MegaDroid security project in full swing at Sandia

They say that assume makes an ‘ass' of ‘me' and ‘u' and that assumption is the mother of all screw-ups. While millions have been poured into researching security and a multitude of threats from cyber hacking on PCs, far less is known about the networks that are developing around communications devices. Specifically, mobile phone networks. Now the US research unit Sandia has some ideas, experiments and thoughts about where this research should go.

Back in 2009, scientists and researchers at Sandia decided to use large-scale virtualisation in order to study security threats against massive, online Linux systems (MegaTux) and MegaWin (Windows) were created to see what threats might wait for systems that are composed of around 1 million interconnected devices – using one OS or the other. You can see Mike Janes, chief PR spinner for Sandia, introduce those projects here.

The brainy part of the project was Sandia's ability to kick off around loads of virtual O/S instances for each real processing unit that's physically present. Using tiny, low-powered ARM chips means that they are able to prototype large systems cheaply – ahead of actually building the necessary super computers to complete their work. This research was aimed squarely at ‘Bot Net' attacks, who's ability to create havoc increases in line with the size of network they infect. As a network passes 100,000 nodes, Bot Nets begin to get serious and as you pass 1 million infections, things can get very scary, very quickly.

This kind of attack and defence research has its origins in the old Core War competitions of the early 1980s, where two teams of programmers would attempt to take over a system completely, using an automated ‘attack unit' of code – called a warrior. Bombers, Replicators, Scanners and a multitude of other attack-code variations sprung up as universities threw themselves into combat. While the original version uses a small, fixed language (8 instructions) – but there are bigger and more complicated versions – as well as a version for 8086 assembler etc.

So where is Sandia taking the research next?  Mobile phones. Specifically, smartphones.

“Smartphones are now ubiquitous and used as general-purpose computing devices as much as desktop or laptop computers,” said Sandia’s David Fritz. “But even though they are easy targets, no one appears to be studying them at the scale we’re attempting”.

And the scale being attempted is massive. Fritz and his co-workers already have 300,000 virtual Android phones on their system – each complete with a spoof GPS signal.

Sandia's Android expert, John Floren said, ““You can’t defend against something you don’t understand. The larger the scale the better, since more computer nodes offer more data for researchers to observe and study”.

Going back to Fritz on the subject of vulnerability, he said, “It is possible for something to go wrong on the scale of a big wireless network because of a coding mistake in an operating system or an application, and it’s very hard to diagnose and fix. You can’t possibly read through 15 million lines of code and understand every possible interaction between all these devices and the network”.

KitGuru says: Apart from the obvious interest (and funding) from the US Homeland Security projects – major operators across the globe are going to want to know what threats there may be – and what solutions are available should Vodafone, O2 or Orange suddenly become crippled by a modern day Core War Warrior.

Comment below or in the KitGuru forums.

Become a Patron!