Next Article in Journal
The Impact of Blenderized Tube Feeding on Gastrointestinal Symptoms, a Scoping Review
Next Article in Special Issue
MRCIF: A Memory-Reverse-Based Code Injection Forensics Algorithm
Previous Article in Journal
Feedback-Controlled Adaptive Signal Detection Scheme for Diffusion-Based Molecular Communication Systems
Previous Article in Special Issue
A Real-Time Hybrid Approach to Combat In-Browser Cryptojacking Malware
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Applied Sciences
Volume 13
Issue 4
10.3390/app13042172
Review Report
applsci-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
Article
Peer-Review Record

Metaheuristics with Deep Learning Model for Cybersecurity and Android Malware Detection and Classification

Appl. Sci. 2023, 13(4), 2172; https://doi.org/10.3390/app13042172
by Ashwag Albakri 1, Fatimah Alhayan 2, Nazik Alturki 2,*, Saahirabanu Ahamed 1 and Shermin Shamsudheen 1
Reviewer 1:
M. Premkumar
Reviewer 2:
Babu R Dawadi
Reviewer 3: Anonymous
Reviewer 4:
Pavan Kumar
Appl. Sci. 2023, 13(4), 2172; https://doi.org/10.3390/app13042172
Submission received: 10 January 2023 / Revised: 3 February 2023 / Accepted: 3 February 2023 / Published: 8 February 2023
(This article belongs to the Special Issue Information Security and Privacy)

Round 1

Reviewer 1 Report

The paper requires the following corrections. 

1. The authors have mentioned "A novel metaheuristics ..." in the title. They have used Rock Hyrax Swarm Optimization algorithm, which is not a novel or new algorithm. It is already reported in 2021 then; what is the meaning of a Novel?

2. The abstract is very large. It is not acceptable. The better abstract should be between 150-200 words. The abstract should discuss a brief intro to the work, primary contributions, novelty, and findings. 

3. Feature selection is a binary optimization problem. But the authors have used a continuous optimization algorithm. Can you justify it?

4. This made me doubt the results. Therefore, it is highly recommended to post the source code in any of the repositories and provide the link in the revised paper. The reviewer wants to verify the results obtained by the authors. 

5. Deep analysis of the literature study is required. Please refer to some newly published papers and improve the literature study. 

6. In-depth analysis of the experimental results is required. 

7. The future extension of the study must be disclosed in the conclusion section.   

Author Response

  1. The authors have mentioned "A novel metaheuristics ..." in the title. They have used Rock Hyrax Swarm Optimization algorithm, which is not a novel or new algorithm. It is already reported in 2021 then; what is the meaning of a Novel?

Thank you for the comment. We have agreed with the reviewer that we have used Rock Hyrax Swarm Optimization algorithm, which has been developed in the 2021. We have employed Rock Hyrax Swarm Optimization algorithm for feature selection process, particularly on Android malware detection purposes. As per the suggestion, we have removed the word ‘novel’ in the revised manuscript.

  1. The abstract is very large. It is not acceptable. The better abstract should be between 150-200 words. The abstract should discuss a brief intro to the work, primary contributions, novelty, and findings.

As per the reviewer comment, the abstract is precisely rewritten in the revised manuscript. Kindly refer Page 1, Abstract.

  1. Feature selection is a binary optimization problem. But the authors have used a continuous optimization algorithm. Can you justify it?

Thank you for the comment. We have performed feature selection as a binary optimization problem, i.e. the proposed model indicates the selection (1) or non-selection (0) of each feature.

  1. This made me doubt the results. Therefore, it is highly recommended to post the source code in any of the repositories and provide the link in the revised paper. The reviewer wants to verify the results obtained by the authors.

Thank you for the comment. We have provided necessary experimental details to carry out the simulation process. In addition, we have provided dataset details in the revised manuscript. Kindly refer Page 10, Lines 353-364.

  1. Deep analysis of the literature study is required. Please refer to some newly published papers and improve the literature study.

