First Commit

Author: mijay6

.vscode/c_cpp_properties.json

@@ -0,0 +1,18 @@
+{
+  "configurations": [
+    {
+      "name": "windows-gcc-x64",
+      "includePath": [
+        "${workspaceFolder}/**"
+      ],
+      "compilerPath": "gcc",
+      "cStandard": "${default}",
+      "cppStandard": "${default}",
+      "intelliSenseMode": "windows-gcc-x64",
+      "compilerArgs": [
+        ""
+      ]
+    }
+  ],
+  "version": 4
+}

.vscode/launch.json

@@ -0,0 +1,24 @@
+{
+  "version": "0.2.0",
+  "configurations": [
+    {
+      "name": "C/C++ Runner: Debug Session",
+      "type": "cppdbg",
+      "request": "launch",
+      "args": [],
+      "stopAtEntry": false,
+      "externalConsole": true,
+      "cwd": "c:/Users/mihai/Desktop/SO/so_2_1_dobra_mihai",
+      "program": "c:/Users/mihai/Desktop/SO/so_2_1_dobra_mihai/build/Debug/outDebug",
+      "MIMode": "gdb",
+      "miDebuggerPath": "gdb",
+      "setupCommands": [
+        {
+          "description": "Enable pretty-printing for gdb",
+          "text": "-enable-pretty-printing",
+          "ignoreFailures": true
+        }
+      ]
+    }
+  ]
+}

.vscode/settings.json

@@ -0,0 +1,59 @@
+{
+  "C_Cpp_Runner.cCompilerPath": "gcc",
+  "C_Cpp_Runner.cppCompilerPath": "g++",
+  "C_Cpp_Runner.debuggerPath": "gdb",
+  "C_Cpp_Runner.cStandard": "",
+  "C_Cpp_Runner.cppStandard": "",
+  "C_Cpp_Runner.msvcBatchPath": "C:/Program Files/Microsoft Visual Studio/2022/Community/VC/Auxiliary/Build/vcvarsall.bat",
+  "C_Cpp_Runner.useMsvc": false,
+  "C_Cpp_Runner.warnings": [
+    "-Wall",
+    "-Wextra",
+    "-Wpedantic",
+    "-Wshadow",
+    "-Wformat=2",
+    "-Wcast-align",
+    "-Wconversion",
+    "-Wsign-conversion",
+    "-Wnull-dereference"
+  ],
+  "C_Cpp_Runner.msvcWarnings": [
+    "/W4",
+    "/permissive-",
+    "/w14242",
+    "/w14287",
+    "/w14296",
+    "/w14311",
+    "/w14826",
+    "/w44062",
+    "/w44242",
+    "/w14905",
+    "/w14906",
+    "/w14263",
+    "/w44265",
+    "/w14928"
+  ],
+  "C_Cpp_Runner.enableWarnings": true,
+  "C_Cpp_Runner.warningsAsError": false,
+  "C_Cpp_Runner.compilerArgs": [],
+  "C_Cpp_Runner.linkerArgs": [],
+  "C_Cpp_Runner.includePaths": [],
+  "C_Cpp_Runner.includeSearch": [
+    "*",
+    "**/*"
+  ],
+  "C_Cpp_Runner.excludeSearch": [
+    "**/build",
+    "**/build/**",
+    "**/.*",
+    "**/.*/**",
+    "**/.vscode",
+    "**/.vscode/**"
+  ],
+  "C_Cpp_Runner.useAddressSanitizer": false,
+  "C_Cpp_Runner.useUndefinedSanitizer": false,
+  "C_Cpp_Runner.useLeakSanitizer": false,
+  "C_Cpp_Runner.showCompilationTime": false,
+  "C_Cpp_Runner.useLinkTimeOptimization": false,
+  "C_Cpp_Runner.msvcSecureNoWarnings": false
+}

README.md

@@ -1,38 +1,93 @@
-# SO_2_1_Dobra_Mihai
+# Folder Integrity and Malicious File Scanner
+
+
+[![Assembly](https://img.shields.io/badge/language-C-green.svg)](https://en.wikipedia.org/wiki/C_(programming_language))
+[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
+[![University: UPT](https://img.shields.io/badge/University-Politehnica%20Timisoara-red.svg)](https://www.upt.ro/)
+[![Status: Academic](https://img.shields.io/badge/Status-Academic%20Project-success.svg)](https://github.com/mijay6/Operating-System-File-Monitoring-Tool)
 
-## Name
-Proiect S0.
 
