Hierarchical Classification of Botnet Using Lightweight CNN
, Degaga Wolde Feyisa 3, Taye Girma Debelee 3,4,* and Henock Mulugeta Melaku 1Round 1
Reviewer 1 Report
Comments and Suggestions for AuthorsThe paper deals with the important task in cybersecurity area. The authors proposed a novel method for the hierarchical classification of botnet attacks using Convolutional Neural Networks (CNN) on the BoT-IoT datasets that can enhance the efficiency of botnet attack classification on the BoT-IoT dataset by leveraging its inherent hierarchical structure.
The paper has scientific novelty and great practical value.
It has a logical structure and all necessary sections. The paper is technically sound. The proposed approach is logical, results are clear.
Suggestions:
1. The related works section should be extended using existing hierarchical methods. The authors can use these papers: https://doi.org/10.1016/j.procs.2023.12.173, https://doi.org/10.3390/data6010006 among others
2. The investigated dataset is imbalanced. It should affect to whole proposed methods. It is unclear why the authors don’t use balancing technics. It should be clarified.
3. Except for performance indicators (1)-(4) it would be good to use Cohen's Kapa and Mathews Correlation Coefficient. It can provide a full picture of the results obtained in the paper.
4. The authors should add all optimal parameters for all investigated methods
5. The conclusion section should be extended using: 1) numerical results obtained in the paper; 2) limitations of the proposed approach; 3) prospects for future research.
Author Response
Dear Sir/Madam,
Thank you for the feedback you have given and we tried to amend your concerns.
With best regards,
On behalf of authors
Author Response File: 
Author Response.pdf
Reviewer 2 Report
Comments and Suggestions for AuthorsThis work presents the use of a CNN model to create a classifier over a set of security attacks.
The changes to the CNN are minor and are not justified; there isn't enough evidence correlating this change to the described impact. The evaluation presents indications that -contrast to the claims of the authors- could correlate to overfitting of the model to the dataset distribution.
Some questions that arise relate to the fact that the authors do not use the same models to compare with at each level of classification in the hierarchy defined by the dataset.
Finally, the limited resource utilization and the claim for lightweight model needs to be proven by comparing to a reference point.
In general, I am afraid that this work's contribution to the body of ongoing works in the fields of classifiers and ML/DL -should it is published- is going to be very limited.
Author Response
Dear Sir/Madam,
Thank you for the feedback you have given and we tried to amend your concerns.
With best regards,
On behalf of authors
Author Response File: Author Response.pdf
Reviewer 3 Report
Comments and Suggestions for AuthorsThe novelty of the proposed design is not clear. It needs to justify why the use of CNN is novel. The IDS problem is already proposed and well-studied. What are the key progresses compared to other designs?
I cannot find any contributions.
The parameters in the simulation are not clearly introduced. It makes the whole simulation result not convincing.
Deployment architecture must be provided.
The result section is far from enough. I suggest the author to provide more detailed results by adding extended metrics of evaluation.
Results and discussion section need more clarity.
Inm the current form, the paper is just a simple experimentation on a dataset, which is not a big deal. I suggest the authors to come up with some novelty.
Author Response
Dear Sir/Madam,
Thank you for the feedback you have given and we tried to amend your concerns.
With best regards,
On behalf of authors
Author Response File: Author Response.pdf
Round 2
Reviewer 1 Report
Comments and Suggestions for AuthorsThe authors addressed all my comments. Thank you!
Author Response
Dear reviewer, thank you for your positive feedback to enrich our manuscript.
With best regards,
On behalf of authors
Reviewer 3 Report
Comments and Suggestions for AuthorsMy concerns remain the same:
I couldn't find any novelty. It needs to justify why the use of CNN is novel. Because CNN-based models are already proposed and well-studied. What are the key progresses compared to other designs?
Further, the authors haven't responded to the following comments: Why?
I cannot find any contributions.
Deployment architecture must be provided.
The parameters in the simulation are not clearly introduced. It makes the whole simulation result not convincing
Author Response
Dear reviewer, thank you for your positive feedback to enrich our manuscript.
With best regards,
On behalf of the authors
Author Response File: Author Response.pdf
Round 3
Reviewer 3 Report
Comments and Suggestions for Authors- The lines from 326 to 348 must be revised. Provide a complete overview of the proposed IDS's deployment, i.e., you are supposed to place it on which layer of SDN, and 2) how about the resource-constrained nature of IoT devices.
- Tables 7, 8, and 9. How did your proposed model achieve 100% accuracy? It means your model is overfitting.
Further, in 8, [14] achieved values almost near 100, What makes your model better than them?
The same is the case for [18] and Table 9.
The author should thing take their time and improve the quality of the manuscript. Section Iv must be improved.
Author Response
Dear Reviewer, thank you for your professional services and recommendations to enhance our manuscript.
We have really gone through all your concerns to the maximum possible.
With best regards,
On behalf of Authors
Author Response File: Author Response.pdf
Round 4
Reviewer 3 Report
Comments and Suggestions for AuthorsI have the following minor comments before publication of this article:
The deployment of the proposed IDS still needs improvement. Refer to the following recently published articles related to SDN-based IDS:
Kumar, Prabhat, et al. "Digital twin-driven SDN for smart grid: A deep learning integrated blockchain for cybersecurity." Solar Energy 263 (2023): 111921. and Javeed, Danish, et al. "A softwarized intrusion detection system for iot-enabled smart healthcare system." ACM Transactions on Internet Technology (2023).
Further, I suggest the authors provide a comparison with SOTA. Refer to Table 10 in "Kumar, Randhir, et al. "Digital twins-enabled zero touch network: A smart contract and explainable AI integrated cybersecurity framework." Future Generation Computer Systems (2024)".
Finally, I suggest the authors to proofread the manuscript for possible errors.
Author Response
Dear reviewer,
thanks for your commitment to enrich our manuscript.
With best regards,
On behalf of Authors
Author Response File: Author Response.pdf
