Security in mobile agent systems: an approach to protect mobile agents from malicious host attacks

Mobile agents are autonomous programs that roam the Internet from machine to machine under their own control on behalf of their users to perform specific pre-defined tasks. In addition to that, a mobile agent can suspend its execution at any point; transfer itself to another machine then resume execution at the new machine without any loss of state. Such a mobile model can perform many possible types of operations, and might carry critical data that has to be protected from possible attacks. The issue of agent security and specially agent protection from host attacks has been a hot topic and no fully comprehensive solution has been found so far. In this thesis, we examine the possible security attacks that hosts and agents suffer from. These attacks can take one of four possible forms: Attacks from host to host, from agents to hosts, from agents to agents (peer to peer) and finally from hosts to agents. Our main concern in this thesis is these attacks from a malicious host on an agent. These attacks can take many forms including rerouting, spying out code, spying out data, spying out control flow, manipulation of code, manipulation of data, manipulation of control flow, incorrect execution of code, masquerading and denial of execution. In an attempt to solve the problem of malicious host attacks on agents, many partial solutions were proposed. These solutions ranged across simple legal protection, hardware solutions, partitioning, replication and voting, components, self-authentication, and migration history. Other solutions also included using audit logs, read-only state, append only logs, encrypted algorithms, digital signatures, partial result authentication codes, and code mess-up, limited life time of code and data as well as time limited black box security. In this thesis, we present a three-tier solution. This solution is a combination of code mess up, encryption and time out. Choosing code mess-up as part of the solution was due to the several strengths of this method that is based on obfuscating the features of the code so that any attacker will find it very difficult to understand the original code. A new algorithm iii was developed in this thesis to implement code mess-up that uses the concept of variable disguising by altering the values of strings and numerical values. Several encryption algorithms were studied to choose the best algorithm to use in the development of the proposed solution. The algorithms studied included DES, LUCIFER, MADRYGA, NEWDES, FEAL, REDOC, LOKI, KHUFU & KHAFRE, IDEA and finally MMB. The algorithm used was the DES algorithm due to several important factors including its key length. Not any language can be used to implement mobile agents. Candidate languages should possess the portability characteristic and should be safe and secure enough to guarantee a protection for the mobile agent. In addition to that the language should be efficient in order to minimize the implementation overhead and the overhead of providing safety and security. Languages used to implement mobile agents include Java, Limbo, Telescript, and Safe TCL. The Java language was chosen as the programming language for this thesis due to its high security, platform independence, and multithreading. This is in addition to several powerful features that characterize the Java language as will be mentioned later on. Implementing a mobile agent requires the assistance of a mobile agent system that helps in launching the agent from one host to another. There are many existing agent launching systems like Telescript, Aglets, Tacoma, Agent TCL and Concordia. Concordia was chosen to be the implementation tool used to launch our mobile agent. It is a software framework for developing, running and administering mobile agents, and it proved to be very efficient, and effective. The results of our proposed solutions showed the strength of the proposed model in terms of fully protecting the mobile agent from possible malicious host attacks. The model could have several points of enhancements. These enhancements include changing the code mess-up algorithm to a more powerful one, using a different encryption technique, and implementing an agent re-charge mechanism to recharge the agent after it is timeout

SECURITY in MOBILE AGENT SYSTEMS

There are four possible security attacks: Attacks from host to host, from agents to hosts, from agents to agents and finally from hosts to agents. Our main concern in this paper is attacks from a malicious host on an agent. These attacks can take many forms including rerouting, spying out code, spying out data, spying out control flow, manipulation of code, manipulation of data, manipulation of control flow, incorrect execution of code, masquerading and denial of execution. This paper presents a three-tier solution of code mess up, encryption and time out

Clinical Outcomes and Survival Analysis of Remdesivir as a Treatment Option for Moderate to Severe COVID-19 Patients

Background: Remdesivir is a broad-spectrum antiviral that has been approved as promising medicine worldwide for the fatal pandemic COVID-19 disease. There is a debate over its efficacy, with different studies taking into account a variety of factors. Therefore, we conducted this study to evaluate the primary composite outcome of mortality rate, need for mechanical ventilation (MV), and escalation of care among Remdesivir (RDV) and non-Remdesivir (NoRDV) groups. Methods: Patients with moderate and severe PCR-confirmed COVID-19 infection were observed retrospectively, before and after including RDV in the treatment protocol during the period from August 2020 to February 2021. Result: From the 509 hospitalized patients, 35% received Remdesivir, with 64% being severe patients. The median age in both groups was 59 years old, and there was no significant difference between the two groups regarding gender, baseline characteristics, and comorbidities. In contrast, the median hospital length of stay in the RDV group was lower (8 days) than the NoRDV (9 days), p = 0.004. The composite outcome was 17.7% in the RDV group and 22.2% in the NoRDV group, but the difference was statistically insignificant (p-value 0.289). Adjusted logistic regression demonstrated a non-significant lower association of the composite outcome with RDV use (OR 0.623, 95CI% 0.37–1.02), and a significant reduction occurred in patients <60 years old (OR 0.39, 95%CI 0.17–0.83). However, survival analysis for mortality, MV, and transfer to a higher level revealed insignificant differences in the median time between groups. Subgroup analyses showed that RDV utilization had a non-significant effect on the risk of all three outcomes across different groups. Conclusion: Despite controlling all patient characteristics, treatment with RDV did not improve patient outcomes over other antivirals and standard care. There is an urgent need for further studies to investigate and evaluate new therapeutic approaches or combinations

Acceptance of COVID-19 Vaccine Booster Doses Using the Health Belief Model : A Cross-Sectional Study in Low-Middle- and High-Income Countries of the East Mediterranean Region

Coronavirus disease (COVID-19) booster doses decrease infection transmission and disease severity. This study aimed to assess the acceptance of COVID-19 vaccine booster doses in low, middle, and high-income countries of the East Mediterranean Region (EMR) and its determinants using the health belief model (HBM). In addition, we aimed to identify the causes of booster dose rejection and the main source of information about vaccination. Using the snowball and convince sampling technique, a bilingual, self-administered, anonymous questionnaire was used to collect the data from 14 EMR countries through different social media platforms. Logistic regression analysis was used to estimate the key determinants that predict vaccination acceptance among respondents. Overall, 2327 participants responded to the questionnaire. In total, 1468 received compulsory doses of vaccination. Of them, 739 (50.3%) received booster doses and 387 (26.4%) were willing to get the COVID-19 vaccine booster doses. Vaccine booster dose acceptance rates in low, middle, and high-income countries were 73.4%, 67.9%, and 83.0%, respectively (p < 0.001). Participants who reported reliance on information about the COVID-19 vaccination from the Ministry of Health websites were more willing to accept booster doses (79.3% vs. 66.6%, p < 0.001). The leading causes behind booster dose rejection were the beliefs that booster doses have no benefit (48.35%) and have severe side effects (25.6%). Determinants of booster dose acceptance were age (odds ratio (OR) = 1.02, 95% confidence interval (CI): 1.01–1.03, p = 0.002), information provided by the Ministry of Health (OR = 3.40, 95% CI: 1.79–6.49, p = 0.015), perceived susceptibility to COVID-19 infection (OR = 1.88, 95% CI: 1.21–2.93, p = 0.005), perceived severity of COVID-19 (OR = 2.08, 95% CI: 137–3.16, p = 0.001), and perceived risk of side effects (OR = 0.25, 95% CI: 0.19–0.34, p < 0.001). Booster dose acceptance in EMR is relatively high. Interventions based on HBM may provide useful directions for policymakers to enhance the population’s acceptance of booster vaccination