Sandia builds Android-based network to study cyber disruptions

Oct 02, 2012
Sandia's David Fritz holds two Android smartphones, representing the virtual network of 300,000 such devices that he and other researchers are using to advance understanding of malicious computer networks on the Internet. Credit: Dino Vournas, Sandia National Laboratories

As part of ongoing research to help prevent and mitigate disruptions to computer networks on the Internet, researchers at Sandia National Laboratories in California have turned their attention to smartphones and other hand-held computing devices.

Sandia cyber researchers linked together 300,000 virtual hand-held running the Android operating system so they can study of smartphones and find ways to make them more reliable and secure. Android dominates the smartphone industry and runs on a range of computing gadgets.

The work is expected to result in a software tool that will allow others in the community to model similar environments and study the behaviors of smartphone networks. Ultimately, the tool will enable the computing industry to better protect hand-held devices from malicious intent.

The project builds on the success of earlier work in which Sandia focused on virtual Linux and Windows desktop systems.

"Smartphones are now ubiquitous and used as general-purpose computing devices as much as desktop or ," said Sandia's David Fritz. "But even though they are easy targets, no one appears to be studying them at the scale we're attempting."

The Android project, dubbed MegaDroid, is expected to help researchers at Sandia and elsewhere who struggle to understand large scale networks. Soon, Sandia expects to complete a sophisticated demonstration of the MegaDroid project that could be presented to potential industry or government collaborators.

The virtual Android network at Sandia, said computer scientist John Floren, is carefully insulated from other networks at the Labs and the outside world, but can be built up into a realistic computing environment. That environment might include a full domain name service (DNS), an Internet relay chat (IRC) server, a web server and multiple subnets.

A key element of the Android project, Floren said, is a "spoof" (GPS). He and his colleagues created simulated GPS data of a smartphone user in an urban environment, an important experiment since smartphones and such key features as Bluetooth and Wi-Fi capabilities are highly location-dependent and thus could easily be controlled and manipulated by rogue actors.

The researchers then fed that data into the GPS input of an Android virtual machine. Software on the virtual machine treats the location data as indistinguishable from real GPS data, which offers researchers a much richer and more accurate emulation environment from which to analyze and study what hackers can do to smartphone networks, Floren said.

This latest development by Sandia cyber researchers represents a significant steppingstone for those hoping to understand and limit the damage from network disruptions due to glitches in software or protocols, natural disasters, acts of terrorism, or other causes. These disruptions can cause significant economic and other losses for individual consumers, companies and governments.

"You can't defend against something you don't understand," Floren said. The larger the scale the better, he said, since more computer nodes offer more data for researchers to observe and study.

The research builds upon the Megatux project that started in 2009, in which Sandia scientists ran a million virtual Linux machines, and on a later project that focused on the Windows operating system, called MegaWin. Sandia researchers created those virtual networks at large scale using real Linux and Windows instances in virtual machines.

The main challenge in studying Android-based machines, the researchers say, is the sheer complexity of the software. Google, which developed the Android operating system, wrote some 14 million lines of code into the software, and the system runs on top of a Linux kernel, which more than doubles the amount of code.

"It's possible for something to go wrong on the scale of a big wireless network because of a coding mistake in an or an application, and it's very hard to diagnose and fix," said Fritz. "You can't possibly read through 15 million lines of code and understand every possible interaction between all these devices and the network."

Much of Sandia's work on virtual computing environments will soon be available for other cyber researchers via open source. Floren and Fritz believe Sandia should continue to work on tools that industry leaders and developers can use to better diagnose and fix problems in computer networks.

"Tools are only useful if they're used," said Fritz.

MegaDroid primarily will be useful as a tool to ferret out problems that would manifest themselves when large numbers of smartphones interact, said Keith Vanderveen, manager of Sandia's Scalable and Secure Systems Research department.

"You could also extend the technology to other platforms besides Android," said Vanderveen. "Apple's iOS, for instance, could take advantage of our body of knowledge and the toolkit we're developing." He said Sandia also plans to use MegaDroid to explore issues of data protection and data leakage, which he said concern government agencies such as the departments of Defense and Homeland Security.

Explore further: UT Dallas professor to develop framework to protect computers' cores

Related Stories

Research team 'virtualizes' supercomputer

Jan 20, 2010

A collaboration between researchers at Northwestern University, Sandia National Labs and the University of New Mexico has resulted in the largest-scale study ever done on what many consider an important part of the future ...

T-Mobile plans Android-based home devices: Times

Apr 06, 2009

US wireless carrier T-Mobile plans to make a push into the home with communications devices that will run on Google's Android open-source software, The New York Times reported on Monday.

Recommended for you

User comments : 0

More news stories

Ex-Apple chief plans mobile phone for India

Former Apple chief executive John Sculley, whose marketing skills helped bring the personal computer to desktops worldwide, says he plans to launch a mobile phone in India to exploit its still largely untapped ...

Airbnb rental site raises $450 mn

Online lodging listings website Airbnb inked a $450 million funding deal with investors led by TPG, a source close to the matter said Friday.

Health care site flagged in Heartbleed review

People with accounts on the enrollment website for President Barack Obama's signature health care law are being told to change their passwords following an administration-wide review of the government's vulnerability to the ...

A homemade solar lamp for developing countries

(Phys.org) —The solar lamp developed by the start-up LEDsafari is a more effective, safer, and less expensive form of illumination than the traditional oil lamp currently used by more than one billion people ...

NASA's space station Robonaut finally getting legs

Robonaut, the first out-of-this-world humanoid, is finally getting its space legs. For three years, Robonaut has had to manage from the waist up. This new pair of legs means the experimental robot—now stuck ...

Filipino tests negative for Middle East virus

A Filipino nurse who tested positive for the Middle East virus has been found free of infection in a subsequent examination after he returned home, Philippine health officials said Saturday.

Egypt archaeologists find ancient writer's tomb

Egypt's minister of antiquities says a team of Spanish archaeologists has discovered two tombs in the southern part of the country, one of them belonging to a writer and containing a trove of artifacts including reed pens ...