Defending Polymorphic Worms in Computer network using Honeynet
نویسنده
چکیده
We propose a defense mechanism in computer network using gate-translator, double honeynet, sticky honeypot and antivirus engine of CloudAV, which attracts polymorphic worms. An algorithm is proposed to detect and remove the polymorphic worms and innocuous traffic related packets. Future antivirus is implemented on logically detached unused system.
منابع مشابه
Defending Polymorphic Worms in Computer Network using Honeypot
Polymorphic worms are a major threat to internet infrastructure security. In this mechanism we are using gatetranslator, double honeypot, sticky honeypot, internal translator and antivirus of Cloud AV,which attracts polymorphic worms. We are proposing an algorithm to detect and remove polymorphic worms and innocuous traffic related packets. KeywordsPolymorphic worm; Honeypot; Honeynet; Sticky h...
متن کاملPolymorphic Worms Detection Using A Supervised Machine Learning Technique
Polymorphic worms are considered as the most dangerous threats to the Internet security, and the danger lies in changing their payloads in every infection attempt to avoid the security systems. We have designed a novel doublehoneynet system, which is able to detect new worms that have not been seen before. To generate signatures for polymorphic worms we have two steps. The first step is the pol...
متن کاملAn Automated Signature Generation Approach for Polymorphic Worms Using Factor Analysis
Internet worms pose a major threat to Internet infrastructure security, and their destruction will be truly costly. Therefore, the networks must be protected as much as possible against such attacks. In this paper we propose automatic and accurate system for signature generation for unknown polymorphic worms. We have designed a novel double-honeynet system, which is able to detect new worms tha...
متن کاملAn Attacker-Defender Game for Honeynets
A honeynet is a portion of routed but otherwise unused address space that is instrumented for network traffic monitoring. It is an invaluable tool for understanding unwanted Internet traffic and malicious attacks. We formalize the problem of defending honeynets from systematic mapping (a serious threat to their viability) as a simple two-person game. The objective of the Attacker is to identify...
متن کاملAdopted for Containment of Polymorphic Worms – A Review
Development in the computer network technology has also widened its application in the field of education, science and business. But for such a media insecurity exists due to polymorphic worms. It is necessary to evade such polymorphic worms. Various techniques have been developed by researchers to detect and stop these polymorphic worms. On the other hand, FPGA have a significance of parallel ...
متن کامل