TY - BOOK AU - Marty,Raffael TI - Applied security visualization SN - 0321510100 AV - TK5105.59 .M369 2009 U1 - 005.8 MA.A 2009 G.C 23 PY - 2009/// CY - Upper Saddle River, NJ : PB - Addison-Wesley KW - Computer networks KW - Security measures KW - Information visualization KW - Computer security N1 - Includes bibliographical references and index; Ch. 1. Visualization -- What Is Visualization? -- Why Visualization? -- Visualization Benefits -- Security Visualization -- Security Visualization's Dichotomy -- Visualization Theory -- Information Seeking Mantra -- Ch. 2. Data Sources -- Terminology -- Security Data -- Common Problems -- Packet Captures -- Traffic Flows -- Firewalls -- Intrusion Detection and Prevention Systems -- Passive Network Analysis -- Operating Systems -- Applications -- Configurations -- Ch. 3. Visually Representing Data -- Graph Properties -- $Simple Charts -- Stacked Charts -- Histograms -- Box Plots -- Scatter Plots -- Parallel Coordinates -- Link Graphs -- Maps -- Treemaps -- Three-Dimensional Views -- Interaction and Animation -- Choosing the Right Graph -- Challenges -- Ch. 4. From Data to Graphs -- Information Visualization Process -- Step 1: Define the Problem -- Step 2: Assess Available Data -- Step 3: Process Information -- Step 4: Visual Transformation -- Step 5: View Transformation -- Step 6: Interpret and Decide -- Tools for Data Processing -- Ch. 5. Visual Security Analysis -- Reporting -- Historical Analysis -- Real-Time Monitoring and Analysis -- Ch. 6. Perimeter Threat -- Traffic-Flow Monitoring and Analysis -- Firewall Log Analysis -- Intrusion Detection System Signature Tuning -- Wireless Sniffing -- Email Data Analysis -- Vulnerability Data Visualization -- Ch. 7. Compliance -- Policies, Objectives, and Controls -- Regulations and Industry Mandates -- IT Control Frameworks -- Logging Requirements -- Audit -- Business Process Monitoring -- Compliance Monitoring -- Risk Management -- Separation of Duties -- Database Monitoring -- Ch. 8. Insider Threat -- Insider Threat Visualization -- What Is a Malicious Insider? -- Three Types of Insider Crimes -- Who Are the Malicious Insiders? -- A Detection Framework for Malicious Insiders -- Improved Insider-Detection Process -- Challenges -- Proactive Mitigation -- Sample Precursors -- Ch. 9. Data Visualization Tools -- Data Inputs -- Freely Available Visualization Tools -- Open Source Visualization Libraries -- Libraries Summary -- Online Tools -- Commercial Visualization Tools N2 - "As networks become ever more complex, securing them becomes more and more difficult. The solution is visualization. Using today's state-of-the-art data visualization techniques, you can gain a far deeper understanding of what's happening on your network right now. You can uncover hidden patterns of data, identify emerging vulnerabilities and attacks, and respond decisively with countermeasures that are far more likely to succeed than conventional methods." "In Applied Security Visualization, leading network security visualization expert Raffael Marty introduces all the concepts, techniques, and tools you need to use visualization on your network. You'll learn how to identify and utilize the right data sources, then transform your data into visuals that reveal what you really need to know. Next, Marty shows how to use visualization to perform broad network security analyses, assess specific threats, and even improve business compliance."--Jacket ER -