11:42 AM
Connect Directly

'MegaDroid' Tests Android Security At City Scale

Department of Energy launches MegaDroid, a network of 300,000 virtual Android devices, to study mobile security and stability at a city-sized scale.

The Department of Energy's Sandia National Laboratories has created a virtual network of 300,000 Android smartphones in a platform called MegaDroid to study large smartphone networks and security.

The Android software is being run on racks of hundreds of commodity desktop computers linked together to form a relatively inexpensive cluster. The goal: replicate a large network of Android phones in the wild in order to understand network and security problems at scale, including data protection and leakage as well as problems that arise from widespread software glitches or natural disasters.

As part of the study, Sandia says it will build and eventually release open source software that will let cybersecurity researchers, application developers and the government model smartphone networks that could potentially also include virtual devices running other platforms like iOS or BlackBerry. It will also create a demonstration of the project that could be shared with other private and public sector entities.

Sandia's MegaDroid project follows up on two similar Sandia efforts, Megatux and MegaWin, which were large-scale simulations of virtual Linux and Windows machines. Sandia used those projects to study botnets. MegaDroid is, in some ways, the next step in that series of tests.

[ Will mobile biometrics drive identity and access management in the enterprise? Mobile Biometrics: Your Device Defines You. ]

"Smartphones are now ubiquitous and used as general-purpose computing devices as much as desktop or laptop computers," Sandia researcher David Fritz said in a press release. "But even though they are easy targets, no one appears to be studying them at the scale we're attempting."

However, the MegaDroid project introduces new complexities into large-scale operating system simulations because Android software is complex as it runs on top of a Linux kernel and because, by their nature, smartphones are not static like desktops and servers.

To account for mobility, Sandia will be creating mock GPS data to simulate the use of smartphones in a city. The virtual Android phones won't know the difference between the mock data and real GPS data. Sandia will use this data to simulate people walking around a city and can, for example, plot the virtual devices on a simulated street map.

As for the complexity? That's one issue the study is out to solve. "It's possible for something to go wrong on the scale of a big wireless network because of a coding mistake in an operating system or an application, and it's very hard to diagnose and fix," Fritz said. "You can't possibly read through 15 million lines of code and understand every possible interaction between all these devices and the network."

Comment  | 
Print  | 
More Insights
InformationWeek Elite 100
InformationWeek Elite 100
Our data shows these innovators using digital technology in two key areas: providing better products and cutting costs. Almost half of them expect to introduce a new IT-led product this year, and 46% are using technology to make business processes more efficient.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - August 27, 2014
Who wins in cloud price wars? Short answer: not IT. Enterprises don't want bare-bones IaaS. Providers must focus on support, not undercutting rivals.
Flash Poll
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Howard Marks talks about steps to take in choosing the right cloud storage solutions for your IT problems
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.