Scan an AWS S3 File for Viruses in Java
With cloud storage becoming a widespread solution for businesses, it’s important to perform reliable scans to identify threats and prevent further infection.
Join the DZone community and get the full member experience.
Join For FreeThe increased use of cloud storage is also increasing the attention it gets from potential cyber attackers. End-users are able to upload viruses, and attackers can craft specialized attack malware and upload this content as well. Once these threats are uploaded, they can flow through your systems, hiding themselves in cloud storage or databases, and could eventually get executed.
Consider the following situation: an attacker uploads a custom executable file into a financial company’s cloud storage database, and the system accepts it. The virus is missed by the company’s minimal virus scan software, so it continues to infiltrate other critical business applications. Eventually, it’s downloaded by a financial manager, resulting in an endpoint being infected with an Advanced Persistent Threat (APT).
So how can we ensure our cloud storage (in this case an AWS S3 file) is free from these threats? We need a solution that will not only tell us if the file is clean, but also identify the virus if present. Here, we'll take a look at a free solution for Java that can scan cloud storage for multiple threats by leveraging a database of over 17 million virus signatures that is updated every 15 minutes via the cloud.
To begin, we will install the library by adding the Maven repository:
xxxxxxxxxx
<repositories>
<repository>
<id>jitpack.io</id>
<url>https://jitpack.io</url>
</repository>
</repositories>
Then, add the Maven dependency:
xxxxxxxxxx
<dependencies>
<dependency>
<groupId>com.github.Cloudmersive</groupId>
<artifactId>Cloudmersive.APIClient.Java</artifactId>
<version>v3.54</version>
</dependency>
</dependencies>
Now, we want to scan the scan the AWS S3 file for viruses. To prevent any wait time for our users, the scanning system provides a subsecond response, enabling the user to immediately take action if a threat is detected.
At the top of our controller we should add these imports:
xxxxxxxxxx
// Import classes:
//import com.cloudmersive.client.invoker.ApiClient;
//import com.cloudmersive.client.invoker.ApiException;
//import com.cloudmersive.client.invoker.Configuration;
//import com.cloudmersive.client.invoker.auth.*;
//import com.cloudmersive.client.ScanCloudStorageApi;
Next, we will need to gather the following parameters to plug into the code:
- API Key; retrieve a free forever API key from the Cloudmersive website that can scan 800 files/month
- Access key for the S3 bucket; we can get this from My Security Credentials in the AWS Console
- Secret key for the S3 bucket; this can be found in My Security Credentials as well
- Name of the region of the S3 bucket (ex: US-East-1)
- Name of the S3 bucket
- Key name (a.k.a. file name) of the file in S3 you wish to scan for viruses
Lastly, we enter the following code into our controller:
xxxxxxxxxx
ApiClient defaultClient = Configuration.getDefaultApiClient();
// Configure API key authorization: Apikey
ApiKeyAuth Apikey = (ApiKeyAuth) defaultClient.getAuthentication("Apikey");
Apikey.setApiKey("YOUR API KEY");
// Uncomment the following line to set a prefix for the API key, e.g. "Token" (defaults to null)
//Apikey.setApiKeyPrefix("Token");
ScanCloudStorageApi apiInstance = new ScanCloudStorageApi();
String accessKey = "accessKey_example"; // String | AWS S3 access key for the S3 bucket; you can get this from My Security Credentials in the AWS console
String secretKey = "secretKey_example"; // String | AWS S3 secret key for the S3 bucket; you can get this from My Security Credentials in the AWS console
String bucketRegion = "bucketRegion_example"; // String | Name of the region of the S3 bucket, such as 'US-East-1'
String bucketName = "bucketName_example"; // String | Name of the S3 bucket
String keyName = "keyName_example"; // String | Key name (also called file name) of the file in S3 that you wish to scan for viruses
try {
CloudStorageVirusScanResult result = apiInstance.scanCloudStorageScanAwsS3File(accessKey, secretKey, bucketRegion, bucketName, keyName);
System.out.println(result);
} catch (ApiException e) {
System.err.println("Exception when calling ScanCloudStorageApi#scanCloudStorageScanAwsS3File");
e.printStackTrace();
}
Voila! This will return a lightning-fast result indicating if your AWS S3 file is free from viruses, malware, trojans, ransomware, and spyware. If a threat is found, the result will indicate the virus name, enabling the user to promptly address the issue and eradicate the virus.
In conclusion, we can see that being proactive in scanning our cloud storage for viruses is an important and necessary step in assuring the most secure experience for our business and users.
Opinions expressed by DZone contributors are their own.
Comments