Data mining firewall logs : Principal Component Analysis

Posted on by David Vassallo

In this article we'll explore how Principal Component Analysis [PCA] [1] - a popular data reduction technique - can help a busy security or network administrator. Any such administrator has often been faced with a daunting problem... going through reams of firewall or router connection logs trying to figure out if any of the thousands … Continue reading Data mining firewall logs : Principal Component Analysis

Getting started with Neo4J and security data analysis

Posted on by David Vassallo

During a recent study module for a MSc I am undertaking we discussed the importance of continuous monitoring of data sources as part of a sound security defensive strategy. This lead me down a very interesting path, eventually culminating in my discovery of an entire subset in security discipline many refer to as "Security visualization". There are … Continue reading Getting started with Neo4J and security data analysis