By Steve Patton (@spttnnh)
Mon 09 June 2014 | tags: datavis, dataviz, AlienVault, data analysis. data management, r, rstats, -- (permalink)

In Part 1 we looked at acquiring raw data, and wrangling it into a time series dataset. In Part 2 we looked at types of threats in the time series. In Part 3 we looked at countries. Now we will examine countries and types in combination in the AlienVault reputation ...

By Bob Rudis (@hrbrmstr)
Fri 06 June 2014 | tags: rstats, r, datavis, wifi, cartography, maps, RCurl, -- (permalink)

This is the first of a two-part series. Part 1 sets up the story and goes into how to discover, digest & reformat the necessary data. Part 2 will show how to perform some basic visualizations and then how to build beautiful & informative density maps from the data and offer some ...

By Bob Rudis (@hrbrmstr)
Sat 17 May 2014 | tags: rstats, r, rcpp, -- (permalink)

The previous post looked at using the Vectorize() function to, well, vectorize, our Rcpp IPv4 functions. While this is a completely acceptable practice, we can perform the vectorization 100% in Rcpp/C++. We’ve included both the original Rcpp IPv4 functions and the new Rcpp-vectorized functions together to show ...

By Bob Rudis (@hrbrmstr)
Fri 16 May 2014 | tags: rstats, r, rcpp, -- (permalink)

Our previous post showed how to speed up the conversion of IPv4 addresses to/from integer format by taking advantage of a simple Rcpp wrapper to “boosted” native functions. However, to convert more than one IP address, you need to stick those functions into one of the R *apply functions ...

By Bob Rudis (@hrbrmstr)
Wed 14 May 2014 | tags: rstats, r, rcpp, -- (permalink)

In our book we provide examples of how to convert IPv4 addresses to integer format (and back). We held ourselves to using only basic R functionality since the book had to be at an introductory level. On a fairly modern box, the ip2long function takes (roughly) 0.1s to convert ...

By Bob Rudis (@hrbrmstr)
Tue 29 April 2014 | tags: data munging, xml, R, rstats, scraping, -- (permalink)

NOTE: Qualys allows automated access to their SSL Server Test site in their T&C’s, and the R fucntion/script provided here does its best to adhere to their guidelines. However, if you launch multiple scripts at one time and catch their attention you will, no doubt, be banned ...

By Bob Rudis (@hrbrmstr)
Fri 25 April 2014 | tags: rstats, R, Rcpp, -- (permalink)

Technically this is Part 2 of Firewall-busting ASN-lookups. However, I said (in Part 1) that Part 2 would be about making a vectorized version and this is absolutely not about that. Rather than fib, I merely misdirect. Moving on…

As you can see in Part 1, we have to ...

By Bob Rudis (@hrbrmstr)
Wed 23 April 2014 | tags: asn, ip, r, rstats, -- (permalink)

This is a short post on one way to bust through your corporate firewall when trying to use the Team CYMRU ASN lookup facility that we presented in our book. Part 2 will show how to create a vectorized version of this code.

Most corporate networks aren’t going to ...

By Bob Rudis (@hrbrmstr)
Wed 08 January 2014 | tags: rstats, Excel, Spreadsheets, -- (permalink)

One of the myriad of reasons we created the Data Driven Security blog was to provide pointers to data analysis and visualization resources for security domain experts who may have not been exposed to these types of tools.

I’d venture a posit that most folks jump into some type ...