Next Article in Journal
Modeling and Simulation of Magnetic Balance Current Sensor Based on Magnetic Scalar Potential Volume Integral
Previous Article in Journal
Adversarial Image Colorization Method Based on Semantic Optimization and Edge Preservation
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Electronics
Volume 11
Issue 19
10.3390/electronics11193007
Review Report
electronics-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
Article
Peer-Review Record

Optimized Machine Learning-Based Intrusion Detection System for Fog and Edge Computing Environment

Electronics 2022, 11(19), 3007; https://doi.org/10.3390/electronics11193007
by Omar A. Alzubi 1,*, Jafar A. Alzubi 2,*, Moutaz Alazab 3,*, Adnan Alrabea 1, Albara Awajan 3 and Issa Qiqieh 2
Reviewer 1: Anonymous
Reviewer 2:
Muhammad Ahsan
Electronics 2022, 11(19), 3007; https://doi.org/10.3390/electronics11193007
Submission received: 25 August 2022 / Revised: 15 September 2022 / Accepted: 16 September 2022 / Published: 22 September 2022
(This article belongs to the Section Computer Science & Engineering)

Round 1

Reviewer 1 Report

In this paper the authors proposed an Effective Seeker Optimization with Machine Learning Enabled Intrusion Detection System (ECSOML-IDS) model for FC and EC environments, for the detecting of intrusions in the FC and EC environment. The algorithm, method and validation proposed optimization model were adequate presented. The quality of graphic illustrations must improve.

Observations:

- the references are not in the order of citation in the text and not respect the writing rules [1] [5] instead [1,5];

- line 103: should completed with flow chart;

- characters from Figure 2,3,4,6,7, 9, 10, 12 must resizing (reduced);

- the references do not respect the writing instructions;

- some of the conclusions is repeated in the introduction chapter of the paper;

- the conclusions must highlight more the advantages of applying the optimization method (percentage, compared to other methods, limitations, etc.).

Author Response

Dear Prof. Celestine and Prof. Thippa,

Thank you very much for reviewing our manuscript. We also greatly appreciate the reviewers for their comments and suggestions. We have carried out the experiments that the reviewers suggested and revised the manuscript accordingly.

Please find attached a point-by-point response to reviewer’s concerns. We hope that you find our responses satisfactory, and that the manuscript is now acceptable for publication.

----------------------------------------

Sincerely,

On behalf of the authors

Dr. Moutaz Al Azab

Assistant Dean for Students Affairs

Head of intelligence system department

Faculty of Artificial intelligence

Email: [email protected]

 

RESPONSES TO REVIEWERS’ COMMENTS

 

We would like to sincerely thank the reviewers and the editors for their insightful comments. We have addressed each comment, where necessary, with careful consideration between the context and coherence. As a result, the manuscript has improved significantly. This has led to cutting down some text, incorporating further contents with concrete experiments and evidences, and also addition of figures and tables in appropriate places.

 

Please find below our responses to individual comments and suggestions, showing the summary of changes effected.

 

 

 

 

COMMENTS BY REVIEWER #1:

We would like to first thank you for your valuable comments and appreciate the time that you spent reviewing our work. We also admire your vigilance in finding those oversights. We have addressed all your comments as follows and hope you find them satisfactory:

COMMENT #1: This manuscript's contributions are not clearly stated on the manuscript. Why the proposed method is needed must be noted in the introduction.

Response:

Thank you for this comment. The following subsection is added to the introduction to explain the motivation and contribution ideas of the paper.

Accordingly, we summarized our contribution as follows:

  • We develop a new Effective Seeker Optimization with Machine Learning Enabled Intrusion Detection System (ECSODL-IDS) technique for intrusion detection and classification in FC and EC environments.
  • To detect and classify intrusions, a group of subprocesses are incorporated with the proposed technique, including pre-processing, ECSO based feature subset selection, DAE classifier, and CLPSO based parameter optimization.
  • To demonstrate the comparative advantages of the proposed technique over the recent approaches, a wide variety of exhaustive simulation are carried out.

Moreover, to facilitate the process of following up in the manuscript, the contribution and organization of the manuscript are added and highlighted accordingly – please see introduction section (Section 1).

 

COMMENT #2: This manuscript uses several performance metrics, such as accuracy, precision, recall, and f1 Score. How to calculate this metric? The confusion matrix needs to be presented.

