Understanding Intrusion Detection through Visualization and over one million other books are available for Amazon Kindle. Learn more

Quantity:

Buy New

Buy Used

Used - Good See details

$49.99 & this item ships for FREE with Super Saver Shipping. Details

Fulfilled by Amazon

More Buying Choices

Have one to sell? Sell yours here

Share your own customer images

Search inside this book

Start reading Understanding Intrusion Detection through Visualization on your Kindle in under a minute.

Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.

Understanding Intrusion Detection through Visualization (Advances in Information Security) [Hardcover]

Stefan Axelsson (Author), David Sands (Author)

1.0 out of 5 stars See all reviews (1 customer review) |

Price:	$109.00 & this item ships for FREE with Super Saver Shipping. Details
Deal Price:
	Special Offers Available
	o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o

Usually ships within 1 to 3 weeks.
Ships from and sold by Amazon.com. Gift-wrap available.

FREE Two-Day Shipping for Students. Learn more

Formats	Amazon Price	New from	Used from
Kindle Edition	$79.20	--	--
Hardcover	$109.00	--	--
Paperback	$109.00	--	--

Book Description

ISBN-10: 0387276343 | ISBN-13: 978-0387276342 | Publication Date: November 21, 2005 | Edition: 1

Computer security - the protection of data and computer systems from intentional, malicious intervention - is attracting increasing attention. Much work has gone into development of tools to detect ongoing or already perpetrated attacks, but a key shortfall in current intrusion detection systems is the high number of false alarms they produce. This book analyzes the false alarm problem, then applies results from the field of information visualization to the problem of intrusion detection. Four different visualization approaches are presented, mainly applied to data from web server access logs.

#outer_postBodyPS { display: none; } #psGradient { display: none; } #psPlaceHolder { display: none; } #psExpand { display: none; } Computer security - the protection of data and computer systems from intentional, malicious intervention - is attracting increasing attention. Much work has gone into development of tools to detect ongoing or already perpetrated attacks, but a key shortfall in current intrusion detection systems is the high number of false alarms they produce. This book analyzes the false alarm problem, then applies results from the field of information visualization to the problem of intrusion detection. Four different visualization approaches are presented, mainly applied to data from web server access logs.

Special Offers and Product Promotions

Buy $50 in qualifying physical textbooks, get $5 in Amazon MP3 Credit. Here's how (restrictions apply)

Editorial Reviews

From the Back Cover

With the ever increasing use of computers for critical systems, computer security that protects data and computer systems from intentional, malicious intervention, continues to attract significant attention. Among the methods for defense, the application of a tool to help the operator identify ongoing or already perpetrated attacks (intrusion detection), has been the subject of considerable research in the past ten years. A key problem with current intrusion detection systems is the high number of false alarms they produce. Understanding Intrusion Detection through Visualization presents research on why false alarms are, and will remain a problem; then applies results from the field of information visualization to the problem of intrusion detection. This approach promises to enable the operator to identify false (and true) alarms, while aiding the operator to identify other operational characteristics of intrusion detection systems. This volume presents four different visualization approaches, mainly applied to data from web server access logs. Understanding Intrusion Detection through Visualization is structured for security professionals, researchers and practitioners. This book is also suitable for graduate students in computer science.

Product Details

Hardcover: 165 pages
Publisher: Springer; 1 edition (November 21, 2005)
Language: English
ISBN-10: 0387276343
ISBN-13: 978-0387276342
Product Dimensions: 9.6 x 6.4 x 0.6 inches
Shipping Weight: 14.4 ounces (View shipping rates and policies)

Average Customer Review: 1.0 out of 5 stars See all reviews (1 customer review)

Amazon Best Sellers Rank: #4,367,189 in Books (See Top 100 in Books)

Would you like to update product info or give feedback on images?

