Self-contained, Android-based network to study cyber disruptions, help secure hand-held devices
Floren said.
The release notes that this latest development by Sandia cyber researchers represents a significant steppingstone for those hoping to understand and limit the damage from network disruptions due to glitches in software or protocols, natural disasters, acts of terrorism, or other causes. These disruptions can cause significant economic and other losses for individual consumers, companies and governments.
“You can’t defend against something you don’t understand,” Floren said. The larger the scale the better, he said, since more computer nodes offer more data for researchers to observe and study.
The research builds upon the Megatux project that started in 2009, in which Sandia scientists ran a million virtual Linux machines, and on a later project that focused on the Windows operating system, called MegaWin. Sandia researchers created those virtual networks at large scale using real Linux and Windows instances in virtual machines.
The main challenge in studying Android-based machines, the researchers say, is the sheer complexity of the software. Google, which developed the Android operating system, wrote some fourteen million lines of code into the software, and the system runs on top of a Linux kernel, which more than doubles the amount of code.
“It’s possible for something to go wrong on the scale of a big wireless network because of a coding mistake in an operating system or an application, and it’s very hard to diagnose and fix,” said Fritz. “You can’t possibly read through 15 million lines of code and understand every possible interaction between all these devices and the network.”
Much of Sandia’s work on virtual computing environments will soon be available for other cyber researchers via open source. Floren and Fritz believe Sandia should continue to work on tools that industry leaders and developers can use to better diagnose and fix problems in computer networks.
“Tools are only useful if they’re used,” said Fritz.
MegaDroid primarily will be useful as a tool to ferret out problems that would manifest themselves when large numbers of smartphones interact, said Keith Vanderveen, manager of Sandia’s Scalable and Secure Systems Research department.
“You could also extend the technology to other platforms besides Android,” said Vanderveen. “Apple’s iOS, for instance, could take advantage of our body of knowledge and the toolkit we’re developing.” He said Sandia also plans to use MegaDroid to explore issues of data protection and data leakage, which he said concern government agencies such as the departments of Defense and Homeland Security.
Watch a video of Sandia’s researchers discussing and demonstrating the MegaDroid project.