Based on the reviewer comment, recent state of art approaches are reviewed in the revised manuscript. Kindly refer Page 3, Lines 136-152.

  1. In-depth analysis of the experimental results is required.

Thank you for the comment. In order to demonstrate the improved performance of the proposed model, we have made a detailed comparison study of the proposed model with recent approaches in terms of different performance measures. Kindly refer Page 10, Section 4 and Page 15, Table 4.

  1. Lee, J.; Jang, H.; Ha, S.; Yoon, Y. Android Malware Detection Using Machine Learning with Feature Selection Based on the Genetic Algorithm. Mathematics 2021, 9, 2813. https://doi.org/10.3390/math9212813.
  2. The future extension of the study must be disclosed in the conclusion section.

Based on the reviewer comment, the possible extension of the proposed model is clearly defined in the conclusion section. Kindly refer Page 17, Lines 459-462.

Reviewer 2 Report

Through this manuscript, authors have proposed the RHSODL-AMD technique for android malware detection and classification. The manuscript is well written and has sufficient experimental analysis with comparisons among other approaches. I have following opinion/suggestions for this manuscript.

-        Detail explanation of other malware detection technique has just creat noisy contents and increases the page length only e.g. section 3.3., detailing of ARAE model is not necessary, a reference citation about this model would be sufficient.

-        Algorithm 2 << is it your proposed algorithm of AdaMax?, if not, it is better to exclude. I didn’t see its significance here to present as an algorithm. additionally, there is no any implementation and analysis portion of this algorithm

-        Table 1 << those samples may not be sufficient to verify/validate the model using deep learning approach. Still, it would be good to take large samples maybe generating samples through augmentation or use of else standard dataset.

-        I didn’t see the significance of comparison of performance parameters for benign and malware at figures 4 and 5, 8 and 9. Please clearly outline and interpret the outcome of this comparison.

-        Line 321, Because ?2 [0,1),<< error in formula bracket ] or)?

Author Response

-        Detail explanation of other malware detection technique has just creat noisy contents and increases the page length only e.g. section 3.3., detailing of ARAE model is not necessary, a reference citation about this model would be sufficient.

As per the reviewer comment, the detailed explanation of the ARAE model is shortened in the revised manuscript. Kindly refer Page 8, Section 3.3.

-        Algorithm 2 << is it your proposed algorithm of AdaMax?, if not, it is better to exclude. I didn’t see its significance here to present as an algorithm. additionally, there is no any implementation and analysis portion of this algorithm

As per the suggestion, we have excluded the Algorithm 2 in the revised manuscript. In addition, the significance of using Adam optimizer is stated in the revised manuscript. Kindly refer Page 9, Lines 323-331.

-        Table 1 << those samples may not be sufficient to verify/validate the model using deep learning approach. Still, it would be good to take large samples maybe generating samples through augmentation or use of else standard dataset.

Thank you for the comment. In this work, we have used Andro-AutoPsy dataset [24], which comprises 9000 benign samples and 13000 malware samples as represented in Table 1. The Andro-AutoPsy is an anti-malware system which depends upon the similarity matching of malware-centric and malware creator-centric information. It is used for classifying malware samples into similar subgroups by exploiting the profiles extracted from integrated footprints, which are implicitly comparable to different behavior characteristics. It finds useful for benign and malicious applications and classifying malicious applications into similar behavior groups.

In future, we plan to test the performance of the proposed model on the large scale real time dataset.

-        I didn’t see the significance of comparison of performance parameters for benign and malware at figures 4 and 5, 8 and 9. Please clearly outline and interpret the outcome of this comparison.

Thank you for the comment. We have examined the performance of the proposed model in terms of different measures such as

  • Accuracy
  • Precision
  • Recall
  • F-Score
  • MCC

In addition, we have referred the compared methods from the following citation:

  1. Lee, J.; Jang, H.; Ha, S.; Yoon, Y. Android Malware Detection Using Machine Learning with Feature Selection Based on the Genetic Algorithm. Mathematics 2021, 9, 2813. https://doi.org/10.3390/math9212813.