More About the Author

› Visit Amazon's Stefan Axelsson Page

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

1 Review

5 star:		(0)
4 star:		(0)
3 star:		(0)
2 star:		(0)
1 star:		(1)

Average Customer Review

1.0 out of 5 stars (1 customer review)

Share your thoughts with other customers:

Create your own review

Most Helpful Customer Reviews

4 of 4 people found the following review helpful:

1.0 out of 5 stars Interesting Read, January 2, 2007

Raffael Marty (San Francisco, CA USA) - See all my reviews
(REAL NAME)

This review is from: Understanding Intrusion Detection through Visualization (Advances in Information Security) (Hardcover)

In the beginning I was a bit mislead by the title of this book, but I guess that was my mistake: The book is not about visualizing intrusion detection system logs, but it is about how to do intrusion detection on mainly Web server logs. The book is based on some older papers of the author. However, he added some new content and revised some of the papers contents.
For the most part, the book talks about how to visualize the output of various data processing algorithms. Bayesian analysis is used to analyze Web server logs and the author shows how the output can be visualized. It is not necessary visualization that is used to do intrusion detection, but the book shows a way to visualize the output of data analysis algorithms.
Overall I am a bit disappointed with the book. It is a collection of Axelsson's older papers. The book would benefit from integrating the chapters more tightely. Common terminology and concepts could be introduced once instead of multiple times in each of the chapters.
Reading the first chapters took quite some concentration. The definition of intrusion detection and intrusion detection systems in the beginning of the book are fairly complicated and it is not entirely clear why the complicated definitions are necessary for rest of the book. Also, for a visualization book, the graphs are of fairly poor quality.

Help other customers find the most helpful reviews

Was this review helpful to you? Yes No

Report abuse | Permalink

Comment Comment

Share your thoughts with other customers: Create your own review

› See the customer review...

Inside This Book (learn more)

Key Phrases - Statistically Improbable Phrases (SIPs): (learn more)
log reduction scheme, log reduction mechanism, benign accesses, web access requests, unicode attacks, trellis plot, benign traffic, scoring requests, webserver logs, benign requests, parallel coordinate plot, benign data, malicious requests, malicious accesses, anomaly detection system, unique requests, intrusion signatures, intrusion detection system, spam attack, bad context, higher false alarm rate, request strings, benign patterns, reduced log, local probabilities

Key Phrases - Capitalized Phrases (CAPs): (learn more)
Lincoln Labs, File Help Good Neutral Bad, Paul Graham

New!
Books on Related Topics | Concordance | Text Stats

Citations (learn more)

This book cites 13 books:

Intrusion Detection by D. Frincke in Back Matter (1), and Back Matter (2)
Information Visualization by Robert Spence in Back Matter (1), and Back Matter (2)
Information Security: An Integrated Collection of Essays by Marshall D. Abrams in Front Matter
Security in Computing (3rd Edition) by Charles P. Pfleeger in Back Matter
Self-Organizing Maps by Teuvo Kohonen in Back Matter

See all 13 books this book cites

Books on Related Topics (learn more)

Windows Server 2003 by Stuart McClure

Discusses:

Microsoft� Encyclopedia of Security by Mitch Tulloch

Discusses:

Intrusion Signatures and Analysis by Matt Fearnow

Discusses:

Machine Learning and Data Mining for Computer Security by Marcus A. Maloof

Discusses:

Tag this product

(What's this?)

Think of a tag as a keyword or label you consider is strongly related to this product.
Tags will help all customers organize and find favorite items.

.jsOffDisplayBlock { display: block; } .jsOffDisplayInline { display: inline; } .jsOffVisibility { visibility: visible; } .jsOnDisplayBlock { display: none; } .jsOnDisplayNoneBlock { display: block; } .jsOnDisplayNoneInline { display: inline; } .jsOnDisplayInline { display: none; } .jsOnVisibility { visibility: hidden; } .jqOnDisplayBlock { display: none; } .jqOnDisplayInline { display: none; } .jqOnVisibility { visibility: hidden; } .jqOnDisplayNoneBlock { display: block; } .jqOnDisplayNoneInline { display: inline; }

Customer Discussions

This product's forum

Discussion	Replies	Latest Post
No discussions yet

Ask questions, Share opinions, Gain insight

Start a new discussion

Topic:

First post:

Receive e-mail when new posts are made

Prompts for sign-in

Guidelines

Active discussions in related forums

Discussion	Replies	Latest Post
Textbook forum Never Again	30	18 hours ago
Textbook forum I just received a "very good" textbook without its disc - what are your thoughts?	168	4 days ago
Textbook forum Never buy school textbooks. Download them to your reading device or computer	3	6 days ago
Textbook forum Buyer requested return but I haven't been paid by amazon yet?	2	12 days ago
Textbook forum Instructor Edition Textbooks?	5	13 days ago