Description

Book Synopsis

Uncover hidden patterns of data and respond with countermeasures

Security professionals need all the tools at their disposal to increase their visibility in order to prevent security breaches and attacks. This careful guide explores two of the most powerful data analysis and visualization. You''ll soon understand how to harness and wield data, from collection and storage to management and analysis as well as visualization and presentation. Using a hands-on approach with real-world examples, this book shows you how to gather feedback, measure the effectiveness of your security methods, and make better decisions.

Everything in this book will have practical application for information security professionals.

  • Helps IT and security professionals understand and use data, so they can thwart attacks and understand and visualize vulnerabilities in their networks
  • Includes more than a dozen real-world examples and hands-on exercises that demonstrate h

    Table of Contents

    Introduction xv

    Chapter 1 The Journey to Data-Driven Security 1

    A Brief History of Learning from Data 2

    Nineteenth Century Data Analysis 2

    Twentieth Century Data Analysis 3

    Twenty-First Century Data Analysis 4

    Gathering Data Analysis Skills 5

    Domain Expertise 6

    Programming Skills 8

    Data Management 10

    Statistics 12

    Visualization (aka Communication) 14

    Combining the Skills 15

    Centering on a Question 16

    Creating a Good Research Question 17

    Exploratory Data Analysis 18

    Summary 18

    Recommended Reading 19

    Chapter 2 Building Your Analytics Toolbox: A Primer on Using R and Python for Security Analysis 21

    Why Python? Why R? And Why Both? 22

    Why Python? 23

    Why R? 23

    Why Both? 24

    Jumpstarting Your Python Analytics with Canopy 24

    Understanding the Python Data Analysis and Visualization Ecosystem 25

    Setting Up Your R Environment 29

    Introducing Data Frames 33

    Organizing Analyses 36

    Summary 37

    Recommended Reading 38

    Chapter 3 Learning the "Hello World" of Security Data Analysis 39

    Solving a Problem 40

    Getting Data41

    Reading In Data 43

    Exploring Data 47

    Homing In on a Question 58

    Summary 70

    Recommended Reading 70

    Chapter 4 Performing Exploratory Security Data Analysis 71

    Dissecting the IP Address73

    Representing IP Addresses 73

    Segmenting and Grouping IP Addresses 75

    Locating IP Addresses 77

    Augmenting IP Address Data80

    Association/Correlation, Causation, and Security Operations Center Analysts Gone Rogue 86

