ __("Ship to United States only") }}
满$69免运费
正品保证

已加入购物车

继续逛逛

为你推荐

{{ item.brand_name }}

{{ item.item_name }}

{{ item.currency }}{{ item.market_price }}

{{ item.currency }}{{ item.unit_price }}

{{ item.currency }}{{ item.unit_price }}

优惠券

{{ coupon.coupon_name_new | formatCurrency }}
领取 已领取 已领完
{{ getCouponDescStr(coupon) }}
{{ coupon.use_time_desc }}
即将过期: {{ formatTime(coupon.use_end_time) }}

分享给好友

取消

亚米礼卡专享价

使用礼卡支付即可获得礼卡专享价

规则说明

礼卡专享价是部分商品拥有的特殊优惠价格;

购买礼卡专享价商品时,若在结算时使用电子礼卡抵扣支付,且礼卡余额足够支付订单中所有礼卡专享价商品的专享价总和,则可以启用礼卡专享价;

不使用礼卡支付,或礼卡余额不满足上一条所述要求时,将无法启用礼卡专享价,按照普通售价计算,但您仍然可以购买这些商品;

在购买礼卡专享价商品时,若余额不足,可以在购物车或结算页中点击“充值”按钮对礼卡进行购买和充值;

商品若拥有礼卡专享价,会显示“专享”的特殊价格标记;

如有疑问,请随时联系客服;

礼卡专享价相关规则最终解释权归亚米所有。

由 亚米 销售

服务保障

Yami 满$49免运费
Yami 无忧退换
Yami 从美国发货

配送信息

  • 美国

    标准配送 $5.99(不包含阿拉斯加,夏威夷),最终价满$49免运费

    本地配送$5.99(加州,纽约州,新泽西,麻省和宾夕法尼亚,以上州部分地区);最终价满$49免运费

    两日达(包含阿拉斯加夏威夷)运费$19.99起

退换政策

亚米网希望为我们的客户提供最优秀的售后服务,让所有人都能放心在亚米购物。亚米自营商品在满足退换货条件的情况下,可在收到包裹的30天之内退换商品(食品因商品质量问题7天内可退换;为了确保每位客户都能获得安全和高质量的商品,对于美妆类产品,一经开封或使用即不提供退款或退货服务,质量问题除外;其他特殊商品需联系客服咨询)。
感谢您的理解和支持。

查看详情

由 亚米 销售

亚米电子礼品卡使用规则

若购买时选择自动充值,订单完成后礼卡将自动充值到您的账户中;

若购买时选择发送邮件,订单完成后系统将自动发送卡号和密码到您填写的邮箱;

发送邮件时,任何用户均可使用邮件中的卡号密码进行礼卡充值,请妥善保管邮件信息。

如接收邮件遇到问题,请联系客服处理;

发送邮件时,若礼卡没有被兑换,可以补发邮件。若已经被其他用户兑换,则无法补偿;

亚米网电子礼卡可用于购买自营或第三方商品;

亚米网电子礼卡没有有效期限制,长期有效;

亚米网电子礼卡的金额,可分多次使用;

亚米网电子礼卡业务规则,最终解释权归亚米网所有。

退换政策

已消费的电子礼卡不支持退款。

京东图书 销售

服务保障

Yami 满$49免运费
Yami 最优售后
Yami 美国本土发货

配送信息

  • 美国

    标准配送 $5.99(不包含阿拉斯加,夏威夷),最终价满$49免运费

    本地配送$5.99(加州,纽约州,新泽西,麻省和宾夕法尼亚,以上州部分地区);最终价满$49免运费

    两日达(包含阿拉斯加夏威夷)运费$19.99起

退换政策

提供30天内退还保障。产品需全新未使用原包装内,并附有购买凭据。产品质量问题、或错发漏发等,由商家造成的失误,将进行补发,或退款处理。其它原因需退货费用由客户自行承担。

由 京东图书 销售

服务保障

Yami 跨店满$69免运费
Yami 30天退换保障

亚米-中国集运仓

由亚米从中国精选并集合各大优秀店铺的商品至亚米中国整合中心,合并包裹后将一次合包跨国邮寄至您的地址。跨店铺包邮门槛低至$69。您将在多商家集合提供的广泛选品中选购商品,轻松享受跨店铺包邮后的低邮费。

退换政策

提供30天内退换保障。产品需在全新未使用的原包装内,并附有购买凭据。产品质量问题、错发、或漏发等由商家造成的失误,将进行退款处理。其它原因造成的退换货邮费客户将需要自行承担。由于所有商品均长途跋涉,偶有简易外包压磨等但不涉及内部质量问题者,不予退换。