-        Line 321, Because ?2 ∈ [0,1),<< error in formula bracket ] or)?

As per the reviewer suggestion, the mathematical error is corrected in the revised manuscript. Kindly refer Line 349.

Reviewer 3 Report

Dear Authors,

thank you for the opportunity to read and review your manuscript. It deals with very important cyber security issues. It is especially relevant given the ubiquity of smartphones and the extent of their use in everyday life. Indeed, they serve not only to communicate, but also often contain applications and sensitive, private and professional data. 

Presented paper is very interesting, however, some issues require revision.

Table 2 and Figures 4 and 5 present same data. Authors should choose either the table or the figures.

As above mentioned applies also to table 3 and figures 8 and 9. As well as, to table 4 and figure 13.

Figures need to be better described, description and interpretation of results are missing from the text.

The manuscript also lacks a discussion of the results obtained with other studies in this area.

Kind regards,

Reviewer

Author Response

Table 2 and Figures 4 and 5 present same data. Authors should choose either the table or the figures.

Thank you for the suggestion. We have removed the redundant figures 4 and 5 in the revised manuscript. Kindly refer Page 10, Section 4.

As above mentioned applies also to table 3 and figures 8 and 9. As well as, to table 4 and figure 13.

Based on the reviewer suggestion, we have removed the redundant figures 8, 9, and 13 in the revised manuscript. Kindly refer Page 10, Section 4.

Figures need to be better described, description and interpretation of results are missing from the text.

As per the reviewer comment, a detailed description of the results is given in the revised manuscript.

The manuscript also lacks a discussion of the results obtained with other studies in this area.

Based on the reviewer comment, the reason for the better performance of the proposed model is elaborated in the revised manuscript. Kindly refer Page 16, Lines 441-446.

Reviewer 4 Report

applsci-2184191-peer-review-v1

A Novel Metaheuristics with Deep Learning Model for Cybersecurity and
Android Malware Detection and Classification.

 

The paper presents a study on metaheuristic approaches with deep learning model for cybersecurity and android malware detection. The topic seems to be interesting. However, there are some serious issues and deficiencies. In view of this, I recommend the major revision of the manuscript. Author is asked to answer and implement in manuscript all serious issues and deficiencies, and highlight with red colour.

Authors should clarify the following comments:

1.   The abstract is very lengthy and goes into detailed accounts that are best suited for the article’s main discussion sections. As such, I suggest the author reduces this section to keep only the most important elements.

2.      Line 427, Conclusion section: Author mentions, “…, the performance of the RHSODL-AMD technique can be improvised by an ensemble learning process”. This is not a relevant extension.

3.      Line 46, In introduction, before starting the mentioned references, there is a need to add 8-9 lines related to the subject of the paper and write in general introduction. After that you should connect them with the references.

4.      Related to rest of the work, several sections are repeated of the existing studies. The contribution of the new work claims from section 5 and hence the finding is very limited to the studies.

5.      Page 15, The figure "Figures 12-11, looks so vague. Some text on figures is difficult to read. It must be redrawn and further refined.

6.      Table 2: how did you select these values. Did you conduct parameter analysis?

7.      What is the relationship of Sections 2 and 3? And, where are (12) and (15) utilized?

8.      The "Where" below Eq. (15) should be "where". Remove the similar problems in your paper.

9.      The Author should add the flowchart of the algorithms code which are used in the article.

10.  I did not find what specification of this software author used. Also, the last section “Section 5” should be just “Conclusions”.

11.  What are the limitations of the study? What are the implications of the study to practitioners and other stakeholders?

12.  The applicability of proposed method and algorithm should be discussed. It would be helpful to discuss how the proposed algorithm and method can be applied to other systems.

13.  Pay more attention to mathematical equations, and explain their parameters more clearly so as not to confuse the reader.