    Mapping Outside the Continents90

    Visualizing the ZeuS Botnet 92

    Visualizing Your Firewall Data 98

    Summary 100

    Recommended Reading101

    Chapter 5 From Maps to Regression 103

    Simplifying Maps 105

    How Many ZeroAccess Infections per Country? 108

    Changing the Scope of Your Data 111

    The Potwin Effect 113

    Is This Weird? 117

    Counting in Counties 120

    Moving Down to Counties 122

    Introducing Linear Regression 125

    Understanding Common Pitfalls in Regression Analysis 130

    Regression on ZeroAccess Infections 131

    Summary 136

    Recommended Reading 136

    Chapter 6 Visualizing Security Data 137

    Why Visualize? 138

    Unraveling Visual Perception 139

    Understanding the Components of Visual Communications 144

    Avoiding the Third Dimension 144

    Using Color 146

    Putting It All Together 148

    Communicating Distributions 154

    Visualizing Time Series 156

    Experiment on Your Own 157

    Turning Your Data into a Movie Star 158

    Summary 159

    Recommended Reading 160

    Chapter 7 Learning from Security Breaches 161

    Setting Up the Research 162

    Considerations in a Data Collection Framework 164

    Aiming for Objective Answers 164

    Limiting Possible Answers 164

    Allowing "Other," and "Unknown" Options 164

    Avoiding Conflation and Merging the Minutiae 165

    An Introduction to VERIS 166

    Incident Tracking 168

    Threat Actor 168

    Threat Actions 169

    Information Assets 173

    Attributes 173

    Discovery/Response 176

    Impact 176

    Victim 177

    Indicators 179

    Extending VERIS with Plus 179

    Seeing VERIS in Action 179

    Working with VCDB Data 181

    Getting the Most Out of VERIS Data 185

    Summary 189

    Recommended Reading 189

    Chapter 8 Breaking Up with Your Relational Database 191

    Realizing the Container Has Constraints 195

    Constrained by Schema 196

    Constrained by Storage 198

    Constrained by RAM 199

    Constrained by Data 200

    Exploring Alternative Data Stores 200

    BerkeleyDB 201

    Redis 203

    Hive 207

    MongoDB 210

    Special Purpose Databases 214

    Summary 215

    Recommended Reading 216

    Chapter 9 Demystifying Machine Learning 217

    Detecting Malware 218

    Developing a Machine Learning Algorithm 220

    Validating the Algorithm 221

    Implementing the Algorithm 222

    Benefiting from Machine Learning 226

    Answering Questions with Machine Learning 226

    Measuring Good Performance 227

    Selecting Features 228

    Validating Your Model 230

    Specific Learning Methods 230

    Supervised 231

    Unsupervised 234

    Hands On: Clustering Breach Data 236

    Multidimensional Scaling on Victim Industries 238

    Hierarchical Clustering on Victim Industries 240

    Summary 242

    Recommended Reading 243

    Chapter 10 Designing Effective Security Dashboards 245

    What Is a Dashboard, Anyway? 246

    A Dashboard Is Not an Automobile 246

    A Dashboard Is Not a Report 248

    A Dashboard Is Not a Moving Van 251

    A Dashboard Is Not an Art Show 253

    Communicating and Managing "Security" through Dashboards 258

    Lending a Hand to Handlers 258

    Raising Dashboard Awareness 260

    The Devil (and Incident Response Delays) Is in the Details 262

    Projecting "Security" 263

    Summary 267

    Recommended Reading 267

    Chapter 11 Building Interactive Security Visualizations 269

    Moving from Static to Interactive270

    Interaction for Augmentation 271

    Interaction for Exploration 274

    Interaction for Illumination 276

    Developing Interactive Visualizations 281

    Building Interactive Dashboards with Tableau 281

    Building Browser-Based Visualizations with D3 284

    Summary 294

    Recommended Reading 295

    Chapter 12 Moving Toward Data-Driven Security 297

    Moving Yourself toward Data-Driven Security 298

    The Hacker 299

    The Statistician 302

    The Security Domain Expert 302

    The Danger Zone 303

    Moving Your Organization toward Data-Driven Security 303

    Ask Questions That Have Objective Answers 304

    Find and Collect Relevant Data 304

    Learn through Iteration 305

    Find Statistics 306

    Summary 308

    Recommended Reading 308

    Appendix A Resources and Tools 309

    Appendix B References 313

    Index 321

DataDriven Security

    Product form

    £36.09

    Includes FREE delivery

    RRP £37.99 – you save £1.90 (5%)

    Order before 4pm today for delivery by Mon 22 Jun 2026.

    A Paperback / softback by Jay Jacobs, Bob Rudis

      Trusted by thousands of customers. See 2,385+ Customer Reviews

      View other formats and editions of DataDriven Security by Jay Jacobs

      Publisher: John Wiley & Sons Inc
      Publication Date: 08/04/2014
      ISBN13: 9781118793725, 978-1118793725
      ISBN10: 1118793722
      Also in:
      Non Fiction Computing Computer security

      Description

      Book Synopsis

      Uncover hidden patterns of data and respond with countermeasures

      Security professionals need all the tools at their disposal to increase their visibility in order to prevent security breaches and attacks. This careful guide explores two of the most powerful data analysis and visualization. You''ll soon understand how to harness and wield data, from collection and storage to management and analysis as well as visualization and presentation. Using a hands-on approach with real-world examples, this book shows you how to gather feedback, measure the effectiveness of your security methods, and make better decisions.

      Everything in this book will have practical application for information security professionals.

      • Helps IT and security professionals understand and use data, so they can thwart attacks and understand and visualize vulnerabilities in their networks
      • Includes more than a dozen real-world examples and hands-on exercises that demonstrate h

        Table of Contents

        Introduction xv

        Chapter 1 The Journey to Data-Driven Security 1

        A Brief History of Learning from Data 2

        Nineteenth Century Data Analysis 2

        Twentieth Century Data Analysis 3

        Twenty-First Century Data Analysis 4

        Gathering Data Analysis Skills 5

        Domain Expertise 6

        Programming Skills 8

        Data Management 10

        Statistics 12

        Visualization (aka Communication) 14

        Combining the Skills 15

        Centering on a Question 16

        Creating a Good Research Question 17

        Exploratory Data Analysis 18

        Summary 18

        Recommended Reading 19

        Chapter 2 Building Your Analytics Toolbox: A Primer on Using R and Python for Security Analysis 21

        Why Python? Why R? And Why Both? 22

        Why Python? 23

        Why R? 23

        Why Both? 24

        Jumpstarting Your Python Analytics with Canopy 24

        Understanding the Python Data Analysis and Visualization Ecosystem 25

        Setting Up Your R Environment 29

        Introducing Data Frames 33

        Organizing Analyses 36

        Summary 37

        Recommended Reading 38

        Chapter 3 Learning the "Hello World" of Security Data Analysis 39

        Solving a Problem 40

        Getting Data41

        Reading In Data 43

        Exploring Data 47

        Homing In on a Question 58

        Summary 70

        Recommended Reading 70

        Chapter 4 Performing Exploratory Security Data Analysis 71

        Dissecting the IP Address73

        Representing IP Addresses 73

        Segmenting and Grouping IP Addresses 75

        Locating IP Addresses 77

        Augmenting IP Address Data80

        Association/Correlation, Causation, and Security Operations Center Analysts Gone Rogue 86

