O'Reilly logo

Cybersecurity: Managing Systems, Conducting Testing, and Investigating Intrusions by Thomas J. Mowbray

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CHAPTER 9

Cyber Network Defense Using Advanced Log Analysis

This chapter describes an approach for Cyber Network Defense (CND) based upon Advanced Log Analysis (ALA) including the following:

  • A lightweight process for CND that minimizes time and resources, but supports thorough investigation and eradication of threats
  • A comprehensive set of scripts for network monitoring and ALA for packet and text logs using open source tools
  • An agile strategy for escalating defenses against emerging threats
  • An overall cyber investigation process and open source toolset
  • An operational scenario for eradicating browser-based spyware, which is a much more prevalent and malicious threat than most imagine
  • Practical instructions for implementing the processes and techniques described in the chapter

The sections are practical and instructional, explaining in sequence how, why, and when each technique applies. The chapter covers advanced techniques for Gawk, Wireshark, tcpdump, and data carving packets into files. It also includes implementation instructions for network sensors, ALA platforms, and cyber investigations.

WILEY.COM CODE DOWNLOADS FOR THIS CHAPTER

The wiley.com code downloads for this chapter are found at www.wiley.com/go/cybersecurity on the Download Code tab. The code is in the Chapter 9 download and individually named according to the names throughout the chapter.

Introduction to Cyber Network Defense

When I implemented network sensors and intrusion detection systems (IDS) on a new ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required