14.  Results and discussion section: The paper presented and explained all the key findings but they did not discuss the findings with the help of previous published papers. Author(s) discussed their results very well but in a scientific paper, it is required to cover all the aspect and provide and cite the similar work of other researchers. I think author(s) need to polish this section, which will help to further highlight the researchers' work.

15.  I would like to see the computational times which the algorithm needs. It will be very interesting if these times are reported and compared for different numbers of the sources.

16.  The paper is fraught with grammatical errors, especially punctuation errors. To this end, the work needs to be thoroughly proofread and edited accordingly.

***

 

 

 

 

Author Response

  1. The abstract is very lengthy and goes into detailed accounts that are best suited for the article’s main discussion sections. As such, I suggest the author reduces this section to keep only the most important elements.

As per the reviewer comment, the abstract is precisely rewritten in the revised manuscript. Kindly refer Page 1, Abstract.

  1. Line 427, Conclusion section: Author mentions, “…, the performance of the RHSODL-AMD technique can be improvised by an ensemble learning process”. This is not a relevant extension.

Based on the reviewer comment, the possible extension of the proposed model is clearly defined in the conclusion section. Kindly refer Page 17, Lines 459-462.

  1. Line 46, In introduction, before starting the mentioned references, there is a need to add 8-9 lines related to the subject of the paper and write in general introduction. After that you should connect them with the references.

Based on the reviewer comment, the necessary information related to the subject of the paper is provided in the introduction section. Kindly refer Page 1, Lines 35-42.

  1. Related to rest of the work, several sections are repeated of the existing studies. The contribution of the new work claims from section 5 and hence the finding is very limited to the studies.

Based on the reviewer comment, the summary of the existing works, research gap, and novelty is discussed in the revised manuscript. Kindly refer Page 4, Lines 153-168.

  1. Page 15, The figure "Figures 12-11, looks so vague. Some text on figures is difficult to read. It must be redrawn and further refined.

Based on the reviewer comment, the quality of the figure is improved in the revised manuscript.

  1. Table 2: how did you select these values. Did you conduct parameter analysis?

Thank you for the valid question. We have derived the values in Table 2 based on the confusion matrix results obtained at the time of execution.

  1. What is the relationship of Sections 2 and 3? And, where are (12) and (15) utilized?

In this work, we have initially selected the optimal subset of features using the RHSO-FS technique. Then, the chosen features are passed into the ARAE model for Android malware classification process.

  1. The "Where" below Eq. (15) should be "where". Remove the similar problems in your paper.

As per the reviewer comment, the above-mentioned issue is corrected in the revised manuscript.

  1. The Author should add the flowchart of the algorithms code which are used in the article.

As per the reviewer comment, flowchart is given in the revised manuscript. Kindly refer Page 7, Figure 2.

  1. I did not find what specification of this software author used. Also, the last section “Section 5” should be just “Conclusions”.

As per the reviewer comment, the experimental details are provided in the revised manuscript. Kindly refer Page 10, Section 4, Paragraph 1.

Besides, section 5 conclusions are given in the revised manuscript. Kindly refer Page 16, Section 5.

  1. What are the limitations of the study? What are the implications of the study to practitioners and other stakeholders?

As per the reviewer comment, the future work is given in the revised manuscript. Kindly refer Page 17, Lines 459-462.

  1. The applicability of proposed method and algorithm should be discussed. It would be helpful to discuss how the proposed algorithm and method can be applied to other systems.

Based on the reviewer comment, the real time applicability of the proposed model is given clearly in the revised manuscript. Kindly refer Page 16, Lines 444-446.

  1. Pay more attention to mathematical equations, and explain their parameters more clearly so as not to confuse the reader.

Based on the reviewer comment, all the mathematical notations are provided correctly in the revised manuscript.

  1. Results and discussion section: The paper presented and explained all the key findings but they did not discuss the findings with the help of previous published papers. Author(s) discussed their results very well but in a scientific paper, it is required to cover all the aspect and provide and cite the similar work of other researchers. I think author(s) need to polish this section, which will help to further highlight the researchers' work.

