Formal Analysis of an Authentication Protocol Against External Cloud-Based Denial-of-Service (DoS) Attack

TL;DR

This paper proposes a new cloud-based authentication protocol designed to prevent DoS attacks by involving users in high computation, and verifies its security using formal logic analysis.

Contribution

Introduces a novel authentication protocol tailored for cloud systems that enhances security against DoS attacks and provides formal verification of its effectiveness.

Findings

Protocol effectively prevents DoS attacks in cloud environments

Formal analysis confirms the security properties of the protocol

Enhances cloud resource protection through user-involved authentication

Abstract

The Denial-of-service (DoS) attack is considered one of the largest threats to the availability of cloud-computing services. Due to the unique architecture of cloud-computing systems, the methods for detecting and preventing DoS attacks are quite different from those used in traditional network systems. A main target for DoS attackers is the authentication protocol because it is considered a gateway to accessing cloud resources. In this work, we propose a cloud-based authentication protocol - one that securely authenticates the cloud user and effectively prevents DoS attack on the cloud-computing system-by involving the user in a high computation process. Then, we analyze the protocol via Syverson and Van Oorschot (SVO) logic to verify the authentication process of the protocol in a cloud-computing system.