Next Article in Journal
Visual MAV Tracker with Adaptive Search Region
Next Article in Special Issue
Digital Transformation and Cybersecurity of Critical Infrastructures
Previous Article in Journal
A Variable Ranking Method for Machine Learning Models with Correlated Features: In-Silico Validation and Application for Diabetes Prediction
Previous Article in Special Issue
Cybersecurity against the Loopholes in Industrial Control Systems Using Interval-Valued Complex Intuitionistic Fuzzy Relations
 
 
Article
Peer-Review Record

Cyber-Attack Scoring Model Based on the Offensive Cybersecurity Framework

Appl. Sci. 2021, 11(16), 7738; https://doi.org/10.3390/app11167738
by Kyounggon Kim 1,*, Faisal Abdulaziz Alfouzan 2,* and Huykang Kim 3
Reviewer 1: Anonymous
Reviewer 2: Anonymous
Appl. Sci. 2021, 11(16), 7738; https://doi.org/10.3390/app11167738
Submission received: 11 July 2021 / Revised: 12 August 2021 / Accepted: 15 August 2021 / Published: 23 August 2021
(This article belongs to the Special Issue Cyber Security of Critical Infrastructures)

Round 1

Reviewer 1 Report

This paper identified each element of offensive cyber-security used in cyber-attacks and investigated extent to which the detailed techniques identified in the offensive cyber-security framework were used by analyzing cyber-attacks.

Good point:

+ Some results have shown.

Major issues:

  1. The contributions of the paper are not clear. The authors needs to clarify what the main methods used in your framework.
  2. It should add some detail description for each figure and tables such as Figure 1 and 2.
  3. The author should compare the proposed approach with other similar works or provide a discussion. Otherwise, it's hard for reader to identify the novelty and contribution of this work.
  4. Adjust the format of the figures such as Figure 1 and 2. In addition, check the number of the sections.
  5. Language: the English needs to improved, as there are many typos and unclear sentences, which is not easy for readers to understand.

For example, “It also that the nature of cyber-attacks is gradually changing.”

“Many researches regarding cyber-attacks has been conducted, however there has been lack of research related to measure for cyber-attacks perspective using offensive cybersecurity.” has-->have

“This motivated us to propose a methodology for quantifying cyber-attacks such that they are measurable rather than abstract.” such that --> so that

Please check the whole paper.

Author Response

Dear respected reviewers, 

Please find the attached file which includes our response to your comments. 

Thanks

Author Response File: Author Response.docx

Reviewer 2 Report

The authors propose a methodology for quantifying cyber attacks. The idea is acceptable; but the effectiveness and the application of such a score is not convincing from the article. The quality of writing could have been better; there are too many things in the article and not so easily comprehendible. There is a kind of survey of attacks being done in the first part of the paper. Some of the concepts/techniques seems vague. 

  1. What is the purpose of proposing such a score?
  2. Measuring cyber-attack - with this score what conclusions can be driven about an attack?
  3. In what stage does this score be used? Will this be useful for organizations? 
  4. Is this a once-time process? If a cyber attack happens anywhere, in what way will this score help? 

Author Response

Dear respected reviewer, 

Please find the attached file which includes our response to your comments.

Thanks

Author Response File: Author Response.docx

Round 2

Reviewer 1 Report

No more comments

Author Response

Kindly find the attached file. 

Author Response File: Author Response.pdf

Reviewer 2 Report

Still have the same queries that are already raised. The authors could have highlighted the changes and address the comments so that its easily understandable. From comparing the files, there are some edits done. 

The practical usage of such a score is not so impressively presented. This can be considered as a survey paper. But the second part demands a bit more explanation with convincing results

Author Response

Kindly find the attached file. 

Author Response File: Author Response.pdf

Back to TopTop