Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 1 of 1
Full-Text Articles in Engineering
Minos: Unsupervised Netflow-Based Detection Of Infected And Attacked Hosts, And Attack Time In Large Networks, Mousume Bhowmick
Minos: Unsupervised Netflow-Based Detection Of Infected And Attacked Hosts, And Attack Time In Large Networks, Mousume Bhowmick
Boise State University Theses and Dissertations
Monitoring large-scale networks for malicious activities is increasingly challenging: the amount and heterogeneity of traffic hinder the manual definition of IDS signatures and deep packet inspection. In this thesis, we propose MINOS, a novel fully unsupervised approach that generates an anomaly score for each host allowing us to classify with high accuracy each host as either infected (generating malicious activities), attacked (under attack), or clean (without any infection). The generated score of each hour is able to detect the time frame of being attacked for an infected or attacked host without any prior knowledge. MINOS automatically creates a personalized traffic …