期刊名称:International Journal of Network Security & Its Applications
印刷版ISSN:0975-2307
电子版ISSN:0974-9330
出版年度:2020
卷号:12
期号:2
页码:59-75
DOI:10.5121/ijnsa.2020.12204
出版社:Academy & Industry Research Collaboration Center (AIRCC)
摘要:Recently, there are several studies have proposed user authentication frameworks to defend against different types of attacks such as phishing, replay attack, man in the middle attack and denial of service attack, etc. Most of these frameworks consist of three main phases, which are the registration phase, login phase, and authentication phase. Most of them have the changing password process as an additional activity.Many problemshave been noticed in the performance of these frameworks. For example, the registration phase is valunerable to internal attack such as SYN flood attack. In this work, we aim to propose a robust user authentication framework that overcomes the previous framework shortages. The proposed framework provides many security aspects such as remote authentication, mutual authentication, session key establishment,to mention a few. Besides, to ensure the security through all phases of this framework, we add a new phase called a Service Access Authentication Phase (SAAP).This phase is resposable of the internal verification .
关键词:user authentication framework;phishing;replay attack;man in the middle attack;denial of service attack;remote authentication;mutual authentication;session key establishment.
