Next Article in Journal
Research on the Trajectory and Operational Performance of Wheel Loader Automatic Shoveling
Next Article in Special Issue
Role-Based Access Control Model for Inter-System Cross-Domain in Multi-Domain Environment
Previous Article in Journal
Applied AI with PLC and IRB1200
Previous Article in Special Issue
Synthetic Generation of Realistic Signal Strength Data to Enable 5G Rogue Base Station Investigation in Vehicular Platooning
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Applied Sciences
Volume 12
Issue 24
10.3390/app122412916
Review Report
applsci-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
Article
Peer-Review Record

Understanding the Influence of AST-JS for Improving Malicious Webpage Detection

Appl. Sci. 2022, 12(24), 12916; https://doi.org/10.3390/app122412916
by Muhammad Fakhrur Rozi 1,2,*, Seiichi Ozawa 2,3, Tao Ban 1, Sangwook Kim 2, Takeshi Takahashi 1 and Daisuke Inoue 1
Reviewer 1:
Tahir Ahmad
Reviewer 2:
Nisreen Innab
Appl. Sci. 2022, 12(24), 12916; https://doi.org/10.3390/app122412916
Submission received: 15 November 2022 / Revised: 5 December 2022 / Accepted: 10 December 2022 / Published: 15 December 2022
(This article belongs to the Special Issue Information Security and Privacy)

Round 1

Reviewer 1 Report

The article titled “Understanding the Influence of AST-JS for Improving Malicious Webpage Detection” propose a new webpage feature extraction program, i.e., AST-JS, that recognizes the semantic meaning of the JS code embedded in HTML content. The work done is very interesting and timely. Still, I am sceptical about the practicality of the proposed approach since the demands of real-time scenarios could only be met by lightweight approaches.

I want the authors to address the above-mentioned concern and the comments in the revised manuscript.

 

  • The paper's motivation needs improvement, for example, by adding some statistics/references in the introduction section to show Javascript's importance as a leader in the client-side application programming language.

  • A table should be added to summarize the findings of the related works section.

  • The two examples of malicious web pages must be improved. For example, a separate figure for phishing webpage be added with two sub-figures (one for legitimate websites and the other for phishing websites). Figure 1b can be improved on similar lines.

  • Reference missing “SHAP” line 283 or even for the first time it is discussed.

  • Section 4.1 - what makes the selected dataset complicated? Also, discuss the inclusion/ exclusion criteria of the data set.

  • Why other datasets are not considered for training and testing purposes?

  • The representation of results in Figures 6,7, and 10 should be improved.

  • I do not find any discussion on the application of the proposed approach. How the proposed approach can be adopted by web browsers? For example, the authors can provide it as a plug-in for web browsers. If so, what about the real-time performance of this approach?

  • Overall, the paper is well written.

Author Response

Thank you very much for your comments.

Please see the attachment. We try to answer your point-by-point to your comments.

Author Response File: Author Response.pdf

Reviewer 2 Report

Please find the attached file

Comments for author File: Comments.pdf

Author Response

Thank you for your comments.

Please see the attachment to see our answer to your comments.

Author Response File: Author Response.docx

Round 2

Reviewer 1 Report

I am satisfied with the author's response. 

Back to TopTop