Next Article in Journal
A Lightweight Received Signal Strength Indicator Estimation Model for Low-Power Internet of Things Devices in Constrained Indoor Networks
Next Article in Special Issue
A Clustering Algorithm Based on the Detection of Density Peaks and the Interaction Degree Between Clusters
Previous Article in Journal
Numerical Study of Cavitating Flows in an External Gear Pump with Special Emphasis on Thermodynamic Effects
Previous Article in Special Issue
Location-Aware Deep Interaction Forest for Web Service QoS Prediction
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Applied Sciences
Volume 15
Issue 7
10.3390/app15073533
Review Report
applsci-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
Article
Peer-Review Record

Secure Delivery Method for Preserving Data Integrity of a Video Frame with Sensitive Objects

Appl. Sci. 2025, 15(7), 3533; https://doi.org/10.3390/app15073533
by You-Rak Choi 1,† and Yunhee Kang 2,*,†
Reviewer 1: Anonymous
Reviewer 2:
Angelo Lorusso
Appl. Sci. 2025, 15(7), 3533; https://doi.org/10.3390/app15073533
Submission received: 26 February 2025 / Revised: 14 March 2025 / Accepted: 19 March 2025 / Published: 24 March 2025
(This article belongs to the Special Issue Trusted Service Computing and Trusted Artificial Intelligence)

Round 1

Reviewer 1 Report

Comments and Suggestions for Authors

The paper is of a good quality and provides: 
- Practical implementation on edge devices (Jetson Nano, Raspberry Pi) demonstrates feasibility for low-latency applications.
- Integration of hash trees for efficient batch verification and SHA-256 for integrity checks aligns with modern security standards.
- Multi-threaded logger design enables parallel processing, supporting real-time performance (30 fps)


However the following points must be addressed: 

 1- Methodology Clarity:

- The integration of XOR encoding with the hash tree and overall system workflow is insufficiently detailed. Clarify how the filter (seed = CID xor public key) is securely generated, managed, and applied to sensitive objects.

- Ambiguity in multi-threaded logger operations: Elaborate on thread synchronization and data flow between capture, encoding, hashing, and transmission components.

- Lack of a comprehensive system diagram or pseudocode to illustrate the end-to-end process (e.g., encoding/decoding steps, hash tree construction).

2- Results Discussion & Analysis Depth:

-Performance metrics (e.g., 65 ms/image for GPU detection) lack comparison to state-of-the-art methods or baselines, weakening the novelty claim.
-Limited statistical analysis: Include confidence intervals or p-values to validate the significance of GPU speed improvements over CPU.
-No evaluation of XOR encoding’s security impact (e.g., entropy analysis, resistance to known-plaintext attacks).

3-Security Considerations:

- XOR encoding is reversible and vulnerable if the seed is compromised. Discuss mitigations (e.g., key rotation, hybrid encryption) and threat models (e.g., adversarial tampering).
-Absence of cryptographic analysis for the proposed "digital fingerprint" (SHA-256 hash). Address collision resistance and pre-image attack risks.

4-Experimental Reproducibility:

- Dataset specifics missing: Describe the number/type of videos, sensitive objects, and environmental conditions (lighting, occlusion).

- YOLOv8 training details omitted: Specify fine-tuning parameters, dataset splits, and accuracy metrics (mAP) post-retraining.

       
5- Others:

- False positives/negatives in object detection (Figure 17) are mentioned but not quantified. Analyze their frequency and impact on system reliability.

- No discussion on scalability: How does the system perform with higher-resolution videos or larger hash trees?

- Handshake protocol between logger and verifier lacks rigor. Detail certificate validation steps and PKI trust establishment.

Revision must addresses methodological gaps, deepen results analysis, and strengthen security arguments to enhance rigor and reproducibility.

Comments on the Quality of English Language

good enough

Author Response

Manuscript applsci-3525226

Response to Reviewers

 

Thank you for giving us the opportunity to submit a revised draft of the manuscript “Secure delivery method for preserving data integrity of a video frame with sensitive objects” for publication in Applied Sciences. We appreciate the time and effort that you and the reviewers dedicated to providing feedback on our manuscript and are grateful for the insightful comments on and valuable improvements to our paper. We have incorporated most of the suggestions made by the reviewers.  Those changes are updated within the manuscript. Please see below, in red, for a point-by-point response to the reviewers’ comments and concerns. All page numbers refer to the revised manuscript file with tracked changes.

 

Comment 1- [Methodology Clarity: The integration of XOR encoding with the hash tree and overall system workflow is insufficiently detailed. Clarify how the filter (seed = CID xor public key) is securely generated, managed, and applied to sensitive objects.]

