Sandia's 'MegaDroid' connects 300,000 virtual mobile devices

Amid the push toward a more mobile federal workforce and initiatives to encourage BYOD, one research-and-development facility with ties to the Energy Department is working toward better mobile security by studying large networks of smartphones.

Researchers at Sandia National Laboratories -- operated by Lockheed Martin subsidiary Sandia Corporation on behalf of the National Nuclear Security Administration -- have built a self-contained Android-based network of 300,000 virtual mobile devices to study cyber disruptions in hopes of making devices more secure.

Dubbed MegaDroid, the project is expected to result in a software tool that will enable cyber researchers to model similar environments and examine the behaviors of smartphone networks. The ultimate goal, however, is overall better mobile security.

“Smartphones are now ubiquitous and used as general-purpose computing devices as much as desktop or laptop computers,” said Sandia’s David Fritz (pictured). “But even though they are easy targets, no one appears to be studying them at the scale we’re attempting.”

Megadroid represents an important step in understanding and limiting the damage from network disruptions due to glitches in software or protocols, natural disasters, acts of terrorism, or other causes, according to the researchers.

"You can't defend against something you don't understand," said John Floren, a computer scientist at Sandia. The larger the scale, the better, he said, because more computer nodes will provide researchers with more data to study.

MegaDroid will mainly be useful to flush out problems that manifest themselves when large numbers of smartphones interact, said Keith Vanderveen, manager of Sandia's Scalable and Secure Systems Research department.

"You could also extend the technology to other platforms besides Android," he said. "Apple's iOS, for instance, could take advantage of our body of knowledge and the toolkit we're developing."

MegaDroid will also be used to explore issues around data protection and data leakage, which Vanderveen said concern agencies such as the departments of Defense and Homeland Security.