| | |  | Manager's Guides to Computing | Home » » » Understanding Intrusion Detection through Visualization (Advances in Information Security) | | | | | | | Description: | | With the ever increasing use of computers for critical systems, computer security that protects data and computer systems from intentional, malicious intervention, continues to attract attention. Among the methods for defense, the application of a tool to help the operator identify ongoing or already perpetrated attacks (intrusion detection), has been the subject of considerable research in the past ten years. A key problem with current intrusion detection systems is the high number of false alarms they produce. Understanding Intrusion Detection through Visualization presents research on why false alarms are, and will remain a problem; then applies results from the field of information visualization to the problem of intrusion detection. This approach promises to enable the operator to identify false (and true) alarms, while aiding the operator to identify other operational characteristics of intrusion detection systems. This volume presents four different visualization approaches, mainly applied to data from web server access logs. | | | Product Details: | | | Author:
| Stefan Axelsson | | Hardcover:
| 145 pages | | Publisher:
| Springer | | Publication Date:
| November 21, 2005 | | Language:
| English | | ISBN:
| 0387276343 | | Package Length:
| 9.3 inches | | Package Width:
| 6.1 inches | | Package Height:
| 0.7 inches | | Package Weight:
| 0.7 pounds | | Average Customer Rating:
|  based on 1 reviews |
| | | | Customer Reviews: | |
Average Customer Review:
Write an online review and share your thoughts with other customers.
2 of 2 found the following review helpful:
Interesting ReadJan 02, 2007
In the beginning I was a bit mislead by the title of this book, but I guess that was my mistake: The book is not about visualizing intrusion detection system logs, but it is about how to do intrusion detection on mainly Web server logs. The book is based on some older papers of the author. However, he added some new content and revised some of the papers contents.
For the most part, the book talks about how to visualize the output of various data processing algorithms. Bayesian analysis is used to analyze Web server logs and the author shows how the output can be visualized. It is not necessary visualization that is used to do intrusion detection, but the book shows a way to visualize the output of data analysis algorithms.
Overall I am a bit disappointed with the book. It is a collection of Axelsson's older papers. The book would benefit from integrating the chapters more tightely. Common terminology and concepts could be introduced once instead of multiple times in each of the chapters.
Reading the first chapters took quite some concentration. The definition of intrusion detection and intrusion detection systems in the beginning of the book are fairly complicated and it is not entirely clear why the complicated definitions are necessary for rest of the book. Also, for a visualization book, the graphs are of fairly poor quality.
| | |
|