Response 1- Thank you for pointing this out. We agree this comment. Therefore, we added the details that follow in section 3.2. Delivery scheme.

 

During the verification, the verifier needs to obtain the logger's public key to verify the hash value and decode the image with sensitive objects. This public key is received from the Logger during the initial session establishment process. To ensure secure transmission of the public key, a secure channel can be established, or cryptographic techniques such as Multi-Party Computation (MPC) can be employed. This paper proposes the use of Shamir's Secret Sharing scheme(SSS)\citep{ShamirSS} for secure public key transfer, enabling the reconstruction of the public key generated by the Verifier.  The SSS is a cryptographic scheme for distributing a secret among multiple parties, requiring a certain number of shares to reconstruct the original secret.  In this case, the secret is used as the public key.

 

And we added the reference for Shamir secure sharing as follows:

 

  1. Shamir, A. How to share a secret. Commun. ACM 1979, 22, 612–613. https://doi.org/10.1145/359168.359176. 

 

Comment 2- The integration of XOR encoding with the hash tree and overall system workflow is insufficiently detailed. Clarify how the filter (seed = CID xor public key) is securely generated, managed, and applied to sensitive objects.

Response 2- Thank you for pointing this out. We agree this comment. Therefore, we modified the overall system structure with logger and verifier in Figure 4. To make clear the workflow of the system, the modified system structure is added the function named “Build hash tree”.  To explain the “Build hash tree” function, we added the details that follow in section 3.1 System structure design:

 

In the integrity verification process of Figure 4, the verified hash value obtained after verifying the video frame is passed to the build hash tree process, which is the hash tree generation process, as input for the construction of the hash tree. The hash tree is then constructed in units of hash tree construction nodes as defined in the configuration. To deliver the verified hash value to the build hash tree process, a message queue, which is an IPC mechanism, is used.

 

 

Comment 3- Ambiguity in multi-threaded logger operations: Elaborate on thread synchronization and data flow between capture, encoding, hashing, and transmission components.

- Lack of a comprehensive system diagram or pseudocode to illustrate the end-to-end process (e.g., encoding/decoding steps, hash tree construction).

Response 3- Thank you for pointing this out. We agree this comment. Therefore, I add the following related with thread synchronization in section 3.4. Multi-thread Logger.

Thread safety is crucial when multiple threads access and modify shared resources concurrently. The threads of a logger that operates with multiple threads use a queue for inter-thread data communication, thereby supporting parallel processing of the threads. To ensure thread safety, the shared resource, the queue, is locked using a \textbf{mutex}, and after the thread performs its designated function, the lock is released.

To solve “Lack of a comprehensive system diagram”, we modified the overall system structure with logger and verifier in Figure 4. To make clear the workflow of the system, the modified system structure is added the function named “Build hash tree”.  We describe details in [Response 2]. I also add details that follow in section 4.5 titled “Result of hash tree and verification”

A hash tree is a data structure used for efficient and secure verification of large datasets. The hash values generated by the Logger are verified for integrity by the Verifier, and the verified hash values are used as input for constructing a hash tree. The hash tree is used to verify the integrity of the data, which may be compromised due to external tampering or internal data management issues during the image storage process.

Comment 4- [2- Results Discussion & Analysis Depth:

-Performance metrics (e.g., 65 ms/image for GPU detection) lack comparison to state-of-the-art methods or baselines, weakening the novelty claim.
-Limited statistical analysis: Include confidence intervals or p-values to validate the significance of GPU speed improvements over CPU.
-No evaluation of XOR encoding’s security impact (e.g., entropy analysis, resistance to known-plaintext attacks).]

Response 4- Thank you for pointing this out. The purpose of this paper is to design and implement a scheme for processing sensitive objects within images. Since the existing Yolo8 is utilized, we determined that a separate performance analysis is not required.

We agree your comment about “Limited statistical analysis” Hence we evaluated the significance of GPU speed improvements over CPU by p-value. We added the details that follow in section 5.2. Evaluation of Object detection and Encoding.

The comparative object detection performance of CPU and GPU is evaluated using a statistical hypothesis test, p-value. The obtained p-value of 0.029, below the conventional significance level of 0.05, confirms a statistically significant improvement in object detection performance when using the GPU.

We agree your comment about “No evaluation of XOR encoding’s security impact.” We described the details that follow in 3.2. Delivery scheme and in [Response 1]. 

The security of the filter depends on the robustness of the seed. The filter used in XOR encoding is constructed using a public key and CID, which may have security vulnerabilities due to the fixed public key and the CID with rules. Here, we strengthened the security system by utilizing SSS (Shamir's Secret Sharing) to construct the public key for seed configuration, thereby preventing access to the public key by untrusted users.

