On July 19th 2001, Code-Red was released to the internet. After fourteen hours the worn infected 36,000 hosts. Internet worn procedure spreads autonomously from one host to another, worm requires host computer with an address on the Internet and any of several vulnerabilities to create a big threat environment. The aim of this study is to propose Server Worm Register (SWD) to register the number of computers that are infected by the worm. Our proposal
decreases the false alarm in Intelligent Failure Connection Algorithm (IFCA). Our proposal also works when the computer is infected by the worm and IFCDA detected the worm, many computers that are connected through the internet will
receive the warning by using our proposal. We have found IFCA is more reliable by using SWD because it reduced the false alarm