Thank you for the suggestion. We have made a detailed comparison study of the proposed model with recent methods under different measures. In addition, the key findings of the research work and the reason for the better performance of the proposed model is given clearly in the revised manuscript. Kindly refer Page 15, Table 4 and Page 16, Paragraphs 1-2.

  1. Lee, J.; Jang, H.; Ha, S.; Yoon, Y. Android Malware Detection Using Machine Learning with Feature Selection Based on the Genetic Algorithm. Mathematics 2021, 9, 2813. https://doi.org/10.3390/math9212813.
  2. I would like to see the computational times which the algorithm needs. It will be very interesting if these times are reported and compared for different numbers of the sources.

As per the reviewer comment, we have provided the computation complexity of the proposed model with existing models in the revised manuscript. Kindly refer Page 16, Figure 10.

  1. The paper is fraught with grammatical errors, especially punctuation errors. To this end, the work needs to be thoroughly proofread and edited accordingly.

As per the reviewer comment, we have improved the language quality of the manuscript and thoroughly proofread for grammatical as well as typographical errors.

Round 2

Reviewer 1 Report

The authors have replied to a few of my comments. They told me that binary optimization is used for FS, but I couldn't able to see the binary optimization formulation. Without that, how is FS possible? I asked them to provide a source code link in the paper to check the validity, but they haven't responded. They cannot say that it is confidential because the dataset is available in open source, and the algorithm and DL network are also known and available in open source. So nothing wrong with sharing the source code. Yes, of course, nowadays, most of journals ask the authors to deposit the codes in the repository, and it is mandated in many journals. 

Author Response

Thank you for the thoughtful comments.

We agree with the reviewer comment that the source code would be beneficial to check the validity of the proposed model. Therefore, we have shared the source code link for your reference that we hope will meet with your approval.

The source code is available at https://drive.google.com/drive/folders/1fXbKIMTnPeTSB84Ds7BRjvmIYGkjx3CD

In addition, we have provided the fitness function of the proposed model for the feature selection process. Kindly refer Page 7, Lines 260-277.

Reviewer 2 Report

The paper is sufficiently improved in this refined version. 

Just one more comment - Please include organization of the paper (structuring of the article) in the introduction section.

 

Author Response

Thank you for the positive comment. As per the reviewer comment, the organization of the paper is given in the revised manuscript. Kindly refer Page 2, Lines 93-95.

Reviewer 4 Report

applsci-2184191-peer-review-v2

A Novel Metaheuristics with Deep Learning Model for Cybersecurity and Android Malware Detection and Classification.

Authors have made a correction in the paper if compared to the first submission. But unfortunately, there are recommendations to do before accepting the paper in this format.

Author should clarify the following:

Major comments:

1.      There is no reference list in this paper!!!! The authors have finished the manuscript with conclusions!! Therefore, the introduction section remains unjustified and invalid.

2.      In addition, the literature review, in my point of view is weak, which required to improve and strengthen. Author(s) need to cite more latest researches in the relevant field “Deep Learning Model for Cybersecurity” to provide an up-to-date picture of work. Following articles can be cited in introduction and literature review sections to enrich this parts: (https://www.mdpi.com/2076-3417/13/2/697), (https://www.mdpi.com/2227-7390/11/3/598).

3.      In abstract, some sentences are lengthy and unclear. The author is suggested to revise all lengthy sentences available in abstract as well as in entire paper.

4.      Page 1, lines 8-10, in abstract part, author mentions <Even though various solutions have been put forward for the recognition of Android malware using machine learning models, feature selection approaches must be utilized in Android malware detection mechanisms…>. This statement is misleading. It is unclear that why the feature selection approaches must be utilized in Android malware detection mechanisms. What do you mean by feature selection approaches in this paper?

5.      Manuscript is poorly written and contains many grammatical errors. It needs to be rewritten and proofread for grammatical errors by a native English speaker.

