Formal Analysis of an Authentication Protocol Against External Cloud-Based Denial-of-Service (DoS) Attack

The Denial-of-service (DoS) attack is considered one of the largest threats to the availability of cloud-computing services. Due to the unique architecture of cloud-computing systems, the methods for detecting and preventing DoS attacks are quite different from those used in traditional network systems. A main target for DoS attackers is the authentication protocol because it is considered a gateway to accessing cloud resources. In this work, we propose a cloud-based authentication protocol - one that securely authenticates the cloud user and effectively prevents DoS attack on the cloud-computing system-by involving the user in a high computation process. Then, we analyze the protocol via Syverson and Van Oorschot (SVO) logic to verify the authentication process of the protocol in a cloud-computing system.

[1]  Paul F. Syverson,et al.  On unifying some cryptographic protocol logics , 1994, Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy.

[2]  Dick Hardt,et al.  The OAuth 2.0 Authorization Framework , 2012, RFC.

[3]  Chandni M Patel,et al.  Survey On Taxonomy Of Ddos Attacks With Impact And Mitigation Techniques , 2012 .

[4]  Martín Abadi,et al.  A logic of authentication , 1990, TOCS.

[5]  Weizhong Qiang,et al.  Cloud Authentication Based on Anonymous One-Time Password , 2013 .

[6]  Jose Nazario,et al.  DDoS: DDoS attack evolution , 2008 .

[7]  M. Abliz Internet Denial of Service Attacks and Defense Mechanisms , 2011 .

[8]  Hyotaek Lim,et al.  A Strong User Authentication Framework for Cloud Computing , 2011, 2011 IEEE Asia-Pacific Services Computing Conference.

[9]  Paul F. Syverson,et al.  The Logic of Authentication Protocols , 2000, FOSAD.

[10]  Abdelkader H. Ouda,et al.  Cloud-based DDoS attacks and defenses , 2013, International Conference on Information Society (i-Society 2013).

[11]  C. D. Jaidhar Enhanced mutual authentication scheme for cloud architecture , 2013, 2013 3rd IEEE International Advance Computing Conference (IACC).

[12]  Min-Shiang Hwang,et al.  DoS-resistant ID-based password authentication scheme using smart cards , 2010, J. Syst. Softw..

[13]  Wei-Bin Lee,et al.  An efficient and secure multi-server authentication scheme with key agreement , 2012, J. Syst. Softw..

[14]  Peter G. Neumann,et al.  Inside Risks: denial-of-service attacks , 2000, CACM.

[15]  Hai Jin,et al.  Anonymous Password Authentication Scheme by Using Digital Signature and Fingerprint in Cloud Computing , 2012, 2012 Second International Conference on Cloud and Green Computing.