Response:

Thank you for this comment. The following equations are added to section 3 (performance metrics).

The Classification Accuracy is the ratio of number of correct predictions to the total number of input samples.

While the Precision is the proportion of positive identifications was actually correct. Generally, Precision is computed, as follows:

 

 

The Recall is mathematically defined as:

 

,where TP, FP and FN are True Positive, False Positive and False Negative, respectively.

 

On the other hand, the F1-Score is the traditional F-measure or balanced F-score (F1 score) is the harmonic mean of precision and recall. The F1-Score is calculated as follows:

 

 

 

COMMENT #3: For experimental validation, the UNSW-NB15 dataset is employed. Why use this dataset instead of the others (KDD, NSL-KDD, or Kyoto datasets)?

Thank you for this comment.  The reason for choosing UNSW-NB15 has been justified in section 4.

The UNSW-NB15 datasets are being used for experimental validation because they have significant potential for attack pattern recognition and analysis, as well as being effective in enhancing the effectiveness of intrusion classifiers. In contrast to NSL-KDD and KDDCUP'99, the authors in Zhang et al. claims that the UNSW-NB15 dataset better simulates the current network traffic environment, the dataset holds a set of 42 features including 3 categorical and 39 numeric features. Table 1 and Figure \ref{fig4} report the FS outcomes of the ESO-FS and other FS techniques in terms of the number of features chosen and best cost (BC).

COMMENTS BY REVIEWER #2:

We would like to first thank you for your valuable comments and appreciate the time that you spent reviewing our work. We also admire your vigilance in finding those oversights. We have addressed all your comments as follows and hope you find them satisfactory:

 

COMMENT #1: The references are not in the order of citation in the text and not respect the writing rules [1] [5] instead [1,5];

Thank you for this comment. We agree with the reviewer’s comment. Accordingly, we have revisited all the references and modified them to fit the journal template.

 

COMMENT #2: Line 103: should completed with flow chart;

We agree with the reviewer’s comment. Accordingly, we have carefully revised the changes with flow chart.

 

COMMENT #3: Characters from Figure 2,3,4,6,7, 9, 10, 12 must resizing (reduced); - the references do not respect the writing instructions;

We agree with the reviewer’s comment. Accordingly, we have revisited all the figures and modified them to fit the journal template.

COMMENT #4: Some of the conclusions is repeated in the introduction chapter of the paper;

We agree with the reviewer’s comment. Accordingly, we have carefully revised the conclusion section in the manuscript, and all changes are done and reflected in the revised version of the manuscript and highlighted – please see below the conclusion:

For intrusion detection and classification in FC and EC environments, a new ECSOML-IDS technique has been developed in this manuscript with aiming to identify the occurrence of intrusions. The ECSOML-IDS technique consists of a series of subprocesses including pre-processing, ECSO based feature subset selection, DAE classifier, and CLPSO based parameter optimization. For improving the detection efficiency in the aforementioned environments, ECSO algorithm for feature subset selection and DAE for parameter optimization have been utilized. Additionally, to demonstrate the enhanced outcomes of the ECSOML-IDS model, a wide variety of empirical experiments with exhaustive simulations were carried out. The experimental results reported the enhanced outcomes of the ECSOML-IDS model over the recent approaches, showing the superiority of the proposed technique in terms of accuracy, precision, recall and F1-Score. We believe that the proposed technique can be used to extract manifold benefits with a minimal loss in accuracy for detecting intrusions in FC and EC environments.

COMMENT #5: The conclusions must highlight more the advantages of applying the optimization method (percentage, compared to other methods, limitations, etc.).

We agree with the reviewer’s comment. Accordingly, we have carefully revised the conclusion section in the manuscript, and all changes are done and reflected in the revised version of the manuscript and highlighted – please see below the conclusion:

For intrusion detection and classification in FC and EC environments, a new ECSOML-IDS technique has been developed in this manuscript with aiming to identify the occurrence of intrusions. The ECSOML-IDS technique consists of a series of subprocesses including pre-processing, ECSO based feature subset selection, DAE classifier, and CLPSO based parameter optimization. For improving the detection efficiency in the aforementioned environments, ECSO algorithm for feature subset selection and DAE for parameter optimization have been utilized. Additionally, to demonstrate the enhanced outcomes of the ECSOML-IDS model, a wide variety of empirical experiments with exhaustive simulations were carried out. The experimental results reported the enhanced outcomes of the ECSOML-IDS model over the recent approaches, showing the superiority of the proposed technique in terms of accuracy, precision, recall and F1-Score. We believe that the proposed technique can be used to extract manifold benefits with a minimal loss in accuracy for detecting intrusions in FC and EC environments.

