Practical Intrusion Analysis: Prevention and Detection for the Twenty-First Century (Paperback)

Ryan Trost

  • 出版商: Addison Wesley
  • 出版日期: 2009-06-01
  • 售價: $2,000
  • 貴賓價: 9.5$1,900
  • 語言: 英文
  • 頁數: 480
  • 裝訂: Paperback
  • ISBN: 0321591801
  • ISBN-13: 9780321591807
  • 相關分類: 資訊安全
  • 立即出貨 (庫存 < 3)



Practical Intrusion Analysis provides a solid fundamental overview of the art and science of intrusion analysis.”

   –Nate Miller, Cofounder, Stratum Security


The Only Definitive Guide to New State-of-the-Art Techniques in Intrusion Detection and Prevention


Recently, powerful innovations in intrusion detection and prevention have evolved in response to emerging threats and changing business environments. However, security practitioners have found little reliable, usable information about these new IDS/IPS technologies. In Practical Intrusion Analysis, one of the field’s leading experts brings together these innovations for the first time and demonstrates how they can be used to analyze attacks, mitigate damage, and track attackers.


Ryan Trost reviews the fundamental techniques and business drivers of intrusion detection and prevention by analyzing today’s new vulnerabilities and attack vectors. Next, he presents complete explanations of powerful new IDS/IPS methodologies based on Network Behavioral Analysis (NBA), data visualization, geospatial analysis, and more.


Writing for security practitioners and managers at all experience levels, Trost introduces new solutions for virtually every environment. Coverage includes


  • Assessing the strengths and limitations of mainstream monitoring tools and IDS technologies
  • Using Attack Graphs to map paths of network vulnerability and becoming more proactive about preventing intrusions
  • Analyzing network behavior to immediately detect polymorphic worms, zero-day exploits, and botnet DoS attacks
  • Understanding the theory, advantages, and disadvantages of the latest Web Application Firewalls
  • Implementing IDS/IPS systems that protect wireless data traffic
  • Enhancing your intrusion detection efforts by converging with physical security defenses
  • Identifying attackers’ “geographical fingerprints” and using that information to respond more effectively
  • Visualizing data traffic to identify suspicious patterns more quickly
  • Revisiting intrusion detection ROI in light of new threats, compliance risks, and technical alternatives


Includes contributions from these leading network security experts:


Jeff Forristal, a.k.a. Rain Forest Puppy, senior security professional and creator of libwhisker

Seth Fogie, CEO, Airscanner USA; leading-edge mobile security researcher; coauthor of Security Warrior


Dr. Sushil Jajodia, Director, Center for Secure Information Systems; founding Editor-in-Chief, Journal of Computer Security


Dr. Steven Noel, Associate Director and Senior Research Scientist, Center for Secure Information Systems, George Mason University


Alex Kirk, Member, Sourcefire Vulnerability Research Team



「實用入侵分析」提供了入侵分析的藝術和科學的堅實基礎概述。- Nate Miller,Stratum Security聯合創始人



Ryan Trost通過分析當今的新漏洞和攻擊向量,回顧了入侵檢測和預防的基本技術和業務驅動因素。接下來,他提供了基於網絡行為分析(NBA)、數據可視化、地理空間分析等強大新型入侵檢測/預防方法的完整解釋。


- 評估主流監控工具和入侵檢測技術的優點和局限性
- 使用攻擊圖來繪製網絡漏洞的路徑,並更積極地預防入侵
- 分析網絡行為以立即檢測多態蠕蟲、零日漏洞和僵屍網絡DoS攻擊
- 了解最新的Web應用防火牆的理論、優點和缺點
- 實施保護無線數據流量的入侵檢測/預防系統
- 通過與物理安全防禦相結合來增強入侵檢測工作
- 識別攻擊者的「地理指紋」並利用該信息更有效地應對
- 通過可視化數據流量更快地識別可疑模式
- 根據新的威脅、合規風險和技術替代方案重新評估入侵檢測的投資回報率


- Jeff Forristal,又名Rain Forest Puppy,資深安全專業人員,libwhisker的創建者
- Seth Fogie,Airscanner USA的首席執行官,領先的移動安全研究人員,「Security Warrior」的合著者
- Dr. Sushil Jajodia,安全信息系統中心主任,「計算機安全期刊」的創始編輯
- Dr. Steven Noel,喬治梅森大學安全信息系統中心副主任和高級研究科學家
- Alex Kirk,Sourcefire漏洞研究團隊成員