Comment 5- [3-Security Considerations:
- XOR encoding is reversible and vulnerable if the seed is compromised. Discuss mitigations (e.g., key rotation, hybrid encryption) and threat models (e.g., adversarial tampering).
-Absence of cryptographic analysis for the proposed "digital fingerprint" (SHA-256 hash). Address collision resistance and pre-image attack risks.]

Response 5- Thank you for pointing this out. We agree your comment about “XOR encoding is reversible and vulnerable if the seed is compromised” Hence we added the details that follow in 3.2. Delivery scheme.

The security of the filter depends on the robustness of the seed. The filter used in XOR encoding is constructed using a public key and CID, which may have security vulnerabilities due to the fixed public key and the CID with rules. Here, we strengthened the security system by utilizing SSS (Shamir's Secret Sharing) to construct the public key for seed configuration, thereby preventing access to the public key by untrusted users.

We also added details that follow in 6. Discussion.

In order to mitigate security vulnerabilities, a filter employing XOR encoding will be designed, incorporating Hardware Security Modules (HSMs) for robust cryptographic key management. HSMs, as physical devices, provide a high assurance of security for cryptographic operations, including the generation, storage, and management of cryptographic keys. Both the logger and verifier  interact with their respective HSMs to generate a random number, which  serves as an input for the filter.

We agree your comment about  “Absence of cryptographic analysis for the proposed "digital fingerprint" (SHA-256 hash)”  We addressed “collision resistance and pre-image attack risks” in section 2.1. Hash function. We described the details of the following:

SHA-256 (Secure Hash Algorithm 256-bit) is a hash function with very strong properties in terms of collision resistance. Collision resistance means that the probability of two different inputs producing the same hash value is extremely low.  In the perspective of preimage resistance, $SHA-256$ designed to be a one-way function, which means that it is computationally infeasible to reverse the hashing process.   It is a member of the SHA-2 family and produces a 256-bit (32-byte) hash value. The length of a hash value is the difficulty of finding an input that produces a given hash output. Given an input and its corresponding hash, this refers to the difficulty of finding a different input that produces the same hash output, in terms of second-preimage resistance.

Comment 6- [4-Experimental Reproducibility:

- Dataset specifics missing: Describe the number/type of videos, sensitive objects, and environmental conditions (lighting, occlusion).

- YOLOv8 training details omitted: Specify fine-tuning parameters, dataset splits, and accuracy metrics (mAP) post-retraining.]

Response 6- Thank you for pointing this out.

The purpose of this paper is to design and implement a scheme for processing sensitive objects within images.  It is determined that your comment “Dataset specifics missing” is not required. It is also determined that your comment “YOLOv8 training details omitted” is not required.

We added the limitation of our experiment as follows in section 6. Discussion

This experiment has a limitation in that it did not perform performance evaluation using a separate dataset due to the purpose of detecting sensitive objects without performing separate fine-tuning for Yolov8.

       
Comment 7- [5- Others:

- False positives/negatives in object detection (Figure 17) are mentioned but not quantified. Analyze their frequency and impact on system reliability.

- No discussion on scalability: How does the system perform with higher-resolution videos or larger hash trees?

- Handshake protocol between logger and verifier lacks rigor. Detail certificate validation steps and PKI trust establishment.

 ]

Response 7

It is determined that your comment “False positives/negatives in object detection (Figure 17) are mentioned but not quantified.” is not required.

We added the limitation of our experiment as follows in section 6. Discussion.

The experiment observes instances of incorrect object detection, indicating the need for the development of specialized algorithms and further fine-tuning to enhance accuracy.

We agree your comment about “No discussion on scalability”. We added the details that follow in section 6. Discussion.

Considering the scalability of the system, the verifier will be configured to operate as a container within a Kubernetes environment in a cloud-based infrastructure as part of future work. To handle large-scale hash data, we construct a lightweight hash tree. This lightweight hash tree is designed to perform compression on consecutive duplicate hash values.

We agree your comment about “Handshake protocol between logger and verifier lacks rigor”. We added the details that follow in section 3.2. Delivery scheme.

A trusted validator stores the public key, generated by the Logger in Figure \ref{fig:secure_delivery}, into the Verifier using SSS.