 

 

 

Author Response File: Author Response.pdf

Reviewer 2 Report

This is the first study to present an Effective Seeker Optimization model in conjunction with a Machine Learning Enabled Intrusion Detection System (ECSODL-IDS) model for the fog computing (FC) and edge computing (EC) environments. The experimental results reported the enhanced outcomes of the proposed model over the recent approaches This paper is well written. However, several issues need to be clarified before it can be accepted.

 

1. This manuscript's contributions are not clearly stated on the manuscript. Why the proposed method is needed must be noted in the introduction.

 

2. This manuscript uses several performance metrics, such as accuracy, precision, recall, and f1 Score. How to calculate this metric? The confusion matrix needs to be presented.

 

3. For experimental validation, the UNSW-NB15 dataset is employed. Why use this dataset instead of the others (KDD, NSL-KDD, or Kyoto datasets)? 

Author Response

Dear Prof. Celestine and Prof. Thippa,

Thank you very much for reviewing our manuscript. We also greatly appreciate the reviewers for their comments and suggestions. We have carried out the experiments that the reviewers suggested and revised the manuscript accordingly.

Please find attached a point-by-point response to reviewer’s concerns. We hope that you find our responses satisfactory, and that the manuscript is now acceptable for publication.

----------------------------------------

Sincerely,

On behalf of the authors

Dr. Moutaz Al Azab

Assistant Dean for Students Affairs

Head of intelligence system department

Faculty of Artificial intelligence

Email: [email protected]

 

RESPONSES TO REVIEWERS’ COMMENTS

 

We would like to sincerely thank the reviewers and the editors for their insightful comments. We have addressed each comment, where necessary, with careful consideration between the context and coherence. As a result, the manuscript has improved significantly. This has led to cutting down some text, incorporating further contents with concrete experiments and evidences, and also addition of figures and tables in appropriate places.

 

Please find below our responses to individual comments and suggestions, showing the summary of changes effected.

 

 

 

 

COMMENTS BY REVIEWER #1:

We would like to first thank you for your valuable comments and appreciate the time that you spent reviewing our work. We also admire your vigilance in finding those oversights. We have addressed all your comments as follows and hope you find them satisfactory:

COMMENT #1: This manuscript's contributions are not clearly stated on the manuscript. Why the proposed method is needed must be noted in the introduction.

Response:

Thank you for this comment. The following subsection is added to the introduction to explain the motivation and contribution ideas of the paper.

Accordingly, we summarized our contribution as follows:

  • We develop a new Effective Seeker Optimization with Machine Learning Enabled Intrusion Detection System (ECSODL-IDS) technique for intrusion detection and classification in FC and EC environments.
  • To detect and classify intrusions, a group of subprocesses are incorporated with the proposed technique, including pre-processing, ECSO based feature subset selection, DAE classifier, and CLPSO based parameter optimization.
  • To demonstrate the comparative advantages of the proposed technique over the recent approaches, a wide variety of exhaustive simulation are carried out.

Moreover, to facilitate the process of following up in the manuscript, the contribution and organization of the manuscript are added and highlighted accordingly – please see introduction section (Section 1).

 

COMMENT #2: This manuscript uses several performance metrics, such as accuracy, precision, recall, and f1 Score. How to calculate this metric? The confusion matrix needs to be presented.

Response:

Thank you for this comment. The following equations are added to section 3 (performance metrics).

The Classification Accuracy is the ratio of number of correct predictions to the total number of input samples.

While the Precision is the proportion of positive identifications was actually correct. Generally, Precision is computed, as follows:

 

 

The Recall is mathematically defined as:

 

,where TP, FP and FN are True Positive, False Positive and False Negative, respectively.