 ## Description
-Acest program va analiza o serie de foldere si in functie de cum se apeleaza programul,
-va realiza diferite functionalitati in aceste foldere.
+This utility scans one or more directories (and their subdirectories), computes and stores SHA-256 checksums and metadata for every file, then compares snapshots across runs to detect:
+
+- **Additions**: new files or folders  
+- **Deletions**: removed files or folders  
+- **Modifications**: changes in content (checksum), name, type or permissions  
+
+Additionally, an optional mode will analyze each file for malicious characteristics (based on size, content, keywords, or non-ASCII characters) and move any flagged files to an isolation folder.
+
+## Features
 
-## Installation
-Va fi compilat asa: gcc -Wall -o prog prog.c -lssl -lcrypto
+- Recursively traverse directories and record metadata in a snapshot file (`<dirname>_snapshot.dat`).
+- Compare current and previous snapshots to list added, removed, or modified entries.
+- Compute SHA-256 checksum using OpenSSL.
+- `-o` option: specify an output directory for generated snapshots.
+- `-s` option: specify an isolation directory for malicious files.
+- Concurrent processing: each directory is scanned in parallel to improve performance.
+- Malicious file detection via a helper Bash script (`verify_for_malicious.sh`).
+
+## Prerequisites & Build
+
+- **GCC** (with C99 support)  
+- **OpenSSL** development libraries (for SHA-256)
+
+Compile with:
+
+```bash
+gcc -Wall -o prog prog.c -lssl -lcrypto
+```
 
 ## Usage
 
-./prog folder1 folder2 folder3...etc (maxim 10 directoare)
+```bash
+# Basic snapshot and comparison
+./prog folder1 folder2 ...
+
+# Save snapshots to a dedicated output directory
+./prog -o snapshots_out folder1 folder2 ...
+
+# Additionally isolate malicious files to a quarantine directory
+./prog -o snapshots_out -s quarantine_dir folder1 folder2 ...
+```
+
+## Behavior
+
+First run: generates `<dirname>_snapshot.dat` and reports  
+> "First run: no previous snapshot found."
+
+Subsequent runs: compares to previous snapshot and prints:
+
+- **Added**: new files or folders  
+- **Removed**: deleted files or folders  
+- **Modified**: name change, content change, permission change, size change, or type change  
+
+**With `-s`**: files deemed malicious are moved to the specified quarantine directory.
+
+## Malicious File Detection
+
+The script `verify_for_malicious.sh` applies the following heuristics:
+
+1. Flags files exceeding **100 lines**, **5 000 words**, or **10 000 characters** as dangerous.  
+2. Flags files with fewer than **3 lines** but more than **1 000 words** or **2 000 characters** as suspicious, then:  
+   - Searches for keywords: `corrupted`, `dangerous`, `risk`, `attack`, `malware`, `malicious`.  
+   - Detects non-ASCII characters.  
+3. Any flagged file has its permissions revoked and is either printed (`SAFE` or file path) or moved to quarantine.
 
-Se da ca parametru unul sau mai multe foldere si programul va calcula suma de control SHA-256
-a tuturor fisierelor din folder si subfoldere si va pastra metadatele fiecarei fisiere din folder
-intrun fisier snapshot. Va compara snapshotul anterior cu cel actual si va printa modificarile.
----------------------------------------------------------------------- 
-./prog -o outputdir folder1 folder2 folder3...etc (maxim 10 directoare)
+## Test Folders
 
-Functionalitatea este extinsa cu un parametru -o urmat de un folder unde 
-se vor pune fisierele snapshot ale folderelor date ca parametru
-----------------------------------------------------------------------
-./prog -o outputdir -s izolated_space_dir folder1 folder2 folder3...etc (maxim 10  directoare)
+This repository includes three sample test folders:
 
-Functionalitatea este extinsa cu un parametru -s urmat de un folder unde se vor muta fisierele malitioase
-----------------------------------------------------------------------
+- `test_folder1/`  
+- `test_folder2/`  
+- `test_folder3/`  
 
-## Authors and acknowledgment
-Dobra Mihai
+Each contains various files and nested directories (including deliberately malicious files) to validate snapshot integrity and malicious detection. 
 
-## License
-Open Source
+## Author
+Politehnica University of Timișoara  
+Faculty of Automation and Computer Science  
+Operating systems
+Academic Year 2023-2024
 
-## Project status
-Finish
+## Contributing
+Please read [CONTRIBUTING.md](CONTRIBUTING.md) for details on our code of conduct and the process for submitting pull requests.