4 Building a Network Traffic Analysis Tool
For our first project, let’s start with something familiar. Most of us in the security realm have spent at least some time analyzing packet data and monitoring network traffic. In this chapter, we’ll apply the concepts we discussed in the previous chapter—multi-edge directed graphs, centrality, and information exchange—to build our own network traffic analysis tool. We’ll use captured network data to build a graph, calculate some metrics to learn about the properties of the observed traffic, and then use centrality measures to figure out what each machine is doing.
When we talk about systems on ...
Get Math for Security now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.