        Mapping Outside the Continents90

        Visualizing the ZeuS Botnet 92

        Visualizing Your Firewall Data 98

        Summary 100

        Recommended Reading101

        Chapter 5 From Maps to Regression 103

        Simplifying Maps 105

        How Many ZeroAccess Infections per Country? 108

        Changing the Scope of Your Data 111

        The Potwin Effect 113

        Is This Weird? 117

        Counting in Counties 120

        Moving Down to Counties 122

        Introducing Linear Regression 125

        Understanding Common Pitfalls in Regression Analysis 130

        Regression on ZeroAccess Infections 131

        Summary 136

        Recommended Reading 136

        Chapter 6 Visualizing Security Data 137

        Why Visualize? 138

        Unraveling Visual Perception 139

        Understanding the Components of Visual Communications 144

        Avoiding the Third Dimension 144

        Using Color 146

        Putting It All Together 148

        Communicating Distributions 154

        Visualizing Time Series 156

        Experiment on Your Own 157

        Turning Your Data into a Movie Star 158

        Summary 159

        Recommended Reading 160

        Chapter 7 Learning from Security Breaches 161

        Setting Up the Research 162

        Considerations in a Data Collection Framework 164

        Aiming for Objective Answers 164

        Limiting Possible Answers 164

        Allowing "Other," and "Unknown" Options 164

        Avoiding Conflation and Merging the Minutiae 165

        An Introduction to VERIS 166

        Incident Tracking 168

        Threat Actor 168

        Threat Actions 169

        Information Assets 173

        Attributes 173

        Discovery/Response 176

        Impact 176

        Victim 177

        Indicators 179

        Extending VERIS with Plus 179

        Seeing VERIS in Action 179

        Working with VCDB Data 181

        Getting the Most Out of VERIS Data 185

        Summary 189

        Recommended Reading 189

        Chapter 8 Breaking Up with Your Relational Database 191

        Realizing the Container Has Constraints 195

        Constrained by Schema 196

        Constrained by Storage 198

        Constrained by RAM 199

        Constrained by Data 200

        Exploring Alternative Data Stores 200

        BerkeleyDB 201

        Redis 203

        Hive 207

        MongoDB 210

        Special Purpose Databases 214

        Summary 215

        Recommended Reading 216

        Chapter 9 Demystifying Machine Learning 217

        Detecting Malware 218

        Developing a Machine Learning Algorithm 220

        Validating the Algorithm 221

        Implementing the Algorithm 222

        Benefiting from Machine Learning 226

        Answering Questions with Machine Learning 226

        Measuring Good Performance 227

        Selecting Features 228

        Validating Your Model 230

        Specific Learning Methods 230

        Supervised 231

        Unsupervised 234

        Hands On: Clustering Breach Data 236

        Multidimensional Scaling on Victim Industries 238

        Hierarchical Clustering on Victim Industries 240

        Summary 242

        Recommended Reading 243

        Chapter 10 Designing Effective Security Dashboards 245

        What Is a Dashboard, Anyway? 246

        A Dashboard Is Not an Automobile 246

        A Dashboard Is Not a Report 248

        A Dashboard Is Not a Moving Van 251

        A Dashboard Is Not an Art Show 253

        Communicating and Managing "Security" through Dashboards 258

        Lending a Hand to Handlers 258

        Raising Dashboard Awareness 260

        The Devil (and Incident Response Delays) Is in the Details 262

        Projecting "Security" 263

        Summary 267

        Recommended Reading 267

        Chapter 11 Building Interactive Security Visualizations 269

        Moving from Static to Interactive270

        Interaction for Augmentation 271

        Interaction for Exploration 274

        Interaction for Illumination 276

        Developing Interactive Visualizations 281

        Building Interactive Dashboards with Tableau 281

        Building Browser-Based Visualizations with D3 284

        Summary 294

        Recommended Reading 295

        Chapter 12 Moving Toward Data-Driven Security 297

        Moving Yourself toward Data-Driven Security 298

        The Hacker 299

        The Statistician 302

        The Security Domain Expert 302

        The Danger Zone 303

        Moving Your Organization toward Data-Driven Security 303

        Ask Questions That Have Objective Answers 304

        Find and Collect Relevant Data 304

        Learn through Iteration 305

        Find Statistics 306

        Summary 308

        Recommended Reading 308

        Appendix A Resources and Tools 309

        Appendix B References 313

        Index 321

      Recently viewed products

      © 2026 Book Curl

        • American Express
        • Apple Pay
        • Diners Club
        • Discover
        • Google Pay
        • Maestro
        • Mastercard
        • PayPal
        • Shop Pay
        • Union Pay
        • Visa

        Login

        Forgot your password?

        Don't have an account yet?
        Create account