Virus Destroyer came to be with the thought that not everyone has the experience required to protect their computer securely. Normally, it is a long and tedious process that many overlook or just skip. Well, no more! Virus Destroyer puts a fun twist on securing your computer, making the boring process of scanning and securing your files into a fun game!
What it does
Virus Destroyer begins by searching the current directory and extracting the MD5-Hash of any found files, then comparing the hashes to a CSV database filled with known malicious signatures. If the hash does not match any of the malicious signatures, the user is allowed to continue their normal processes. However, if the file matches one of the malicious hashes within the database, Virus Destroyer will kick in. First, Virus Destroyer will protect against the malware from propagating throughout the network, forcing the computer into airplane mode. Then, the program will quarantine the file by compressing it into a zip directory and making the original file hidden, therefore stopping the program from executing and replicating. While doing this, Virus Destroyer will also create a byte-coded grey scale image of the virus to use as a sprite within the game. Overall, this creates a quarantine of the malicious files and ensures that they cannot spread throughout the network. Finally, the game will launch, allowing players to erase the files using our file cleaner.
How we built it
Virus Destroyer uses a CSV file of known malicious file hashes to compare potentially malicious files to see if any are known to be dangerous. The code that quarantines and compresses the malicious software uses the modules zipfile, imageio, hashlib, pyautogui, and pandas. This includes: detecting the malware, disconnecting the infected computer from the network, hiding and zipping the file, creating a byte-encoded grey scale image of the file, and then saves the image as a sprite for the game. After the file has been quarantined, the game is launched using Arcade and the byte-coded images are called from the folder. The goal of the game is to destroy all of the viruses, once that is completed, Virus Destroyer will delete the infected file from the computer in its entirety. With Virus Destroyer, we aimed to make a more interactive way to protect a computer that would make the players feel as though they are taking steps to wipe their machine of the malicious file.
Challenges we ran into
While we ran into many little challenges, the most obvious one being that none of us have ever made a game, the toughest challenge that we faced was getting the detecting/quarantining code to run alongside the game. We had to figure out how to delete files as sprites were destroyed and to keep the computer in quarantine mode as the game was running.
Accomplishments that we're proud of
Given the time constraints that we had during this competition, we are extremely proud of ourselves for how far we made this project come to life within just a matter of twenty-four hours. Also, since we are all Cyber Security majors, making a retro video game was most definitely outside of our comfort zone and we could not be happier with our result at the end of this competition.
What we learned
After competing this weekend, we have expanded upon our coding skills, and expanded our boundaries with experimenting and creating a video-game. We learned how to use the python module arcade to create a fully functional video game, and learned how to detect potentially dangerous files on a hard drive. We also learned how to control file directories and file permissions with python, and how to manipulate files (zipping/translating data from code to images).
What's next for Virus Destroyer
In the future, we definitely would like to switch to a different, more powerful game engine - python is powerful, but we did run into several issues where certain libraries that were needed could not be used or even called. We would also like to implement a more complex hash comparison for detecting potentially malicious files, utilizing a larger database of well-known malicious file signatures.