August 14th, 2009 08:42 PM
A million botnets
Researchers Boot Million Linux Kernels to Help Botnet Research
By: Brian Prince
Scientists at Sandia National Laboratories have demonstrated the ability to run more than 1 million Linux kernels as virtual machines, an effort they say will ultimately help researchers analyzing massive botnets.
Scientists at Sandia National Laboratories are harnessing more than a million Linux kernels as virtual machines as part of an effort to aid researchers to better analyze botnet behavior.
According to Sandia, which serves as an R&D arm for the Department of Energy, the project will allow security researchers to observe behavior found in botnets operating on the scale of a million nodes.
"Botnets, said Sandia's Ron Minnich, are often difficult to analyze since they are geographically spread all over the world," said a Sandia statement July 28. "Running a high volume of VMs on one supercomputer—at a similar scale as a botnet—would allow cyber-researchers to watch how botnets work" and experiment with ways to stop them.
"We can get control at a level we never had before," said Minnich, a computer scientist.
The research comes at a time when the botnet threat continues to grow. A list of the biggest spam botnets plaguing users today would include some names familiar to researchers, like Cutwail and Rustock. Earlier in 2009, researchers estimated that the Conficker botnet at its height controlled millions of compromised Windows PCs.
In the past, the Sandia statement cited Minnich as saying, "researchers had only been able to run up to 20,000 kernels concurrently." To make the project a reality, Sandia used a "4,480-node Dell high-performance computer cluster, known as Thunderbird. To arrive at the 1 million Linux kernel figure, Sandia's researchers ran one kernel in each of 250 VMs and coupled those with the 4,480 physical machines on Thunderbird."
According to the statement: "The more kernels that can be run at once ... the more effective cyber-security professionals can be in combating the global botnet problem."
Minnich said, "Eventually, we would like to be able to emulate the computer network of a small nation, or even one as large as the United States, in order to 'virtualize' and monitor a cyber-attack."
It's probably already been done "unofficially" to some degree...
Gore probably has had at least that many kernels running concurrently already
Wise men talk because they have something to say;
fools, because they have to say something.
By @tt!tud3 in forum Cosmos
Last Post: February 23rd, 2006, 04:10 PM
By Spyder32 in forum Phishing and Cyber Scams
Last Post: July 21st, 2005, 05:03 PM
By zencoder in forum Phishing and Cyber Scams
Last Post: February 3rd, 2005, 07:51 PM
By Spyder32 in forum Cosmos
Last Post: November 16th, 2002, 07:40 PM