Data-Driven Security: Analysis, Visualization and Dashboards


Uncover hidden patterns of data and respond with countermeasures

Security professionals need all the tools at their disposal to increase their visibility in order to prevent security breaches and attacks. This careful guide explores two of the most powerful—data analysis and visualization. You'll soon understand how to harness and wield data, from collection and storage to management and analysis as well as visualization and presentation. Using a hands-on approach with ...

See more details below
Other sellers (Paperback)
  • All (9) from $19.99   
  • New (7) from $26.00   
  • Used (2) from $19.99   


Uncover hidden patterns of data and respond with countermeasures

Security professionals need all the tools at their disposal to increase their visibility in order to prevent security breaches and attacks. This careful guide explores two of the most powerful—data analysis and visualization. You'll soon understand how to harness and wield data, from collection and storage to management and analysis as well as visualization and presentation. Using a hands-on approach with real-world examples, this book shows you how to gather feedback, measure the effectiveness of your security methods, and make better decisions.

Everything in this book will have practical application for information security professionals.

  • Helps IT and security professionals understand and use data, so they can thwart attacks and understand and visualize vulnerabilities in their networks
  • Includes more than a dozen real-world examples and hands-on exercises that demonstrate how to analyze security data and intelligence and translate that information into visualizations that make plain how to prevent attacks
  • Covers topics such as how to acquire and prepare security data, use simple statistical methods to detect malware, predict rogue behavior, correlate security events, and more
  • Written by a team of well-known experts in the field of security and data analysis

Lock down your networks, prevent hacks, and thwart malware by improving visibility into the environment, all through the power of data and Security Using Data Analysis, Visualization, and Dashboards.

Read More Show Less

Product Details

  • ISBN-13: 9781118793725
  • Publisher: Wiley
  • Publication date: 2/17/2014
  • Edition number: 1
  • Pages: 352
  • Sales rank: 786,331
  • Product dimensions: 7.30 (w) x 9.00 (h) x 0.80 (d)

Meet the Author

Jay Jacobs is the coauthor of Verizon Data BreachInvestigation Reports and the cofounder of the Society ofInformation Risk Analysts, where he currently sits on the board ofdirectors.

Bob Rudis is the Director of Enterprise InformationSecurity & IT Risk Management at Liberty Mutual Insurance andwas named one of the Top 25 Influencers in Information Security byTripwire.

Read More Show Less

Table of Contents

Introduction xv

Chapter 1 • The Journey to Data-Driven Security1

A Brief History of Learning from Data  2

Nineteenth Century Data Analysis  2

Twentieth Century Data Analysis  3

Twenty-First Century Data Analysis 4

Gathering Data Analysis Skills 5

Domain Expertise 6

Programming Skills 8

Data Management  10

Statistics  12

Visualization (aka Communication) 14

Combining the Skills  15

Centering on a Question 16

Creating a Good Research Question  17

Exploratory Data Analysis 18

Summary   18

Recommended Reading 19

Chapter 2 • Building Your Analytics Toolbox: A Primeron Using R and Python for Security Analysis  21

Why Python? Why R? And Why Both?  22

Why Python?  23

Why R?  23

Why Both? 24

Jumpstarting Your Python Analytics with Canopy  24

Understanding the Python Data Analysis and VisualizationEcosystem 25

Setting Up Your R Environment 29

Introducing Data Frames 33

Organizing Analyses 36

Summary   37

Recommended Reading 38

Chapter 3 • Learning the “Hello World” ofSecurity Data Analysis 39

Solving a Problem  40

Getting Data41

Reading In Data 43

Exploring Data  47

Homing In on a Question 58

Summary   70

Recommended Reading 70

Chapter 4 • Performing Exploratory Security DataAnalysis  71

Dissecting the IP Address73

Representing IP Addresses 73

Segmenting and Grouping IP Addresses  75

Locating IP Addresses  77

Augmenting IP Address Data80

Association/Correlation, Causation, and Security OperationsCenter Analysts Gone Rogue  86