6.      Page 17, lines 447-450: future study issues are not promising. I would like to read some discussions about your future studies. For instance, the proposed model can be extended to deal with crime data prediction and ethereum fraud transactions. The following papers may be helpful: (https://doi.org/10.33640/2405-609X.3197), (https://doi.org/10.33640/2405-609X.3229). Please consider citing and commenting them in the paper.

7.      The structure of the introduction section is not good. It should have two separate paragraphs at its end, one of which presents the contribution and explanations of this work; and the other one outlines the coming sections.

8.      Convergence profiles of the methods should be presented and reviewed. What was the computational complexity of each method?

Minor comments:

9.      Change the heading of section 2 from “Related Works” to “Literature Review”.

10.  The texts written in Figure 9 are not clear and hence not readable.

***

Author Response

 

  1. There is no reference list in this paper!!!! The authors have finished the manuscript with conclusions!! Therefore, the introduction section remains unjustified and invalid.

We apologize for the error occurred during the submission process. We have provided the list of references in the revised manuscript. Kindly refer Page 17, References.

  1. In addition, the literature review, in my point of view is weak, which required to improve and strengthen. Author(s) need to cite more latest researches in the relevant field “Deep Learning Model for Cybersecurity” to provide an up-to-date picture of work. Following articles can be cited in introduction and literature review sections to enrich this parts: (https://www.mdpi.com/2076-3417/13/2/697), (https://www.mdpi.com/2227-7390/11/3/598).

As per the reviewer comment, above mentioned recent references related to the deep learning models for cybersecurity is included in the revised manuscript. Kindly refer Page 17, References, 6-7.

  1. In abstract, some sentences are lengthy and unclear. The author is suggested to revise all lengthy sentences available in abstract as well as in entire paper.

As per the reviewer comment, the abstract is precisely rewritten in the revised manuscript. In addition, the lengthy sentences are modified in the entire manuscript.

  1. Page 1, lines 8-10, in abstract part, author mentions <Even though various solutions have been put forward for the recognition of Android malware using machine learning models, feature selection approaches must be utilized in Android malware detection mechanisms…>. This statement is misleading. It is unclear that why the feature selection approaches must be utilized in Android malware detection mechanisms. What do you mean by feature selection approaches in this paper?

Based on the reviewer suggestion, the need of feature selection process in the Android malware detection process is given in the revised manuscript. Kindly refer Page 1, Abstract, Lines 20-25.

  1. Manuscript is poorly written and contains many grammatical errors. It needs to be rewritten and proofread for grammatical errors by a native English speaker.

As per the reviewer comment, we have improved the language quality of the manuscript and thoroughly proofread for grammatical as well as typographical errors.

  1. Page 17, lines 447-450: future study issues are not promising. I would like to read some discussions about your future studies. For instance, the proposed model can be extended to deal with crime data prediction and ethereum fraud transactions. The following papers may be helpful: (https://doi.org/10.33640/2405-609X.3197), (https://doi.org/10.33640/2405-609X.3229). Please consider citing and commenting them in the paper.

As per the reviewer comment, we have improved the future work section in the revised manuscript and the above mentioned references are included. Kindly refer Page 17, Lines 467-471.

  1. The structure of the introduction section is not good. It should have two separate paragraphs at its end, one of which presents the contribution and explanations of this work; and the other one outlines the coming sections.

Thank you for the suggestion. We have provided the introduction section in a proper way. In addition, the contribution and organization of the paper is given in two separate paragraphs. Kindly refer Page 2, Lines 83-95.

  1. Convergence profiles of the methods should be presented and reviewed. What was the computational complexity of each method?

As per the reviewer suggestion, we have made a detailed computation time analysis of the proposed model with the existing models. Kindly refer Page 16, Fig. 10.

Minor comments:

  1. Change the heading of section 2 from “Related Works” to “Literature Review”.

As per the reviewer comment, the section 2 is renamed as “Literature Review”. Kindly refer Page 2.

  1. The texts written in Figure 9 are not clear and hence not readable.

As per the reviewer comment, the quality of the figure is improved in the revised manuscript. Kindly refer Page 15, Fig. 9.

 

 

 

Back to TopTop