On the Need for Collaborative Intelligence in Cybersecurity
Round 1
Reviewer 1 Report
Your work is very interesting, but I think that you have to send the manuscript to other journal, not Electronics.
Author Response
I agree that the paper is not in the mainstream of articles published in this journal, although I note that the description at
https://www.mdpi.com/journal/electronics/about
lists "artificial intelligence" as a subject in the scope.
However, this is a special issue and the editors have presumably agreed that the topic is within scope - so I note this comment but take no further action.
Reviewer 2 Report
In the position paper, the importance of collaborative intelligence and graded representation is argued. The reviewer thinks that these concepts are worth being discussed among the research community.
Author Response
I thank the reviewer for the positive comment, no changes have been recommended
Reviewer 3 Report
This is a fascinating and significant piece of work. The technique provided is useful and could be eye-opening for many people, particularly cybersecurity professionals, who assume AI is a panacea for everything. The study is well-organized, with all key theories thoroughly explained. Although it is not mandatory, a brief explanation and some relevant examples of security-sensitive complex systems where the proposed technique might be appropriate will aid in the paper's comprehension.
Author Response
I thank the reviewer for the very positive comments. In response to the suggestion, the sub-section has been added:
4.1.2 Knowledge Graphs in Cybersecurity
A number of researchers have investigated the use of knowledge graphs for cybersecurity, typically starting from the Mitre databases. For example Kurniawan [52] describes a system which integrates the ATT&CK and CAPEC data into an extended ontology, and then applies open source rules for log analysis to detect "indicators of compromise" in graphs derived from system logs. These indicators of compromise are linked back to the corresponding attack techniques, highlighting related concepts that could be relevant for analyst investigation.
Whilst not explicitly addressing the interaction between human and machine, it is clear that this is intended as a collaborative tool using a representation that is both machine processable and human-understandable.
Round 2
Reviewer 1 Report
No more comments.