Summer of Code 2006 is a program sponsored by Google, that offers student developers stipends to create new open source programs or to help currently established projects.
The ClamAV project is happy to join this event and get some help from emerging developers to quickly implement some of the features that are currently on our TODO list.

Google will give 5000 USD per accepted student, of which 4500 USD goes to the student and 500 USD goes to the mentoring organization.
Students who wish to join the program and help the ClamAV project will be paid 500 USD upon acceptance of their application, 2000 USD mid program (assuming they have made sufficient progress on the project), and 2000 USD at close of program (assuming they have completed the project).

Quoting from http://code.google.com/soc/studentfaq.html#1:

Summer of Code 2006 is a program that offers student developers stipends to create new open source programs or to help currently established projects. Google will be working with a variety of open source, free software, and technology-related groups to identify and fund several hundred projects over a three-month period.

ClamAV provides three individual project mentors to give guidance to students as they work through their proposals: Tomasz Kojm, aCaB and Luca Gibelli (their contact details are available on the team page).

Here is a pool of project ideas for students to choose from:

• E-mail worm heuristics: design and implement static heuristic detection for e-mail worms based on a support vector or other kernel based classifier. The system should use libclamav’s mechanisms to obtain feature vectors from input data.

• VBS/VBA or JS code emulator: many script viruses (and especially polymorphic ones) could be easily detected with an emulator. Implement VBS, VBA or JS emulator and integrate it with the ClamAV engine.

• Generic phishing detector: implement generic phishing detection module based on URL spoofing detection. Details with Phishing examples will be provided to the student.

• Implement new features in clamd:
  • Add support for ICAP (http://www.i-cap.org)
  • Collect information about malware analyzed by clamd. Add STAT command to clamd to fetch these information and eventually use it to produce a detailed report. Ultimately it should be possible to get an idea of how fast some malware is spreading and which path it follows.

• Various archivers: add support for accessing the content of archives compressed with ARJ, LZH/LHA, ARC and ACE without the need of calling an external decompressor, thus saving a lot of resources. Open source implementations of these archivers are already available for the UNIX platform.

• Unpackers: malware is often encrypted with packers. Supporting more packers increases the chances to detect malware. Support for the following packers is needed: MEW and U Pack.