As part of ongoing research to help prevent and mitigate disruptions to computer networks on the Internet, researchers at Sandia National Laboratories in California have turned their attention to smartphones and other hand-held computing devices.
Search For The Tool
Sandia cyber researchers linked together 300,000 virtual hand-held computing devices running the Android operating system so they can study large networks of smartphones and find ways to make them more reliable and secure. Android dominates the smartphone industry and runs on a range of computing gadgets.
The work is expected to result in a software tool that will allow others in the cyber research community to model similar environments and study the behaviors of smartphone networks. Ultimately, the tool will enable the computing industry to better protect hand-held devices from malicious intent.
Smartphones are now ubiquitous and used as general-purpose computing devices as much as desktop or laptop computers, But even though they are easy targets, no one appears to be studying them at the scale we’re attempting.
A key element of the Android project, Floren said, is a “spoof” Global Positioning System (GPS). He and his colleagues created simulated GPS data of a smartphone user in an urban environment, an important experiment since smartphones and such key features as Bluetooth and Wi-Fi capabilities are highly location-dependent and thus could easily be controlled and manipulated by rogue actors.
The researchers then fed that data into the GPS input of an Android virtual machine. Software on the virtual machine treats the location data as indistinguishable from real GPS data, which offers researchers a much richer and more accurate emulation environment from which to analyze and study what hackers can do to smartphone networks.
This latest development by Sandia cyber researchers represents a significant steppingstone for those hoping to understand and limit the damage from network disruptions due to glitches in software or protocols, natural disasters, acts of terrorism, or other causes. These disruptions can cause significant economic and other losses for individual consumers, companies and governments.
“You can’t defend against something you don’t understand,” Floren said. The larger the scale the better, he said, since more computer nodes offer more data for researchers to observe and study.
Android Code too Complex!!
The main challenge in studying Android-based machines, the researchers say, is the sheer complexity of the software. Google, which developed the Android operating system, wrote some 14 million lines of code into the software, and the system runs on top of a Linux kernel, which more than doubles the amount of code.
“It’s possible for something to go wrong on the scale of a big wireless network because of a coding mistake in an operating system or an application, and it’s very hard to diagnose and fix,” said Fritz. “You can’t possibly read through 15 million lines of code and understand every possible interaction between all these devices and the network.”
We could also extend the technology to other platforms besides Android, Apple’s iOS, for instance, could take advantage of the body of knowledge and the toolkit developing. Sandia also plans to use MegaDroid to explore issues of data protection and data leakage, which concern government agencies such as the departments of Defense and Homeland Security.