Researchers testing Android security with mega network
To say that Android is a popular target of malware is an understatement. In Q2 alone, almost 15,000 new malware-laced apps were discovered by one cyber security company.
However, research done by Sandia National Laboratories in Livermore, Calif., could give the smart phone industry a tool to fight malware bloat in the Android ecosystem.
Sandia researchers have linked together some 300,000 virtual Android devices so they can study large networks of smart phones, and find ways to make them more reliable and secure. From their work on the project, called MegaDroid, the researchers hope to develop software that will help hardware and software makers to better protect handheld devices from malicious intent.
While smart phones are now ubiquitous and used as general-purpose computing devices as often as desktop or laptop computers, no one is studying them at the scale that Sandia is, according to the Lab's David Fritz.
MegaDroid is a closed system designed to emulate the real world mobile experience. So components like domain name servers, Internet Relay Chat (IRC) servers, Web servers, and multiple subnets can be added to the network.
The researchers have even gone so far as to spoof GPS coordinates to further enhance the verisimilitude of the environment. Creating simulated GPS data for their virtual smartphone users is an important element of the researchers' work because the handsets are highly location-dependent, which could easily allow them to be controlled and manipulated by rogue actors.
In addition to producing software that could lead to better security for consumers using Android smartphones, the work could be a significant stepping stone for all researchers hoping to understand and limit the damage from network disruptions due to glitches in software or protocols, natural disasters, acts of terrorism, or other causes.
Sandia's MegaDroid research can be extended beyond the Android ecosystem, according to Sandia's Scalable and Secure Systems Research department manager Keith Vanderveen. "Apple's iOS, for instance, could take advantage of our body of knowledge and the toolkit we're developing," he said.