Author Response File: Author Response.pdf

Reviewer 2 Report

Comments and Suggestions for Authors

The article "Secure delivery method for preserving data integrity of a video frame with sensitive objects" looks at a big problem in multimedia data integrity and security and suggests a way to protect video frames with sensitive objects using cryptography and hashing. The use of embedded devices like the Jetson Nano Orin and Raspberry Pi 4 makes the research very interesting from an application point of view, showing that the method can be used in real-world situations. Nonetheless, the work exhibits some significant methodological and experimental difficulties that must be resolved to facilitate its publication in a prestigious journal.
A major issue is the lack of a comprehensive comparison with the current state of the art. Some ways of checking security are talked about, like digital signatures, blockchain, hash functions, and hash trees. However, other methods, like watermarking or AES encryption, are not directly compared. This complicates the assessment of the suggested solution's additional value. It is recommended to provide a comparative table featuring metrics like security, processing time, and scalability, emphasising the advantages and limitations of alternative systems. The article also talks about the creation of a hash tree for integrity verification, but it doesn't give a full analysis of how well it works compared to other data structures or what the effects of using different hashing algorithms are (for example, SHA-256 vs. Blake2 or SHA-3). The selection of the hash algorithm should be more thoroughly justified, potentially via a comparative investigation of its performance and robustness.
A significant serious issue pertains to the approach description, which is ambiguous and occasionally erroneous. In section 3.2, the filter formula is described; nevertheless, the process of seed generation is inadequately detailed. The mechanism by which it ensures security is ambiguous, and there exists a potential risk that an adversary could anticipate its usefulness. A brief explanation of the process of making a digital fingerprint is given, and there is no flowchart showing the steps taken to create and check the integrity of the video frames. The distribution of public and private keys is addressed superficially; the risks associated with compromising the private key or man-in-the-middle attacks during the authentication process are not examined. An investigation of key distribution security, along with potential countermeasures such as digital certificates from a trustworthy source, would be a valuable enhancement.

A notable issue is the absence of discourse regarding the method's limits. At present, section 6 fails to critically evaluate the deficiencies of the suggested solution. One problem that warrants thorough examination is the susceptibility of XOR coding, a method known for its sensitivity to statistical analysis attacks when the seed lacks adequate randomness. It's also not clear how well the method works in attacks that are meant to do harm, like changing the video metadata or replacing the public key. Without a comprehensive analysis of these potential threats and their corresponding mitigation strategies, hostile situations could render the system ineffective. Implementing simulated security tests would be beneficial for evaluating the algorithm's resilience in realistic attack scenarios.
The experimental analysis possesses considerable deficiencies. The essay mostly talks about how to measure processing times and doesn't talk about other important metrics for evaluating systems, such as how accurate integrity checks are and how well they protect against intentional data manipulation. No assessments are provided in which the system endeavours to identify the alteration of video frames, such as substituting an original frame with a modified one, omitting a frame from the sequence, or altering the metadata. The incorporation of these tests would markedly enhance the scientific validity of the work and amplify its impact. Moreover, the article fails to address the scalability of the method. The efficacy of the proposed technique in cases involving substantial data, such as real-time video surveillance systems with numerous cameras, remains uncertain. Evaluating performance on extensive datasets and during peak traffic situations would be advantageous.
The final section may be enhanced as well. The concluding discussion is overly general and fails to adequately encapsulate the results achieved. The proposed method fails to thoroughly examine potential enhancements for future research, and it proposes no alternative applications beyond video monitoring. A robust conclusion must incorporate a critical analysis of the solution's strengths and flaws, proposing avenues for future enhancement of the method.
In conclusion, the work presents a compelling concept with robust technical execution; yet, it requires multiple enhancements prior to acceptance in a high-impact publication. It is crucial to integrate a quantitative comparison with the current state of the art, improve the description of the methodology, delve deeper into the method's vulnerabilities, broaden the experimental analysis to include robustness and scalability assessments, and address issues related to object detection accuracy. Implementing these adjustments will enhance the work's impact and increase its competitiveness for publication.

Author Response

Manuscript applsci-3525226

Response to Reviewers

 

Thank you for giving us the opportunity to submit a revised draft of the manuscript “Secure delivery method for preserving data integrity of a video frame with sensitive objects” for publication in Applied Sciences. We appreciate the time and effort that you and the reviewers dedicated to providing feedback on our manuscript and are grateful for the insightful comments on and valuable improvements to our paper. We have incorporated most of the suggestions made by the reviewers.  Those changes are updated within the manuscript. Please see below, in red, for a point-by-point response to the reviewers’ comments and concerns. All page numbers refer to the revised manuscript file with tracked changes.

 

Comment 1- [A major issue is the lack of a comprehensive comparison with the current state of the art. Some ways of checking security are talked about, like digital signatures, blockchain, hash functions, and hash trees. However, other methods, like watermarking or AES encryption, are not directly compared.]

