Slashdot Mirror

← Back to Stories (view on slashdot.org)

Sandia Studies Botnets In 1M OS Digital Petri Dish

Posted by kdawson on from the million-bottles-of-wine-on-the-wall dept.

Ponca City, We love you writes "The NY Times has the story of researchers at Sandia National Laboratories creating what is in effect a vast digital petri dish able to hold one million operating systems at once in an effort to study the behavior of botnets. Sandia scientist Ron Minnich, the inventor of LinuxBIOS, and his colleague Don Rudish have converted a Dell supercomputer to simulate a mini-Internet of one million computers. The researchers say they hope to be able to infect their digital petri dish with a botnet and then gather data on how the system behaves. 'When a forest is on fire you can fly over it, but with a cyber-attack you have no clear idea of what it looks like,' says Minnich. 'It's an extremely difficult task to get a global picture.' The Dell Thunderbird supercomputer, named MegaTux, has 4,480 Intel microprocessors running Linux virtual machines with Wine, making it possible to run 1 million copies of a Windows environment without paying licensing fees to Microsoft. MegaTux is an example of a new kind of computational science, in which computers are used to simulate scientific instruments that were once used in physical world laboratories. In the past, the researchers said, no one has tried to program a computer to simulate more than tens of thousands of operating systems."

2 of 161 comments (clear)

  1. A few notes from Ron Minnich by coreboot · · Score: 5, Informative

    Hi, Ron here. Just thought I would mention a few things.
    I love the "life imitates xkcd" aspect. :-)
    We're well aware that Wine is not quite enough to run many windows bots. Until a year or so ago, however, there was a researcher in North Carolina running Storm under Wine, but he told me that that effort ended when Storm added a kernel driver. We've got some ideas in that area. We expect that implementing them will cost less than 1 million Vista licenses.
    I was surprised to find I have become a cybersecurity expert! What I really am is an HPC expert who is using HPC tools and resources to build a system for studying cybersecurity phenomena on a millions-of-nodes scale.
    Doing anything with a million of something gets interesting fast. There's a lot of interesting challenges.
    Thanks
    ron

    1. Re:A few notes from Ron Minnich by coreboot · · Score: 5, Informative

      We will probably approach MS at some point, if it appears to be necessary, and see if they are interested. I do have friends there who might be interested in what we're doing.
      The biggest limit we've found on the VM side is memory footprint of the VM guests, and it's very easy to control that with Linux; harder with Windows. We have some ideas in that area too, but it's way too early to speculate on them.
      But from my point of view, it is a lot easier to do this kind of work in Linux than in Windows (I have done NT drivers in a past life), not least because of the openness of the environment. Hence, I'd rather try to find a way to make it all work on Linux.
      Consider this work the beginning of the story; it's not even chapter 1, maybe it's the preface. There's a lot of work left to do. There's a lot we still don't know.
      thanks
      ron