This is an automated archive made by the Lemmit Bot.

The original was posted on /r/opensource by /u/Benben377 on 2023-08-21 19:57:14.


I am on a journey to create a full open-source antivirus, and I have kind of run out of ideas.

Raspirus started as a project for a networking company, but they refused to pay for it, so I made it publicly available and continued working on it. I eventually reached the first release of a Hash-matching antivirus. It’s very basic, simply comparing hashes of files with a database. The reason why it’s so basic is to allow for compatibility with low-end devices like the Raspberry Pi 3. It uses almost now CPU or RAM and is decently fast. It works offline and also has support for compressed files (zip). Its original purpose was to scan USB drives attached to a Raspberry Pi, controlled through a mounted touchscreen, but it’s cross-platform and on Windows you can also scan local files and folders.

Currently, the scanning method used is fast, but not very secure. A lot of new malware or slightly changed ones can slip right through it. To avoid this, I tried to add YARA to the project, but I noticed it used a lot of RAM and CPU, which would make the support for Raspberry Pi 3 and earlier impossible. I did consider fuzzy hashing, but that seems to be unreliable too, and it works by comparing files to files, which would require some sort of malware database. I am not a security expert unfortunately and therefore don’t know what else to try. Maybe someone here has built an Antivirus or similar before and can help me. Any suggestion is highly appreciated.