edu.ntnu.item.jt.system
Class ThreadHandler

java.lang.Object
  extended by edu.ntnu.item.jt.system.ThreadHandler
All Implemented Interfaces:
AVUpdateThreadCallback, ScanThreadCallback

public class ThreadHandler
extends Object
implements ScanThreadCallback, AVUpdateThreadCallback

Responsible for handling threaded parallel malware scan. Keeps track of a set of scanners and records which have replied.

Author:
Jøran Vagnby Lillesand
See Also:
Scanner.run()

Constructor Summary
ThreadHandler(ArrayList<Scanner> scanners)
          Instantiates a ThreadHandler.
 
Method Summary
 ArrayList<ScanResult> executeMalware(File malwareSample)
          Starts scanner threads which executes a malware and attempts to read the real-time anti-virus log file.
 ArrayList<ScanResult> performScan(File malwareSample)
          Starts scan threads and waits for them to report back.
 void reportResult(AVUpdateResult rsr)
          Callback function for threads responsible for performing update of one AV engine.
 void reportResult(ScanResult sr)
          Callback method for scan threads.
 ArrayList<AVUpdateResult> updateScanners()
          Update virus definitions for the scanners associated with this thread handler.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

ThreadHandler

public ThreadHandler(ArrayList<Scanner> scanners)
Instantiates a ThreadHandler.

Parameters:
scanners - the list of scanners to be used for scan operations.
Method Detail

reportResult

public void reportResult(ScanResult sr)
Description copied from interface: ScanThreadCallback
Callback method for scan threads. Signals that the calling thread has finished the scan.

Specified by:
reportResult in interface ScanThreadCallback
Parameters:
sr - result of the scan for the reporting engine.

reportResult

public void reportResult(AVUpdateResult rsr)
Description copied from interface: AVUpdateThreadCallback
Callback function for threads responsible for performing update of one AV engine.

Specified by:
reportResult in interface AVUpdateThreadCallback
Parameters:
rsr - object containing a description of the update result.

updateScanners

public ArrayList<AVUpdateResult> updateScanners()
Update virus definitions for the scanners associated with this thread handler. Starts the update threads and waits for callbacks until some timeout given in the settings file.

Returns:
list over scan results.
See Also:
Scanner.updateAV(), Scanner.startThreadedAVUpdate(AVUpdateThreadCallback)

executeMalware

public ArrayList<ScanResult> executeMalware(File malwareSample)
Starts scanner threads which executes a malware and attempts to read the real-time anti-virus log file. Will wait for scan threads to call back either until all threads have completed or timeout as described in the properties file occurs. Any threads which fails to report back before the timeout will have their virtual machines forcefully restored to snapshots. This currently causes the thread to hang (as it will usually be in a blocking call against the vix api, which is then interrupted by the restore to snapshot instruction). Scan results are generated for timed out scan engines.

Parameters:
malwareSample - referece to the file to be executed.
Returns:
list of real-time scan results.
See Also:
Scanner.executeMalwareSample(File, boolean, boolean), Scanner.startThreadedMalwareExecution(File, boolean, ScanThreadCallback)

performScan

public ArrayList<ScanResult> performScan(File malwareSample)
Starts scan threads and waits for them to report back. Will wait for scan threads to call back either until all threads have completed or timeout as described in the properties file occurs. Any threads which fails to report back before the timeout will have their virtual machines forcefully restored to snapshots. This currently causes the thread to hang (as it will usually be in a blocking call against the vix api, which is then interrupted by the restore to snapshot instruction). Scan results are generated for timed out scan engines.

Parameters:
malwareSample - malware sample to be scanned.
Returns:
list of scan results.
See Also:
Scanner.scan(File, boolean, boolean), Scanner.startThreadedScan(File, boolean, ScanThreadCallback)