配送信息

亚米中国集运 Consolidated Shipping 运费$9.99(订单满$69 包邮)

下单后2个工作日中国商家发货,所有包裹抵达亚米中国整合中心(除特别情况及中国境内个别法定节假日外)会合并包裹后通过UPS发往美国。UPS从中国发货后到美国境内的平均时间为10个工作日左右,根据直发单号可随时跟踪查询。受疫情影响,目前物流可能延迟5天左右。包裹需要客人签收。如未签收,客人须承担包裹丢失风险。

由 京东图书 销售

服务保障

满$69免运费
正品保证

配送信息

Yami Consolidated Shipping 运费$9.99(订单满$69包邮)


下单后1-2个工作日内发货。 物流时效预计7-15个工作日。 如遇清关,交货时间将延长3-7天。 最终收货日期以邮政公司信息为准。

积分规则

不参加任何折扣活动以及亚米会员积分制度。

退换政策

提供30天内退还保障。产品需全新未使用原包装内,并附有购买凭据。产品质量问题、或错发漏发等,由商家造成的失误,将进行补发,或退款处理。其它原因需退货费用由客户自行承担。

Yami

下载亚米应用

返回顶部

为你推荐

品牌故事

京东图书

为您推荐

Yami
欣葉
2种选择
欣叶 御大福 芋头麻薯 180g

周销量 600+

$1.66 $1.99 83折
Yami
欣葉
2种选择
欣叶 御大福 芋头麻薯 180g

周销量 600+

$1.66 $1.99 83折
Yami
欣葉
2种选择
欣叶 御大福 芋头麻薯 180g

周销量 600+

$1.66 $1.99 83折
Yami
欣葉
2种选择
欣叶 御大福 芋头麻薯 180g

周销量 600+

$1.66 $1.99 83折
Yami
欣葉
2种选择
欣叶 御大福 芋头麻薯 180g

周销量 600+

$1.66 $1.99 83折
Yami
欣葉
2种选择
欣叶 御大福 芋头麻薯 180g

周销量 600+

$1.66 $1.99 83折

评论{{'('+ commentList.posts_count + ')'}}

分享你的感受,帮助更多用户做出选择。

写评论
{{ totalRating }} 写评论
  • {{i}}星

    {{i}}星

    {{ parseInt(commentRatingList[i]) }}%

Yami Yami
{{ comment.user_name }}

{{ showTranslate(comment) }}收起

{{ strLimit(comment,800) }}查看全部

Show Original

{{ comment.content }}

Yami
查看更多

{{ formatTime(comment.in_dtm) }} 已购买 {{groupData}}

{{ comment.likes_count }} {{ comment.likes_count }} {{ comment.reply_count }} {{comment.in_user==uid ? __('Delete') : __('Report')}}
Yami Yami
{{ comment.user_name }}

{{ showTranslate(comment) }}收起

{{ strLimit(comment,800) }}查看全部

Show Original

{{ comment.content }}

Yami
查看更多

{{ formatTime(comment.in_dtm) }} 已购买 {{groupData}}

{{ comment.likes_count }} {{ comment.likes_count }} {{ comment.reply_count }} {{comment.in_user==uid ? __('Delete') : __('Report')}}

暂无符合条件的评论

评论详情

Yami Yami

{{ showTranslate(commentDetails) }}收起

{{ strLimit(commentDetails,800) }}查看全部

Show Original

{{ commentDetails.content }}

Yami
查看更多

{{ formatTime(commentDetails.in_dtm) }} 已购买 {{groupData}}

{{ commentDetails.likes_count }} {{ commentDetails.likes_count }} {{ commentDetails.reply_count }} {{commentDetails.in_user==uid ? __('Delete') : __('Report')}}

请输入内容

回复{{'(' + replyList.length + ')'}}

Yami Yami

{{ showTranslate(reply) }}收起

{{ strLimit(reply,800) }}查看全部

Show Original

{{ reply.reply_content }}

{{ formatTime(reply.reply_in_dtm) }}

{{ reply.reply_likes_count }} {{ reply.reply_likes_count }} {{ reply.reply_reply_count }} {{reply.reply_in_user==uid ? __('Delete') : __('Report')}}

请输入内容

取消

End

发表评论
商品评分

请输入评论

  • 一个好的昵称,会让你的评论更受欢迎!
  • 修改了这里的昵称,个人资料中的昵称也将被修改。
感谢你的评论
你的好评可以帮助我们的社区发现更好的亚洲商品。

举报

取消

确认删除该评论吗?

取消

历史浏览

品牌故事

京东图书