Cyber Swachhta Kendra (India), a center set up for handling the tasks related to malware analysis has rolled out a handful of security tools for mitigating online security threats for PCs and Smartphones. The security tools – AppSamvid, M-Kavach (for Mobile devices), USB Pratirodh, など, have been particularly designed for mitigating threats through malicious botnets, マルウェア, and web browsers. この記事で, we will take a look at AppSamvid, a free Application Whitelisting software for Windows operating system.
AppSamvid Application Whitelisting software
AppSamvid is an application whitelisting software that helps you whitelist a program in Windows. If you are not aware, application whitelisting is the security practice of restricting systems from running software unless it has been cleared for safe execution. This has numerous advantages over traditional signature-based antivirus software approach of blacklisting the virus files. 例えば, Whitelisting has the advantage over blacklisting as it does not require frequent virus definition updates. AppSamvid protects is capable of protecting operating system against such threats including Ransomware.
When you first download the application and install it, you’ll notice a setup screen that prompts you for a password. Enter the password and choose ‘Next’. This password needs to be entered using AppSamvid user console password dialog box which pops up every time a user tries to get access to AppSamvid user interface.
The main interface of the program displays the following:
1] Home Menu: This menu bears the description of applications. In addition to this, it makes visible the current status of the software installed.
2] Scan Options: The scan options available are:
- Initial Scan: Remains active, only if it is not performed initially during the installation process. その後, it is disabled.
- Folder Scan: Performs drive scan to add to the database.
- File scan: Adds a single file to the database.
To enable Whitelist Enforcement, simply go to Home menu and under the AppSamvid features option, 選択、 Enable Whitelist Enforcement option and click on Apply. To disable the same, simply select Disable Whitelist Enforcement または Suspend Whitelist Enforcement till next reboot button and click on Apply.
3] Settings Menu: This menu allows configuring different options and you will find the following settings:
- Java Settings: Allows viewing JDK and JRE installed on the system. This option is for use when the user intends to whitelist java files.
- Change AppSamvid Administrator Password: As the name suggests, the option allows changing the AppSamvid software’s administrator password.
- 更新プログラムの確認: This option allows the user to evaluate/calculate for the potential updater application(s) of third-party software. This can be done by analyzing the logs generated by AppSamvid software as it helps a user to easily identify the executable file(s) that can be marked as trusted updater(s).
4] Logs Menu: Keeps a log of changes made by AppSamvid software. It features action column as:
- Block_Unknown – For application files NOT found in AppSamvid database.
- Block_known – For application files found in Appsamvid database and explicitly blocked by the user.
When you choose to run a scan, the program scans the complete hard-disk for executables, Java files, など, and stores them in the database along with some additional information about each file. Once the software is installed and the initial scan of applications is complete, the user can whitelist any executable files using file and/or folder scan.
The AppSamvid tool is designed and developed by Centre for Development of Advanced Computing (C-DAC) and an integral part of Cyber Swachhta Kendra (Government of India’s Digital India initiative under the Ministry of Electronics and Information Technology MeitY, set up in accordance with the objectives of the National Cyber Security Policy). C-DAC is the premier R&D organization of the Ministry of Electronics and Information Technology (MeitY) for carrying out R&D in IT, Electronics and associated areas.
The main function of this Center would be to create a secure cyberspace by detecting botnet infections in India. さらに, this center will notify the users, provide tools to enable cleaning and securing systems so as to prevent further infections. This center operates in close coordination and collaboration with Internet Service Providers and Antivirus companies.
You can download AppSamvid from cdac.in. Do leave your feedback in the comments section below.