 

On the other hand, the F1-Score is the traditional F-measure or balanced F-score (F1 score) is the harmonic mean of precision and recall. The F1-Score is calculated as follows:

 

 

 

COMMENT #3: For experimental validation, the UNSW-NB15 dataset is employed. Why use this dataset instead of the others (KDD, NSL-KDD, or Kyoto datasets)?

Thank you for this comment.  The reason for choosing UNSW-NB15 has been justified in section 4.

The UNSW-NB15 datasets are being used for experimental validation because they have significant potential for attack pattern recognition and analysis, as well as being effective in enhancing the effectiveness of intrusion classifiers. In contrast to NSL-KDD and KDDCUP'99, the authors in Zhang et al. claims that the UNSW-NB15 dataset better simulates the current network traffic environment, the dataset holds a set of 42 features including 3 categorical and 39 numeric features. Table 1 and Figure \ref{fig4} report the FS outcomes of the ESO-FS and other FS techniques in terms of the number of features chosen and best cost (BC).

COMMENTS BY REVIEWER #2:

We would like to first thank you for your valuable comments and appreciate the time that you spent reviewing our work. We also admire your vigilance in finding those oversights. We have addressed all your comments as follows and hope you find them satisfactory:

 

COMMENT #1: The references are not in the order of citation in the text and not respect the writing rules [1] [5] instead [1,5];

Thank you for this comment. We agree with the reviewer’s comment. Accordingly, we have revisited all the references and modified them to fit the journal template.

 

COMMENT #2: Line 103: should completed with flow chart;

We agree with the reviewer’s comment. Accordingly, we have carefully revised the changes with flow chart.

 

COMMENT #3: Characters from Figure 2,3,4,6,7, 9, 10, 12 must resizing (reduced); - the references do not respect the writing instructions;

We agree with the reviewer’s comment. Accordingly, we have revisited all the figures and modified them to fit the journal template.

COMMENT #4: Some of the conclusions is repeated in the introduction chapter of the paper;

We agree with the reviewer’s comment. Accordingly, we have carefully revised the conclusion section in the manuscript, and all changes are done and reflected in the revised version of the manuscript and highlighted – please see below the conclusion:

For intrusion detection and classification in FC and EC environments, a new ECSOML-IDS technique has been developed in this manuscript with aiming to identify the occurrence of intrusions. The ECSOML-IDS technique consists of a series of subprocesses including pre-processing, ECSO based feature subset selection, DAE classifier, and CLPSO based parameter optimization. For improving the detection efficiency in the aforementioned environments, ECSO algorithm for feature subset selection and DAE for parameter optimization have been utilized. Additionally, to demonstrate the enhanced outcomes of the ECSOML-IDS model, a wide variety of empirical experiments with exhaustive simulations were carried out. The experimental results reported the enhanced outcomes of the ECSOML-IDS model over the recent approaches, showing the superiority of the proposed technique in terms of accuracy, precision, recall and F1-Score. We believe that the proposed technique can be used to extract manifold benefits with a minimal loss in accuracy for detecting intrusions in FC and EC environments.

COMMENT #5: The conclusions must highlight more the advantages of applying the optimization method (percentage, compared to other methods, limitations, etc.).

We agree with the reviewer’s comment. Accordingly, we have carefully revised the conclusion section in the manuscript, and all changes are done and reflected in the revised version of the manuscript and highlighted – please see below the conclusion:

For intrusion detection and classification in FC and EC environments, a new ECSOML-IDS technique has been developed in this manuscript with aiming to identify the occurrence of intrusions. The ECSOML-IDS technique consists of a series of subprocesses including pre-processing, ECSO based feature subset selection, DAE classifier, and CLPSO based parameter optimization. For improving the detection efficiency in the aforementioned environments, ECSO algorithm for feature subset selection and DAE for parameter optimization have been utilized. Additionally, to demonstrate the enhanced outcomes of the ECSOML-IDS model, a wide variety of empirical experiments with exhaustive simulations were carried out. The experimental results reported the enhanced outcomes of the ECSOML-IDS model over the recent approaches, showing the superiority of the proposed technique in terms of accuracy, precision, recall and F1-Score. We believe that the proposed technique can be used to extract manifold benefits with a minimal loss in accuracy for detecting intrusions in FC and EC environments.

 

 

 

Author Response File: Author Response.pdf

Round 2

Reviewer 2 Report

The paper can be accepted for publication

Back to TopTop