Multi-Dimensional Moving Target Defense Method Based on Adaptive Simulated Annealing Genetic Algorithm
John M. Acken
Round 1
Reviewer 1 Report
Comments and Suggestions for AuthorsThe work proposes a multi-dimensional moving target defense method based on adaptive simulated annealing genetic algorithm (MD2RS). Experiments show that the defense return rate of MD2RS is 78.84% higher than that of the mainstream methods, and the experimental results are conducive to applying this method to the dynamic defense of microservices in the cloud.
The topic fits the scope of the journal. The manuscript is well written, the structure of the paper is clear and the language is proper.
The main comments for authors to improve the paper:
- ASAGA acronym is not clear in the abstract.
- Introduction may be improved, adding the highlights and the problem statements regarding the related literature.
- The difference between your proposal and related work is not clear, you could go into details better. I strongly suggest adding a comparative table in the "related work" section to contrast your solution in front of related work described.
- Authors need to update the references and related work to actual works, the references are quite old.
Why do authors assume "that attackers from outside the cloud platform will attack microservices through the Internet" and "that the attacker’s ability will be limited" ? It is important to justify according to the scenario.
"Formula (8) is the fitness function." -> Is that right?
Authors should justify the choice of the comparison strategies in section 5.2.
A Figure to better represent the experimental setup should be included.
Write some future directions in the conclusion section.
- Table 1 needs to be improved.
- All figures need to be improved in order to improve quality.
- The manuscript needs a revision in order to correct typos, e.g.:
Fig -> Figure
100,200,300, (space)
References 8 and 9 are duplicated.
Minor editing of English language required
Author Response
Please see the attachment, looking forward to your reply.
Author Response File: 
Author Response.pdf
Reviewer 2 Report
Comments and Suggestions for Authors- Change the term "chapter" to "section" on line 90.
- Improve the wording of the first paragraph of Section 3 (line 180 to 184). Confusing and repetitive.
- The reference to the microservice should be "E", not "e" (line 212).
- Delete "in this paper" (line 352).
- Using a package or an algorithmic notation would help a lot when reading the algorithm presented in Table 1.
- Figure 3 could be much smaller, the data is simple to interpret.
- Use the same font and letter size in figure 4.
- The work is interesting and well explained. However, I consider that the experimental stage is quite simple, perhaps a more complex scenario could be generated by increasing the number of microservices and varying their distribution and configuration. The present difference between "SmartSCR" and "MD2RS", the method presented in the work, is not very significant, perhaps a further discussion could be presented on this point.
Author Response
Please see the attachment, looking forward to you reply.
Author Response File: Author Response.pdf
Reviewer 3 Report
Comments and Suggestions for AuthorsThe paper proposes a multi-dimensional moving target defense method for microservices in the cloud environment, based on an adaptive simulated annealing genetic algorithm (ASAGA). The method aims to address the increased attack surface and lateral movement of attackers between microservices by deploying a strategy of multi-copy deployment and dynamic rotation to important nodes in the cloud environment. The attack scenario of microservices is quantified using an attack graph model, and the security gain and resource cost are measured for the selected key nodes. ASAGA is then utilized to optimize the security configuration information, including the number of copies of multi-copy deployment and the rotation cycle of dynamic rotation of microservices. Experimental results demonstrate that the defense return rate of the proposed method is significantly higher than that of mainstream methods, indicating its potential for dynamic defense of microservices in the cloud.
Furthermore, the paper introduces related work, the threat model, and the optimization of microservices in a cloud environment. It also presents a security configuration algorithm based on ASAGA and details the experiment conducted to validate the effectiveness of the proposed defense method. The study concludes that the multi-dimensional moving target defense method improves defense efficiency and outperforms other strategies, providing valuable insights for the dynamic defense of microservices in cloud environments.
This is an interesting paper - but I didn't read or notice the big impact. I still think is is very worth publishing.
Author Response
Please see the attachment, looking forward to your reply.
Author Response File: Author Response.pdf
Round 2
Reviewer 1 Report
Comments and Suggestions for AuthorsAuthors have improved the manuscript.
Comments on the Quality of English LanguageMinor editing of English language required
