Sandia builds massive Android network to study security, more

National laboratory's MegaDroid to be released as open source

Government scientists have built a network of hundreds of thousands of simulated Android mobile devices that could be used for building better security on the most popular mobile devices.

By early spring 2013, the Sandia National Laboratories in California plans to make software tools available to private and government organizations that want to build their own environment for studying the behaviors of smartphone networks.

Sandia scientists have built a network of as many as 300,000 virtual handheld computing devices, but say the technology can scale up to run on supercomputer-class machines, or scale down to a workstation.

What the researchers have done is link together instances of generic Android, each running on a separate virtual machine. The network, which runs on racks of off-the-shelf, x86 desktops, can be built up into a realistic computing environment that includes a full domain name service (DNS), an Internet relay chat (IRC) server, a web server and multiple subnets.

A key component of MegaDroid is an imitation Global Positioning System (GPS) that includes simulated data of a smartphone user in an urban environment. Since Wi-Fi and Bluetooth capabilities depend on GPS data, the feature is important for studying how the two communication features could be used by cybercriminals to steal data.

Researchers also could run malware on any of the simulated devices to see how it would behave within the network.

"If you have something you're capable of running on an Android device, be it malware, an application or whatever, this platform could test it for you," Keith Vanderveen, manager of Sandia's Scalable and Secure Systems Research department, said.

Android is the favorite mobile platform of cybercriminals. Reasons include the platform's large user base and the fact that any organization can set up an app market. In August, Android accounted for almost 53% of the smartphone market, comScore said.

Besides malware, Megadroid has a much broader use. Because it can scale to the size of real-life cellular networks, it is expected to be valuable in finding ways to limit damage from network disruptions due to glitches in software or protocols, natural disasters or acts of terrorism.

[In depth: Which smartphone is most secure?]

In addition, the platform would be useful in studying methods for preventing unauthorized data from leaving a device, a major concern for corporations and the departments of Defense and Homeland Security.

MegaDroid will be released as an open-source project, so other researchers can modify the technology to fit their needs. While Android was chosen for the initial platform, the technology could be used in testing Apple's iOS devices.

"The platform is really designed to be flexible," David Fritz, a Sandia researcher, said.

MegaDroid is an offshoot of simulation platforms built for studying large-scale networks of Windows and Linux computers. Over the last three years, Sandia has spent a total of $3.5 million on the various projects.

The laboratory is open to working with academia and private industry on the MegaDroid project. In the 1990s, Sandia helped advise the President's Commission of Critical Infrastructure Protection, which led to its current focus on network security

To comment on this article and other CSO content, visit our Facebook page or our Twitter stream.
How much is a data breach going to cost you?