Hybrid Deep Learning Approach for Automatic DoS/DDoS Attacks Detection in Software-Defined Networks
Round 1
Reviewer 1 Report
The abstract needs to discuss overview of the study, existing problem, work done, results obtained and relevance of the study
in related works, authors should consider the following suggestions to be discussed:
https://www.proquest.com/openview/f310d224205259b54be36b14508802ff/1?pq-origsite=gscholar&cbl=316223
https://link.springer.com/chapter/10.1007/978-3-030-87013-3_8
https://link.springer.com/chapter/10.1007/978-3-030-87013-3_8
https://link.springer.com/chapter/10.1007/978-3-030-89546-4_12
https://onlinelibrary.wiley.com/doi/abs/10.1002/9781119905141.ch14
The dataset needs to be discussed extensively, its features and samples.
discuss all tables and figures extensively
Show the obtained values of the confusion matrix
After Figure 14, discuss work done, results obtained, comparing with existing models.
conclusion should discuss results obtained, limitations and relevance as well as future directions
Author Response
Please see the attachment
Author Response File: Author Response.docx
Reviewer 2 Report
Major.
1. In abstract. The authors should state the scientific background and problem that need to be solved by the proposed method.
2. In the introduction. The authors need to state the scientific contribution and the novelty of this research.
3. In section 3.4 authors state "Our model consists of a combination of a 1D convolutional neural network (CNN), a gated recurrent unit (GRU), and a dense neural network (DNN)". Why use CNN, GRU, amd DNN? Why not use the other algorithms? More explanation about these methods needs to be included in the manuscript
4. Figure 10 and 11 are the only screenshot that needs to be tabulated properly.
5. Comparison with the other algorithms needs to be conducted
Minor.
1. On page 6 line 265: 7- CICDDoS2019 dataset should be bold
2. Some equations need to be fixed. For example "x_i = f(W * x_{i-1} + b)" index "i" should be subscript.
Author Response
Please see the attachment
Author Response File: Author Response.docx
Reviewer 3 Report
The authors presented a hybrid deep learning system for SDN DoS/DDoS attack detection and defense. It needs a significant revision.
1- The abstract and conclusion should be more informative.
2- Please write the tool/environment you used for performance evaluation, the methods you used for comparison, and the improvement percentages in the abstract, introduction, and conclusion sections.
3- The abstract section needs a significant revision. The IMRaD structure is a popular technique for organizing your abstract. It signifies Introduction, Methods, Results, and Discussion. The abstract for a journal article should be around 150 words. Please read the references I suggested at the end of my comments to understand how to write abstracts academically.
4- The motivation and contribution need to be clarified. Please read the references I suggested to understand how to write them.
5- The related works section is like the summarization of the other works. What are the main advantages of your work that overcomes the former works?
6- The proposed approach and the evaluation sections need significant revision. My suggestion is as follows:
Abstract.
1- Introduction (It includes motivation, contribution, and the organization of the article)
2- Related works
3. Proposed approach
3.1. Reference architecture
3.2. Problem statement
3.3. Proposed attack detection approach
4. Performance evaluation
4.1. Simulation setup
4.1.1. Simulation metrics
4.1.2. Simulation scenarios
4.2. Experimental results
5. Discussion (Optional)
Conclusion (and future work).
7- Please Improve the quality of the pictures.
8- Please write the conclusion and future work in one paragraph. Reduce the size of future work and increase the size of conclusion sentences.
9- Please improve the references you cited. Please pay attention to the venues and cite some papers that the prestigious venues have published. Cite all the articles I wrote here:
9-1 "DDoS attack detection and mitigation using SDN: methods, practices, and solutions." Arabian Journal for Science and Engineering 42 (2017): 425-441.
9-2 "Detection and mitigation of DDoS attacks in SDN: A comprehensive review, research challenges and future directions." Computer Science Review 37 (2020): 100279.
9-3 "Adversarial Deep Learning approach detection and defense against DDoS attacks in SDN environments." Future Generation Computer Systems 125 (2021): 156-167.
9-4 "FUPE: A security driven task scheduling approach for SDN-based IoT–Fog networks." Journal of information security and applications 60 (2021): 102853.
9-5 "A novel approach for accurate detection of the DDoS attacks in SDN-based SCADA systems based on deep recurrent neural networks." Expert Systems with Applications 197 (2022): 116748.
9-6 "A Flow-Based Anomaly Detection Approach With Feature Selection Method Against DDoS Attacks in SDNs." IEEE Transactions on Cognitive Communications and Networking 8.4 (2022): 1862-1880.
9-7 "S-FoS: A secure workflow scheduling approach for performance optimization in SDN-based IoT-Fog networks." Journal of Information Security and Applications 72 (2023): 103404.
9-8 "RBF-SVM kernel-based model for detecting DDoS attacks in SDN integrated vehicular network." Ad Hoc Networks 140 (2023): 103026.
Author Response
Please see the attachment
Author Response File: Author Response.docx
Round 2
Reviewer 2 Report
All issues have been resolved in this version
Reviewer 3 Report
The authors answered my comments correctly. The paper is ok.
Fingers crossed.