Defending Polymorphic Worms in Computer Network using Honeypot
نویسندگان
چکیده
Polymorphic worms are a major threat to internet infrastructure security. In this mechanism we are using gatetranslator, double honeypot, sticky honeypot, internal translator and antivirus of Cloud AV,which attracts polymorphic worms. We are proposing an algorithm to detect and remove polymorphic worms and innocuous traffic related packets. KeywordsPolymorphic worm; Honeypot; Honeynet; Sticky honeypot; Cloud computing.
منابع مشابه
Defending Polymorphic Worms in Computer network using Honeynet
We propose a defense mechanism in computer network using gate-translator, double honeynet, sticky honeypot and antivirus engine of CloudAV, which attracts polymorphic worms. An algorithm is proposed to detect and remove the polymorphic worms and innocuous traffic related packets. Future antivirus is implemented on logically detached unused system.
متن کاملHoneypot-based Signature Generation for Polymorphic Worms
With the growing sophistication of computer worms, information security has become a prime concern for individuals, community and organizations. Traditional signature based IDS, though effective for known attacks but failed to handle the unknown attack promptly. This paper describes a novel honeypot system which isolates the suspicious traffic from normal traffic, and capture most useful inform...
متن کاملPolymorphic Worms Collection in Cloud Computing
In the past few years, computer worms are seen as one of significant challenges of cloud computing. Worms are rapidly changing and getting more sophisticated to evade detection. One major issue to defend against computer worms is collecting worms’ payloads to generate their signature and study their behavior. To collect worms’ payloads, we identified challenges for detecting and collecting worm...
متن کاملAn Advanced Hybrid Honeypot for Providing Effective Resistance in Automatic Network Generation
Increasing usage of Internet and computer networks by individuals and organizations and also attackers’ usage of new methods and tools in an attempt to endanger network security, have led to the emergence of a wide range of threats to networks. A honeypot is one of the basic techniques employed for network security improvement. It is basically designed to be attacked so as to get the attackers’...
متن کاملPolymorphic Worms Detection Using A Supervised Machine Learning Technique
Polymorphic worms are considered as the most dangerous threats to the Internet security, and the danger lies in changing their payloads in every infection attempt to avoid the security systems. We have designed a novel doublehoneynet system, which is able to detect new worms that have not been seen before. To generate signatures for polymorphic worms we have two steps. The first step is the pol...
متن کامل