In the beginning I was a bit mislead by the title of this book, but I guess that was my mistake: The book is not about visualizing intrusion detection system logs, but it is about how to do intrusion detection on mainly Web server logs. The book is based on some older papers of the author. However, he added some new content and revised some of the papers contents.

For the most part, the book talks about how to visualize the output of various data processing algorithms. Bayesian analysis is used to analyze Web server logs and the author shows how the output can be visualized. It is not necessary visualization that is used to do intrusion detection, but the book shows a way to visualize the output of data analysis algorithms.

Overall I am a bit disappointed with the book. It is a collection of Axelsson's older papers. The book would benefit from integrating the chapters more tightely. Common terminology and concepts could be introduced once instead of multiple times in each of the chapters.

Reading the first chapters took quite some concentration. The definition of intrusion detection and intrusion detection systems in the beginning of the book are fairly complicated and it is not entirely clear why the complicated definitions are necessary for rest of the book. Also, for a visualization book, the graphs are of fairly poor quality.

Скачать книгу бесплатно (djvu, 6.60 Mb)

---

Читать «Understanding Intrusion Detection through Visualization»