Part I: Networking Basics: TCP/IP Network Statistics Evaluation Part II: Intrusion Detection: Network Monitoring Host Monitoring Part III: Viruses and Other Creatures: Computer Viruses and Worms Trojan Programs and Covert Channels Appendices: Well Known Port Numbers Trojan Port Numbers Country Codes Security Web Sites
From the reviews:
"After reading this book...I believe that many readers would benefit from the skillful joint development of problem context and statistical application. As a bridge between the computer science and mathematical communities, this book is a fine addition to both the computer science and statistics literature and will likely stimulate valuable research by awakening mathematicians and statisticians to the potential of the problems in this area...This book would be appropriate for an upper-level undergraduate or graduate course in computer science and statistics. It would also be a useful introductory reference for the mathematics and statistics researcher who would like to pursue problems in this area. It is both informative and accessible."
SHORT BOOK REVIEWS
"The book provides an excellent introduction to the area. I recommend it to any computer- (and Unix-) literate statistcian who wishes to make an impact in an area, which will continue to be of great importance."
ISI Short Book Reviews, April 2002
"This book is a very good text on intrusion detection, written by an author who has direct practical experience ... . Each chapter has a rich and detailed annotated bibliography, which makes this text a true gold-mine for researchers and practitioners. ... the book is a good example of cross-fertilization between the networking and statistical fields, and will be appreciated both by the specialist and the general reader. It is an example ... of interdisciplinarity, which is necessary in fields so complex as computer security." (Antonio Lioy, The Computer Journal, Vol. 45 (6), 2002)
"This book is about one of those areas that provides rich opportunities for statisticians ... . The tools for computer intrusion detection are essentially statistical ... . The book effectively provides the necessary background material for this intensely jargon-strewn area. The book includes many real examples ... . The book provides an excellent introduction to the area. I recommend it to any computer- (and Unix-) literate statistician who wishes to make an impact in an area, which will continue to be of great importance." (D. J. Hand, Short Book Reviews, Vol. 22 (1), 2002)
Part I: Networking Basics: TCP/IP * Network Statistics * Evaluation * Part II: Intrusion Detection: Network Monitoring * Host Monitoring * Part III: Viruses and Other Creatures: Computer Viruses and Worms * Trojan Programs and Covert Channels * Appendices: Well Known Port Numbers * Trojan Port Numbers * Country Codes * Security Web Sites
This book covers the basic statistical and analytical techniques of computer intrusion detection. It is the first to present a data-centered approach to these problems. It begins with a description of the basics of TCP/IP, followed by chapters dealing with network traffic analysis, network monitoring for intrusion detection, host based intrusion detection, and computer viruses and other malicious code.
This book discusses the timely topic of computer intrusion. It is the first book to present a data-centered approach to these problems, and it will be of interest to researchers and practitioners in statistics and computer science interested in computer security. The book is self -contained, assuming no expertise in computer security or statistics.