Few information systems-related issues have generated as much interest, agony, and damage to local or federal organizations, businesses, and individuals as cyber threats—that is, security violations, identity thefts, unauthorized intrusions, privacy violations, data integrity violations, denials of service, and infrastructure attacks. This volume, impressive in both its breadth and depth, contains 13 contributions from leading scientists in the field, examining the current situation, presenting approaches to handle the issues, and divulging the main research-related and practical challenges occurring.
The issues discussed in detail include intrusion detection, anomaly detection in network traffic, statistical causality analyses, sensor families for intrusion detection infrastructures, cluster analysis for massive network security data, and alert management. All of the contributions contain nice introductions, links to similar research done by other scientists, and adequate references, many of which are electronic, and thus directly accessible for readers. Several contributions discuss detailed algorithms and models.
Massive cyber forensics—the integration and correlation of law enforcement information with public cyber-based information—and digital forensics on individual computer systems are also discussed in two contributions at the end of the volume. The related legal and social issues are also briefly discussed.
The volume will be very handy for computer security researchers and information technology professionals working at large data centers. It contains how-to information, and discussions of existing tools and test data, and the creation of new tools.