Data-Driven Security: Elements of Security Data Science

• The Coder (Scripting/programming)

• The Data Munger (Slice & dice data)

• The Thinker (Critical & algorithmic thinking)

• The Visualizer (Communication skills)

Three lines of code:

# read in workstation data
ips.dat <- read.csv("data/cs448b_ipasn.csv", 
                colClasses=c("Date", "character", 
                             "character", "numeric"))

# count all the flows
pivot <- count(ips.dat, .(l_ipn), wt_var=.(f))

# plot the data with bars
qp <- qplot(x=l_ipn, y=freq, data=pivot,       # data to use
            geom="bar",                        # make a bar chart
            main="Title # flows / IP") +       # title of chart
      coord_flip() +                           # horizontal bars
      theme_bw() +                             # remove chart junk
      theme(text=element_text(size=20),        # BIG text (for pres)
            axis.text=element_text(size=30))   # moar BIG text

The result:

sapply(anscombe, mean)  # SAME mean

   x1    x2    x3    x4    y1    y2    y3    y4 
9.000 9.000 9.000 9.000 7.501 7.501 7.500 7.501 

sapply(anscombe, sd)  # SAME standard deviatioin

   x1    x2    x3    x4    y1    y2    y3    y4 
3.317 3.317 3.317 3.317 2.032 2.032 2.030 2.031 

sapply(anscombe, var)  # SAME variance

    x1     x2     x3     x4     y1     y2     y3     y4 
11.000 11.000 11.000 11.000  4.127  4.128  4.123  4.123 

for (i in 1:4) cat(cor(anscombe[, i], anscombe[, i + 4]), "\n")

0.8164 
0.8162 
0.8163 
0.8165