Mapping Outside the Continents90

Visualizing the ZeuS Botnet  92

Visualizing Your Firewall Data 98

Summary 100

Recommended Reading101

Chapter 5 • From Maps to Regression  103

Simplifying Maps  105

How Many ZeroAccess Infections per Country?  108

Changing the Scope of Your Data 111

The Potwin Effect  113

Is This Weird?  117

Counting in Counties 120

Moving Down to Counties 122

Introducing Linear Regression  125

Understanding Common Pitfalls in Regression Analysis 130

Regression on ZeroAccess Infections  131

Summary 136

Recommended Reading   136

Chapter 6 • Visualizing Security Data 137

Why Visualize?  138

Unraveling Visual Perception 139

Understanding the Components of Visual Communications 144

Avoiding the Third Dimension 144

Using Color 146

Putting It All Together 148

Communicating Distributions 154

Visualizing Time Series 156

Experiment on Your Own 157

Turning Your Data into a Movie Star  158

Summary  159

Recommended Reading   160

Chapter 7 • Learning from Security Breaches 161

Setting Up the Research   162

Considerations in a Data Collection Framework 164

Aiming for Objective Answers  164

Limiting Possible Answers  164

Allowing “Other,” and “Unknown”Options  164

Avoiding Conflation and Merging the Minutiae  165

An Introduction to VERIS 166

Incident Tracking  168

Threat Actor 168

Threat Actions 169

Information Assets 173

Attributes  173

Discovery/Response 176

Impact  176

Victim 177

Indicators  179

Extending VERIS with Plus 179

Seeing VERIS in Action  179

Working with VCDB Data 181

Getting the Most Out of VERIS Data 185

Summary 189

Recommended Reading   189

Chapter 8 • Breaking Up with Your RelationalDatabase  191

Realizing the Container Has Constraints   195

Constrained by Schema  196

Constrained by Storage  198

Constrained by RAM  199

Constrained by Data  200

Exploring Alternative Data Stores   200

BerkeleyDB  201

Redis 203

Hive 207

MongoDB  210

Special Purpose Databases 214

Summary  215

Recommended Reading 216

Chapter 9 • Demystifying Machine Learning 217

Detecting Malware 218

Developing a Machine Learning Algorithm  220

Validating the Algorithm 221

Implementing the Algorithm  222

Benefiting from Machine Learning  226

Answering Questions with Machine Learning  226

Measuring Good Performance 227

Selecting Features  228

Validating Your Model  230

Specific Learning Methods 230

Supervised  231

Unsupervised 234

Hands On: Clustering Breach Data  236

Multidimensional Scaling on Victim Industries  238

Hierarchical Clustering on Victim Industries 240

Summary 242

Recommended Reading   243

Chapter 10 • Designing Effective Security Dashboards245

What Is a Dashboard, Anyway? 246

A Dashboard Is Not an Automobile  246

A Dashboard Is Not a Report  248

A Dashboard Is Not a Moving Van  251

A Dashboard Is Not an Art Show 253

Communicating and Managing “Security” throughDashboards 258

Lending a Hand to Handlers 258

Raising Dashboard Awareness  260

The Devil (and Incident Response Delays) Is in the Details262

Projecting “Security” 263

Summary 267

Recommended Reading   267

Chapter 11 • Building Interactive SecurityVisualizations  269

Moving from Static to Interactive270

Interaction for Augmentation  271

Interaction for Exploration  274

Interaction for Illumination  276

Developing Interactive Visualizations 281

Building Interactive Dashboards with Tableau  281

Building Browser-Based Visualizations with D3 284

Summary 294

Recommended Reading   295

Chapter 12 • Moving Toward Data-Driven Security297

Moving Yourself toward Data-Driven Security 298

The Hacker  299

The Statistician  302

The Security Domain Expert 302

The Danger Zone  303

Moving Your Organization toward Data-Driven Security  303

Ask Questions That Have Objective Answers  304

Find and Collect Relevant Data 304

Learn through Iteration  305

Find Statistics 306

Summary 308

Recommended Reading   308

Appendix A • Resources and Tools  309

Appendix B • References  313

Index •  321

Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star


4 Star


3 Star


2 Star


1 Star


Your Rating:

Your Name: Create a Pen Name or

Barnes & Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation


  • - By submitting a review, you grant to Barnes & and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Terms of Use.
  • - Barnes & reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously

    If you find inappropriate content, please report it to Barnes & Noble
    Why is this product inappropriate?
    Comments (optional)