InformationWeek: The Business Value of Technology

InformationWeek: The Business Value of Technology
InformationWeek Big Data Coverage
= Member Content
Facebook Twitter Share

E-mail | Print | Permalink | LinkedIn | RSS

'MegaDroid' Tests Android Security At City Scale


Department of Energy launches MegaDroid, a network of 300,000 virtual Android devices, to study mobile security and stability at a city-sized scale.




The Department of Energy's Sandia National Laboratories has created a virtual network of 300,000 Android smartphones in a platform called MegaDroid to study large smartphone networks and security.

The Android software is being run on racks of hundreds of commodity desktop computers linked together to form a relatively inexpensive cluster. The goal: replicate a large network of Android phones in the wild in order to understand network and security problems at scale, including data protection and leakage as well as problems that arise from widespread software glitches or natural disasters.

As part of the study, Sandia says it will build and eventually release open source software that will let cybersecurity researchers, application developers and the government model smartphone networks that could potentially also include virtual devices running other platforms like iOS or BlackBerry. It will also create a demonstration of the project that could be shared with other private and public sector entities.

Sandia's MegaDroid project follows up on two similar Sandia efforts, Megatux and MegaWin, which were large-scale simulations of virtual Linux and Windows machines. Sandia used those projects to study botnets. MegaDroid is, in some ways, the next step in that series of tests.

[ Will mobile biometrics drive identity and access management in the enterprise? Mobile Biometrics: Your Device Defines You. ]

"Smartphones are now ubiquitous and used as general-purpose computing devices as much as desktop or laptop computers," Sandia researcher David Fritz said in a press release. "But even though they are easy targets, no one appears to be studying them at the scale we're attempting."

However, the MegaDroid project introduces new complexities into large-scale operating system simulations because Android software is complex as it runs on top of a Linux kernel and because, by their nature, smartphones are not static like desktops and servers.

To account for mobility, Sandia will be creating mock GPS data to simulate the use of smartphones in a city. The virtual Android phones won't know the difference between the mock data and real GPS data. Sandia will use this data to simulate people walking around a city and can, for example, plot the virtual devices on a simulated street map.

As for the complexity? That's one issue the study is out to solve. "It's possible for something to go wrong on the scale of a big wireless network because of a coding mistake in an operating system or an application, and it's very hard to diagnose and fix," Fritz said. "You can't possibly read through 15 million lines of code and understand every possible interaction between all these devices and the network."


Federal agencies must eliminate 800 data centers over the next five years. Find how they plan to do it in the new all-digital issue of InformationWeek Government. Download it now (registration required).

Cybersecurity, continuity planning, and data records management top the list in our latest Federal IT Priorities Survey. Also in the new, all-digital Focus On The Foundation issue of InformationWeek Government: The FBI's next-gen digital case management system, Sentinel, is finally up and running.. (Free registration required.)




InformationWeek encourages readers to engage in spirited, healthy debate, including taking us to task. However, InformationWeek moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing/SPAM. InformationWeek further reserves the right to disable the profile of any commenter participating in said activities.

Disqus Tips To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy.
Subscribe to RSS


Advertisement


InformationWeek Reports

report Mobility's Next Challenge: 8 Steps to a Secure Environment
Taking your company's mobile capabilities to the next level--whether on personally or company-owned devices-requires a lifecycle management plan that encompasses application security, development, distribution, support and enhancement. We show you how to get there and provide insight into five mobile application development options.

report Buyer's Guide: Mobile Device Management
Want the lowdown on nine top MDM products? Our InformationWeek Buyer's Guide is your one-stop guide for choosing an MDM system that match your requirements. ZIP file includes: Detailed comparison charts on security, administration, and platform and reporting features; our full questionnaire; and responses from Absolute Software, AirWatch, Fiberlink Communications, JAMF Software, MobileIron, Odyssey Software, Symantec, Tangoe, and Zenprise.

report Dark Side of Mobile Apps
Companies are rushing headlong to develop applications for Android, Apple and BlackBerry devices. But IT must maintain its secure development lifecycle process or risk a black eye.

report Reducing Mobile Device Risks to Enterprise Data
Innovative IT shops are turning the mobile device management challenge into a business opportunity--and showing that we can help people be more connected and collaborative, regardless of location. We offer a framework of four possible strategies to secure the mobile environment.