Checking uploaded files for viruses

Asked 25/7, 2016 at 7:55 Answered 12/4, 2018 at 9:30

I have some application. User can upload files, i save it on disk, and return it, when user want. I need implement some protection for uploaded files for viruses. I found 3 solutions for this problem:

Use online antiviruses
Install antivirus on my server and check uploaded file from command line
Integrate antivirus by sdk or api.

I don't like first solution, because i send my files and private info for other server. Second solution i think is best, but i don't know how correctly implement it. Last solution good, but i can't find any good and famous antiviruses, who has java api.

Please, give me some direction for solve this problem. Mb some advice or literature. What is best way for solve it?

Hod answered 25/7, 2016 at 7:55 Comment(3)

Flagged as this is primarily opinion-based, but I'd suggest option #2, launching the AV process from your application as a child, and then check what the child reports with its exit code (e.g. 0 = clean, 1 = infected, or something else -check docs), and so on. – Aweless 25/7, 2016 at 8:0

@ray I found this recommendation: "From the application point of view you can create a proxy server where you can install antivirus software, upload the file to this server, scan it and transfer to your destination server. " But why we need use some new server? – Hod 25/7, 2016 at 8:4

I suppose you can do that, if you have the infrastructure and know-how to set it up correctly, but if you install the AV in your server, the application can launch the AV against the new file as a child process. Doesn't that seem simpler? – Aweless 25/7, 2016 at 8:6

First, you have to check what kind of API does your installed antivirus software provides.

If there is any Java API provided (like AVG API) then you have to use it as below:

public void scanFile(byte[] fileBytes, String fileName)
   throws IOException, Exception {
   if (scan) {
      AVClient avc = new AVClient(avServer, avPort, avMode);
      if (avc.scanfile(fileName, fileBytes) == -1) {
         throw new VirusException("WARNING: A virus was detected in
            your attachment: " + fileName + "<br>Please scan
            your system with the latest antivirus software with
            updated virus definitions and try again.");
      }
   }
}

If no Java API is provided by the installed antivirus software, then you can still invoke it using command line, as below:

String[] commands =  new String[5];
                  commands[0] = "cmd";
                  commands[1] = "/c";
                  commands[2] = "C:\\Program Files\\AVG\\AVG10\\avgscanx.exe";
                  commands[3] = "/scan=" + filename;
                  commands[4] = "/report=" + virusoutput;


                 Runtime rt = Runtime.getRuntime();
                 Process proc = rt.exec(commands);

There is an interesting article for your reference: Implementing an Anti-Virus File Scan in JEE Applications

Hope this helps you.

Footrest answered 8/12, 2016 at 6:29 Comment(0)

The online AntiVirus ClamAV: https://github.com/cdarras/clamav-client is a good one.

If you use Linux/Mac, the online AV should be sufficient. If you use windows, you should also, install an antivirus on your server.

Liquefacient answered 12/4, 2018 at 9:30 Comment(0)

Recommended topics

Hot tags