By Bob Rudis (@hrbrmstr)
Wed 23 April 2014 | tags: asn, ip, r, rstats, -- (permalink)

This is a short post on one way to bust through your corporate firewall when trying to use the Team CYMRU ASN lookup facility that we presented in our book. Part 2 will show how to create a vectorized version of this code.

Most corporate networks aren’t going to ...

By Jay Jacobs (@jayjacobs)
Mon 14 April 2014 | tags: R, video, -- (permalink)

Well over a year ago, I stumbled across “Mapping Bike Accidents in R” and was immediately taken in by the possibilities of creating videos from data. Since then I’ve done several videos, mostly just for fun. We also touched on the topic rather briefly in our book, and I ...

By Bob Rudis (@hrbrmstr)
Tue 08 April 2014 | tags: R, visualization, , -- (permalink)

The US Government Accountability Office (GAO) released a report on April 2, 2014 titled “Federal Agencies Need to Enhance Responses to Data Breaches“. One of the extremely positive effects of Section 508 is that agencies must produce these type of reports in an accessible format (usually plain text) and I ...

By Bob Rudis (@hrbrmstr)
Thu 03 April 2014 | tags: R, Fundamentals, -- (permalink)

There was an interesting question recently on StackOverlow on how to apply a function over a rolling window on a column in a data frame grouped by subset. It was a pretty vanilla SO question as those things go, but there were no less than four useful and diferent answers ...

By Steve Patton (@spttnnh)
Wed 02 April 2014 | tags: datavis, dataviz, AlienVault, data analysis. data management, R, -- (permalink)

In Part 1 we looked at acquiring raw data, and wrangling it into a time series dataset. In Part 2 we looked at types of threats in the time series. Now we will examine countries in the AlienVault reputation database.

One of the skills a data scientist must develop is ...

By Bob Rudis (@hrbrmstr)
Sat 08 February 2014 | tags: R, reproducible research, botnet, -- (permalink)

It’s super-#spiffy to see organizations like Sucuri share data and insight. Since they did some great work (both in data capture and sharing of their analyses), I thought it might be fun (yes, Jay & I have a strange notion of “fun”) to “show the work” in R. You ...

By Bob Rudis (@hrbrmstr)
Tue 04 February 2014 | tags: R, passwords, -- (permalink)

The pipal utility is one of the standard, “go-to” tools when analyzing cracked password dumps. It’s a command-line program written in Ruby and I thought it would be interesting to port the base functionality to R and then build upon that base over time (R has some really handy ...

By Jay Jacobs (@jayjacobs)
Thu 23 January 2014 | tags: EDA, analysis, honeypot, R, -- (permalink)

This is part 2 of a series (visit part 1). I will be looking at destination ports in this post.

Bob and I spent quite a bit of time early on in the book showing what we can learn from IP addresses. But let’s ...

By Bob Rudis (@hrbrmstr)
Sat 18 January 2014 | tags: shiny, R, -- (permalink)

An innocent thread on the SIRA mailing list begat a detailed explanation by Jay which begat a comment with a link to a gist by David Severski that had an equally innocent comment:

# extending to UI framework of your choice is left as an exercise for the reader

(see Jay ...

By Jay Jacobs (@jayjacobs)
Fri 17 January 2014 | tags: simluation, R, -- (permalink)

A few years ago I worked on an excel plugin (to support risk analysis) called OpenPERT with Chris Hayes. The entire point of this plugin was to brig the betaPERT distribution into excel because there is no native support for it. OpenPERT accomplishes this quite ...