Next Article in Journal
On Predicting Ticket Reopening for Improving Customer Service in 5G Fiber Optic Networks
Previous Article in Journal
Authentication and Billing for Dynamic Wireless EV Charging in an Internet of Electric Vehicles
Previous Article in Special Issue
Digital Manufacturing Challenges Education—SmartLab Concept as a Concrete Example in Tackling These Challenges
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Future Internet
Volume 13
Issue 10
10.3390/fi13100258
Review Report
futureinternet-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
Article
Peer-Review Record

An SDN-Enabled Architecture for IT/OT Converged Networks: A Proposal and Qualitative Analysis under DDoS Attacks

Future Internet 2021, 13(10), 258; https://doi.org/10.3390/fi13100258
by Luca Foschini, Valentina Mignardi, Rebecca Montanari and Domenico Scotece *
Reviewer 1: Anonymous
Reviewer 2: Anonymous
Future Internet 2021, 13(10), 258; https://doi.org/10.3390/fi13100258
Submission received: 5 August 2021 / Revised: 1 October 2021 / Accepted: 5 October 2021 / Published: 8 October 2021
(This article belongs to the Special Issue Industrial Internet of Things (IIoT) and Smart Manufacturing Systems)

Round 1

Reviewer 1 Report

This paper proposes a convergent IT/OT SDN-based architecture and, then evaluates the architecture under a DoS attack.
Here are some comments which can help to improve the paper.

1) The Abstract is very informative and verbal. I suggest the authors summarise the basic concepts in this part and talk more about the research problem, thesis statement, research methodology, and significant outcomes.

2) I would expect to see more justifications for the research problem in both the Abstract and Introduction sections. Unfortunately, the research problem is not clear in those sections. Authors also need to clearly define the main differences between this research and those in the state of art. For example, I am wondering why so many SDN-based solutions proposed for DDoS protection in a non-IIoT context cannot be simply adopted for IIoT environments. This is a critical question that has not been answered in the paper.

3) What is the DDoS protection algorithm employed in the proposed architecture? How do you tune the parameters of the protection algorithm based on environments' parameters?

5) Most of the references are outdated. Unfortunately, I didn't see any recent reference (published during the past two years) in the References directly related to this research (except some visited websites).

 

Author Response

Please see the attached file.

Author Response File: Author Response.pdf

Reviewer 2 Report

With great attention I proceeded to read the article because it touches on topics very close to my interests. The article raises very important issues, unfortunately in a very general way. The article does not have a clearly defined goal and it is difficult to determine the authors' own contribution. Below are some of the more important comments:

  • The title is completely unrelated to the content of the article. In the article we will not find a description of a laboratory testbed for assessment and analysis of network attacks. In fact it is a simple simulation realized in well known Mininet environment. We do not even have detailed information whether the authors use built-in Mininet commands to control the switches (injecting flows) or maybe they integrated an existing controller (e.g. FloodLight, ONOS, etc.) into this solution.
  • As I mentioned earlier, there is no clearly defined purpose of the article and no motivation. There is no explanation why the authors take up this topic and what gap in current knowledge they fill. The proposed solution must be compared with already existing solutions.
  • It is difficult to determine what the main topic of the article is: SDN threats, IIOT threats and exploitation, SDN-enabled architecture for IIoT, or finally DoS Attacks and their impact on SDN performance?
  • The issue of DoS attacks on SDNs is well known in the literature https://ieeexplore.ieee.org/document/9194211, https://ieeexplore.ieee.org/document/8636336, https://www.sciencedirect.com/science/article/pii/S1574013720301647. I see nothing new in the analysis proposal presented by the authors. There are already ready-made solutions covering this topic that can be adapted to the needs presented in the paper.
  • Another issue relates to the presentation of results - for example, fig. 3- it's hard to actually determine what the graph presents exactly, at what point the attack begins. In fact, an accurate analysis is impossible. The authors use FFmpeg flow as a test application. Since the system is to be dedicated for IIoT devices, there are systems available that generate or simulate this class of traffic (e.g. IXIA) - we would get more reliable measurements.
  • It is very unfortunate that the tests were not performed on real devices (e.g., Extreme, EdgeCore), and compared to the simulation results.

In conclusion, I believe that the article has serious methodological flaws and is basically a presentation of several unrelated thematic issues. I encourage the authors to choose one issue (e.g., a model), examine it carefully and compare with existing solutions - this could be a significant contribution to a new article. In its current form, the article is not suitable for publication.

Author Response

Please see the attached file.

Author Response File: Author Response.pdf

Round 2

Reviewer 1 Report

The authors provided effective work to answer my comments. The revised version of the paper can be accepted.

Author Response

We thank Reviewer#1 for the appreciation of effort put in improving the paper, and we hope this further refined version of our manuscript could also answer the concerns of Reviewer#2 and eventually result in paper acceptance.

Author Response File: Author Response.pdf

Reviewer 2 Report

I read the article after the revisions were made. The article has not been significantly restructured and in my opinion the main problem remains unresolved. The article does not have a clearly defined goal. It presents a model that is not implemented even hypothetically with an example.

The authors mention that the proposed architecture is described in the SBDIOI40 project (www.sbdioi40.it). I have looked at the site - there is no information about it.  So I am not able to verify the basic assumptions of the article.

In the introduction we can read the sentence: Finally, we conclude with the importance to consider suitable detection and mitigation techniques that leverage Machine Learning algorithms in the context of Industrial networks. In the whole article I did not find extensive information on this topic.

In fact, the authors did not clearly describe what the SDN controller is supposed to control. We don't know if it is supposed to be industrial switches or IoT components themselves.  We only read very general statements like: "SDN controllers are the glue that realizes the interaction between the Machine Layer and the Application Layer".

The results presented do not add anything new to the current state of the art. In fact, the paper does not present the final result and does not compare it to existing systems.

Therefore, I stand by most of my comments from the previous review and the final conclusion. 

I believe that the article has serious methodological flaws and is basically a presentation of several unrelated thematic issues. I encourage the authors to choose one issue (e.g., a model), examine it carefully and compare with existing solutions - this could be a significant contribution to a new article. In its current form, the article is not suitable for publication

Author Response

Please see the attached file.

Author Response File: Author Response.pdf

Back to TopTop