Photo

An air-conditioned data center at Sandia National Laboratories in Livermore, Calif., has the ambience of a Best Buy showroom, with 500 inexpensive desktop computers lined up on racks. But the PCs here are doing something special.

A small team of cybersecurity researchers have lashed the computers together to form a homebrew computing cluster. They are stacked five levels high, braced in impromptu fashion with metal girders in the event of earthquakes, and woven together with colorful Ethernet cables. They serve as a cyber-Potemkin village — a distributed software simulation that is intended to mimic the behavior of an entire city’s worth of Android smartphones.

So far, the researchers have emulated the behavior of a network of 300,000 Android phones, down to details like sending text messages and transmitting wireless data, and even the behavior of the phone’s radios or sensors.

In the future, they hope that their software, which will be freely available through an open-source license, will be used by groups designing social network applications like Foursquare, military battle planners, disaster relief workers and American hackers who are building mesh wireless networks intended to make the Internet available inside nations controlled by dictators, among others.

“We wanted to create something that would approximate the many, many phones in a real network,” said John Floren, a Sandia computer scientist who is part of the group of researchers that built the system, which is called MegaDroid.

The idea is that while such simulators have in the past been developed by the engineers of large data networks, they have not been generally accessible to small groups of designers who might be working on a some new type of distributed application.

To date, wireless smartphone networks have not suffered malicious software infections at the same rate as the standard wired network, which is now plagued by a vast array of malware. Many computer security specialists believe that this will soon change as personal computing goes mobile, much as Willie Sutton robbed banks because, as he put it, that’s where the money was.

A wireless network simulation like MegaDroid would make it possible for security researchers to gain new insights into “attack vectors,” according to the Sandia engineers. Their computing cluster is in an unclassified area of Sandia, which historically has been one of the two engineering and design centers that has built and maintained the nation’s nuclear weapons.

On a large monitor outside the data center, it appears as if the researchers have turned loose a frenetic army of virtual Charlie Sheens on the city of Livermore, Calif. (The use of the Charlie Sheen icons is apparently an inside joke among the researchers.) The scene is actually a visualization tool used by the MegaDroid simulator, which includes fake GPS data and gives the appearance of a beehive of cellular activity as the Android phone owners drive and walk around a map of the city.

The researchers stressed that simulating a wireless network is a much more complex undertaking than simulating a standard desktop-based network.

“In a desktop PC network, the biggest problem you have is someone kicking a cord out,” said David Fritz, one of the MegaDroid designers.

In contrast, modern wireless networks are composed of shifting herds of tens of thousands of smartphone users. The simulation is made even more complex by the fact that each phone contains multiple radios and sensors.

The danger of not having a deep understanding of the behavior of a computer network was made clear several decades ago at the very beginning of the Internet era. In 1988 a Cornell graduate student brought much of the Internet to a standstill — it was composed of about 50,000 computers at the time — when he unleashed a program known as a worm that was intended to live in the network as a bit of digital graffiti — in effect, the cyber-equivalent of writing “Kilroy was here.” However, because of an error in coding that caused the software to rapidly replicate, a vast number of copies spread through the network, overwhelming it.

The researchers said they were concerned about such issues of network resilience, but they also saw the possibility that MegaDroid might be used to build new kinds of distributed applications. For example, disaster workers in an earthquake zone could harness the accelerometers in their phones together to provide a digital seismograph, tracking aftershocks. Or small and inexpensive chemical and biological sensors could be added to smartphones carried by government workers, creating an early warning system in the event of terrorist attacks.

The researchers said that they were sensitive to privacy issues and that they believed the simulator could be used to build systems that provided useful data in national security situations while protecting privacy.

Right now the system models only the open-source Android operating system designed by Google, but the Sandia researchers said they hoped to add other operating sytems like Apple’s IOS. This would give a more realistic model of the wireless data world.