NETWORK ANTIVIRUS USING

CLOUD COMPUTING
By
Name of Students:
Omkar Shashikant Kakade
Makarand Ajit Mhatre
Paras R Joshi

Class & Roll No:

TE-06: 24
TE-06: 36
TE-06: 21

Guide

Department of Information Technology

Shah & Anchor Kutchhi Engineering College, Mumbai

2015-2016

Table of Contents

Page No.

Abstract

List of Figures

ii

Abbreviation Notation and Nomenclature

Iii

Chapter 1 Introduction

Chapter 2 Review of Literature

Chapter 3 Summary

Chapter 4 References

Appendix
Acknowledgement

Abstract
Users download many applications from authorized / unauthorized sources or they
transfer the applications from a system to another. It is possible that virus infected
files would be transferred from sender to the receiver machine. In Anti-virus,
scanning is performed after complete transmission of data on receiver machine
which requires installing of an antivirus program. Some viruses get activated as
soon as transfer complete so even after performing the virus scan, it may have
already affected the system. To avoid such problem we have decided to develop a
program for transferring the files which would be scanned before transferring on a
system. As per our mechanism, scan for viruses are performing after the sender
sends the data and before receiver receive the data. If we found suspected virus
files it will pop up the message which graphically display the receiver the
transmission of data contain the viruses and its description. Based on user choices
file will completely transfer or quarantine the virus file or delete it. To implement
such a mechanism we use open source cloud which act as middleware to deploy our
program. To avoid attacks on cloud we simply provide security to cloud. For
security in transmission medium we provide encryption and decryption of data.

List of Figures

Abbreviation Notation and Nomenclature

Chapter 1
Introduction
Data travels across the internet in packets. Each packet can carry a maximum of
1,500 bytes. Around these packets is a wrapper with a header and a footer. The
information contained in the wrapper tells computers what kind of data is in the
packet, how it fits together with other data, where the data came from and the data's
final destination. When you send an e-mail to someone, the message breaks up into
packets that travel across the network. Different packets from the same message
don't have to follow the same path. That's part of what makes the Internet so robust
and fast. Packets will travel from one machine to another until they reach their
destination. As the packets arrive, the computer receiving the data assembles the
packets like a puzzle, recreating the message.
A computer virus is a malware program that, when executed, replicates by inserting
copies of itself (possibly modified) into other computer programs, data files, or
the boot sector of the hard drive when this replication succeeds, the affected areas
are then said to be "infected". Viruses often perform some type of harmful activity
on infected hosts, such as stealing hard disk space or CPU time, accessing private
information, corrupting data, displaying political or humorous messages on the
user's screen, spamming their contacts, logging their keystrokes, or even rendering
the computer useless. However, not all viruses carry a destructive payload or
attempt to hide themselvesthe defining characteristic of viruses is that they are
self-replicating computer programs which install themselves without user consent.
Cloud computing is the delivery of computing services over the Internet. Cloud
services allow individuals and businesses to use software and hardware that are
managed by third parties at remote locations. Examples of cloud services include
online file storage, social networking sites, webmail, and online business
applications. The cloud computing model allows access to information and
computer resources from anywhere that a network connection is available. Cloud
computing provides a shared pool of resources, including data storage space,
networks, computer processing power, and specialized corporate and user
applications.

Antivirus or anti-virus software is, computer software used to prevent, detect and
remove malicious software. Antivirus software was originally developed to detect
and remove computer viruses. However, with the proliferation of other kinds
of malware, antivirus software started to provide protection from other computer
threats. In particular, modern antivirus software can protect from:
malicious ransomware, keyloggers,backdoors, rootkits, Trojanhorses, worms
, dialers, fraud tools, adware and spyware. Some products also include protection
from other computer threats, such as infected and malicious URLs, spam, scam and
phishing attacks, online identity (privacy), online banking attacks, social
engineering techniques, Advanced PersistentThreat(APT) and botnet DDoS attacks.
Cloud computing security processes should address the security controls the cloud
provider will incorporate to maintain the customer's data security, privacy and
compliance with necessary regulations. The processes will also likely include
a business continuity and data backup plan in the case of a cloud security breach.

Chapter 2
Review of Literature
Antivirus program in todays world are installed on a physical storage to scan the
same physical mediums. However the infected files may sometime be activated
before the virus is scanned and removed.
The file when sent from the sender end is scanned by the antivirus program
deployed onto the cloud storage. For our project we are using open source cloud.
The drawback of open source cloud is anyone can access the files in the cloud
storage or may alter the antivirus programs deployed.
Other security sharing like g-drive provide security only for a limited file size. As
file is scanned in open source cloud the file scanned can be of higher limits
depending upon the cloud storage available.
Virus cannot be deployed through image or mp3 files. So this type of files can be
ignored or scanned at low level.
CryptoLocker is a ransomware Trojan which targeted computers running Microsoft
Windows believed to have first been posted to the Internet on 5 September 2013.
CryptoLocker propagated via infected email attachments, and via an existing
botnet; when activated, the malware encrypts certain types of files stored on local
and mounted network drives using RSA public-key cryptography, with the private
key stored only on the malware's control servers. The malware then displays a
message which offers to decrypt the data if a payment is made by a stated deadline,
and threatened to delete the private key if the deadline passes. If the deadline is not
met, the malware offered to decrypt data via an online service provided by the
malware's operators, for a significantly higher price in bitcoin.
An intrusion detection system (IDS) examines system or network activity to find
Possible intrusions or attacks. Intrusion detection systems are either network-based
Or host-based. Network based intrusion detection systems are most common, and
examine passing network traffic for signs of intrusion. Host-based systems look at
user and process activity on the local machine for signs of intrusion. This system
needs to be the installed at client or server side. On client side if the client is
himself an attacker he will send the infected file without the intrusion detection
system and if the IDS is on receiver end then the file will harm upto some extent till
it is detected by the system.

Chapter 3
Summary
The aim of our project is to detect and delete the infected files in the network itself.
We provide security to the cloud storage where the data is to be scanned. The data
sent is also in encrypted form to avoid data spoofing. While scanning the data will
be decrypted, scanned and then sent to the receiver in encrypted form.
This will allow security to the data as well as the programs that is triggered onto the
cloud. The virus will be scanned on the basis of available virus definitions. If any
file found infected onto the network the file will be removed or quarantined based
on its usage priority.
Security program will be auto-triggered whenever a file is transferring over a
network. The decryption of the file and encryption after scanning will be done by
auto run programs.

Chapter 4
References
Cryptography and Network Security by Behrouz A. Forouzan, TATA McGraw
hill.

Data Transfer:
http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7284358
Antivirus:
http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7036708
Security threats in cloud Computing:
http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6148380
Modelling Virus and Antivirus Spreading Over Hybrid Wireless Ad Hoc and
Wired Networks:
http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=4411093
Computer Network Security and Technology Research:
http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7263569

Appendix

Acknowledgements