Defending Polymorphic Worms in Computer Network Using Honeynet
The authors propose a defense mechanism in computer network using gate-translator, double honeynet, sticky honeypot and antivirus engine of CloudAV, which attracts polymorphic worms. An algorithm is proposed to detect and remove the polymorphic worms and innocuous traffic related packets. Future antivirus is implemented on logically detached unused system. Incoming polymorphic worms' detection and removal are measure challenges of computer network security. A polymorphic worm is a worm that changes its appearance with every instance. Polymorphic codes are itself developing codes that mutate each copy by keeping original code unchanged but it changes its pattern each time and sends a copy to another system.