Guardsman File Scanner

Guardsman automates the scanning of USB drives for malware with ClamAV antivirus through a Raspberry Pi. A report is generated and sent to the Wix Velo database, accessible on the Guardsman website.

Comment 2

Inspiration

Many organizations have firewalls and phishing protections in place, but few have implemented hardware-based security measures. Our team decided it was important to fill this gap so that organizations can be protected from attacks on all fronts. With 66% of lost USBs containing malware, it was the logical choice to create a solution that defends against such weakness.

What it does

Guardsman is a tool for automating the malware scanning process of USB drives. It implements the cost-effectiveness and power of a Raspberry Pi and combines it with the ease of use and efficiency of Wix Velo, as well as the powerful communications solution Twilio. After a USB drive is inserted into the system, it is automatically mounted and scanned using the open source ClamAV antivirus software. A report is then generated, parsed and uploaded to the Wix Velo database. It is also messaged to the user through Twilio for a concise overview. Reports can be reviewed at any time by anyone logged into the organization’s Guardsman account.

How we built it

We first created a Wix site utilizing the Velo development platform, deciding this would be the most efficient full stack solution for our project. Then, by studying the mounting process and ClamAV scanning operation, two bash scripts were created: one for automated mounting of a USB drive and another for detecting malware and outputting a file displaying the results of the ClamAv scan. Through Python, we were able to upload the result file to our website, while also sending a mobile report provided by Twilio. We created a work-in-progress authentication login system in order to access these reports to simulate a business’s ecosystem. This was mostly done in Ubuntu in a VM that emulates the real thing.

Challenges we ran into

  • Our Raspberry Pi is an older model and didn't have enough memory to run the ClamAV antivirus software. We got around this by running our program on an Ubuntu VM emulating newer Raspberry Pi hardware.
  • There was definitely a learning curve with Wix, as nobody had experience building a website using their tools.
  • Working with the lower level hardware when trying to automatically mount and scan drives in a virtual environment proved to be a challenge we had to surmount.

Accomplishments that we're proud of

  • The level of automation achieved. The entire process, from running the antivirus to sending the report to the database all happens automatically after a drive is inserted in the system.
  • Successful integration of unfamiliar tools and platforms (Wix Velo, Twilio, ClamAV)
  • Combining a variety of hardware and software solutions to create a cohesive end result

What we learned

  • How malware scans are performed
  • The lower-level process of recognizing and reading USB drives
  • Learning, using, and adapting APIs on the spot
  • Website development
  • We got a better understanding of how to communicate between several different programming languages (Bash, Python, and Javascript) and technologies (Wix Velo, Rest APIs, ClamAV, Twilio).
  • Goal setting and communication

What's next for Guardsman File Scanner

  • Running our program on an actual Raspberry Pi
  • Automated elimination of potentially dangerous files on request
  • Easier installation
  • Individual reports per user
  • List dangerous files on request, move them to quarantine folder
Share this project:

Updates