Next Article in Journal
Pseudo-Coloring as an Effective Tool to Improve the Readability of Images Obtained in an Electromagnetic Infiltration Process
Previous Article in Journal
M13 Bacteriophage-Assisted Synergistic Optical Enhancement of Perovskite Quantum Dots
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Applied Sciences
Volume 13
Issue 17
10.3390/app13179488
Review Report
applsci-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
Article
Peer-Review Record

Comparative Study of AI-Enabled DDoS Detection Technologies in SDN

Appl. Sci. 2023, 13(17), 9488; https://doi.org/10.3390/app13179488
by Kwang-Man Ko 1, Jong-Min Baek 1, Byung-Suk Seo 1 and Wan-Bum Lee 2,*
Reviewer 1:
Michael Edeh
Reviewer 2:
Amira Mohamed
Reviewer 3: Anonymous
Appl. Sci. 2023, 13(17), 9488; https://doi.org/10.3390/app13179488
Submission received: 8 August 2023 / Revised: 17 August 2023 / Accepted: 21 August 2023 / Published: 22 August 2023
(This article belongs to the Section Computing and Artificial Intelligence)

Round 1

Reviewer 1 Report

The abstract should be rewritten to be more direct and specific

What is the contribution of this paper? include more points on this at the introduction section

At least five More recent works should be reviewed and included such as:      https://doi.org/10.3390/su141911950

The source of table 1 was clearly missing . It has to be indicated.

An algorithm can be written to depict the new approach

 

 

Extensive editing of English language required

paper presents some ideas that appears novel

Extensive editing required

Author Response

[1] The abstract should be rewritten to be more direct and specific

- We did a very precise check on the abstract and then modified it into an elaborate sentence.

[2] What is the contribution of this paper? include more points on this at the introduction section

- Our contributions in this paper are as follows. Firstlly, it is possible to reduce the amount and time of collecting DDoS attack data-sets that affect the performance of the learning model. Secondly, it can reduce the time and cost of comparing various learning models and performance required for determining a learning model suitable for DDoS detection. we are verified that it is possible to reduce detection time of DDoS and appropriately utilize it when determining a detection model. Finally, various experimental methods for evaluating the performance of the learning model are presented so that related researchers can utilize them. Based on the results of this study, we are currently developing a new learning model for DDoS detection and mitigation in a blockchain network environment, and are conducting experiments and verification in real environments.

[3] At least five More recent works should be reviewed and included such as:      https://doi.org/10.3390/su141911950

We added more recent working papers including above paper.

[4] The source of table 1 was clearly missing . It has to be indicated.

Table 1 shows the recent research methods for detecting DDoS attacks and the advantages and disadvantages of each.

[5] An algorithm can be written to depict the new approach

[6] Extensive editing of English language required

We have read and revised the paper several times.

[7] paper presents some ideas that appears novel

Author Response File: Author Response.pdf

Reviewer 2 Report

Comments:
The research addresses the different machine and deep learning models to detect DDoS attacks in SDN , the paper presents a good comparative study. the paper could be enhanced by assigning a section to further discuss the results of the algorithms in more detail. the current section only demonstrates the results by numbers and illustrations.

1. Comparative studies enrich the researchers’ knowledge. Surveys papers are usually the first source that the researchers try to reach.
The current paper focuses on both deep and machine learning, which is good. But it lacks detailed discussion. Explaining why these specific algorithms are selected to contribute to the research, what is the authors’ perspective about the results, how the features set are determined for each algorithm, why the factors are not unified to be able to compare fairly, ….etc.
Moreover, what is the impact for feature selection (should be compared with no feature selection). The two steps of feature selection are not explained well in the methodology.

2. Conclusion could be further detailed with the comparison analysis when performed.

3. Figures could be more clear

 

Author Response

  1. Comparative studies enrich the researchers’ knowledge. Surveys papers are usually the first source that the researchers try to reach.
    The current paper focuses on both deep and machine learning, which is good. But it lacks detailed discussion. Explaining why these specific algorithms are selected to contribute to the research, what is the authors’ perspective about the results, how the features set are determined for each algorithm, why the factors are not unified to be able to compare fairly, ….etc.
    Moreover, what is the impact for feature selection (should be compared with no feature selection). The two steps of feature selection are not explained well in the methodology.

 

The reason for selecting features by applying the permutation importance algorithm in Kaggle data is to delete features that do not affect learning. Through this process, the learning time was reduced and the accuracy of the DDoS attack detection rate was improved.



  1. Conclusion could be further detailed with the comparison analysis when performed.
    We plan to conduct our research in the field in the future. In other words, more unexpected attacks and various types of DDoS attacks are possible in the field than in the laboratory. Research to overcome and improve this situation is very important. In addition, a new machine learning-based learning model will be developed to prove the superiority of detection performance.
  2.  
  3. Figures could be more clear

We made every effort to replace it with a clear picture.

Author Response File: Author Response.pdf

Reviewer 3 Report

The manuscript presents the results of a quantitative comparison of machine learning and deep learning techniques for the detection of DDoS attacks on software defined networks.  The paper focuses on the relative ability of each technique to recognize statistical patterns among the detailed characteristics of historical attacks.  There is little discussion of the structure and operation of SDNs or the theoretical basis underlying the various ML and DL techniques.  All in all, the manuscript compares the relative effectiveness of several off-the-shelf data analysis methods in classifying segments of a well-understood data set, largely taken out of its practical context in data networking.  While this comparison is of some interest on its own, the real test of such methods is the ability to detect a DDoS in real time and mitigate the harm to an actual SDN.  Given the wide interest in applying ML to DDoS detection, such practical experiments are not uncommon.

Although I would recommend an expanded discussion of the significance of the data flow features in DDoS and normal traffic used in the study, and mitigation techniques in a difficult problem of computer networking, I can accept the paper in its present structure. 

The manuscript requires a very extensive editing of the English.  There are many serious errors of grammar and syntax that make the paper quite difficult to read.  

Author Response

 

Thank you so much.

Author Response File: Author Response.pdf

Back to TopTop