Response 1- Thank you for pointing this out. We agree this comment. Therefore, we added the details that follow in section 1.3. Contributions.

 

Watermarks are embedded marks that indicate ownership and deter unauthorized distribution. It helps indicate ownership of content and discourage unauthorized copying or distribution. However, watermarking procedures introduce alterations to original data, which may render such data unreliable for use as forensic or legal evidence. An invisible watermark is embedded within the content in a way that is not readily visible. Our experiment focuses primarily on feature extraction from the original image data.

 

AES (Advanced Encryption Standard) is a symmetric-key encryption algorithm widely used to secure data. In AES, the same key is used for both encryption and decryption. AES is considered highly secure and resistant to various forms of cryptographic attacks.

The main objective of the paper, which is image authenticity verification, is a key requirement in the selection of the applied technology. While AES provides block-based symmetric key encryption and decryption functions, it is difficult to perform authenticity verification using AES alone. Additionally, applying AES for fingerprint composition, rather than the entire image, is not suitable.

 

We added the reference for Shamir secure sharing as follows:

  1. Wang, J.; Liu, G.; Lian, S. Security Analysis of Content-Based Watermarking Authentication Framework. In Proceedings of the 2009 International Conference on Multimedia Information Networking and Security, 2009, Vol. 1, pp. 483–487. https://doi.org/10.1109/MINES.2009.181. 494

 

We added the reference for AES as follows:

  1. Miller, F.P.; Vandome, A.F.; McBrewster, J. Advanced Encryption Standard; Alpha Press, 2009.

 

Comment 2- It is recommended to provide a comparative table featuring metrics like security, processing time, and scalability, emphasizing the advantages and limitations of alternative systems

Response 2- Thank you for pointing this out. We agree this comment. Therefore, we added the comparison of hashing algorithms including SHA-256 and SHA-3 in Table 1.

 

 

We added the details that follow in section 2.1. Hash function.

 

 

SHA-256 (Secure Hash Algorithm 256-bit) is a hash function with very strong properties in terms of collision resistance. Collision resistance means that the probability of two different inputs producing the same hash value is extremely low.  In the perspective of preimage resistance, SHA-256 designed to be a one-way function, which means that it is computationally infeasible to reverse the hashing process.   It is a member of the SHA-2 family and produces a 256-bit (32-byte) hash value. The length of a hash value is the difficulty of finding an input that produces a given hash output.

Given an input and its corresponding hash, this refers to the difficulty of finding a different input that produces the same hash output, in terms of second-preimage resistance.

 

SHA-3 (Secure Hash Algorithm 3) is the latest member of the Secure Hash Algorithm family, developed by the National Institute of Standards and Technology (NIST). It is a cryptographic hash function designed to generate a fixed-size output (a hash) from an input of arbitrary size, ensuring data integrity, security, and authentication. SHA-3 supports multiple output lengths, whereas SHA-256 produces a fixed-length output of 256 bits (32 bytes). SHA-3 tends to be slower than SHA-256 in terms of pure hashing speed due to the complexity of the Keccak construction.

SHA-256 is generally faster than SHA-3 in terms of raw performance and computation. It is highly optimized and widely used across many systems and applications. Table \ref{table:hash_functions} summarizes the key parameters and characteristics of SHA-256 and SHA-3 hash functions.

 

 

Comment 3- A notable issue is the absence of discourse regarding the method's limits. At present, section 6 fails to critically evaluate the deficiencies of the suggested solution. One problem that warrants thorough examination is the susceptibility of XOR coding, a method known for its sensitivity to statistical analysis attacks when the seed lacks adequate randomness. It's also not clear how well the method works in attacks that are meant to do harm, like changing the video metadata or replacing the public key.

Response 3- Thank you for pointing this out. We agree this comment. We described the details that follow in 3.2. Delivery scheme. 

The security of the filter depends on the robustness of the seed. The filter used in XOR encoding is constructed using a public key and CID, which may have security vulnerabilities due to the fixed public key and the CID with rules. Here, we strengthened the security system by utilizing SSS (Shamir's Secret Sharing) to construct the public key for seed configuration, thereby preventing access to the public key by untrusted users.

And we added the reference for Shamir secure sharing as follows:

 

  1. Shamir, A. How to share a secret. Commun. ACM 1979, 22, 612–613. https://doi.org/10.1145/359168.359176. 

 

We also added details that follow in 6. Discussion.

In order to mitigate security vulnerabilities, a filter employing XOR encoding will be designed, incorporating Hardware Security Modules (HSMs) for robust cryptographic key management. HSMs, as physical devices, provide a high assurance of security for cryptographic operations, including the generation, storage, and management of cryptographic keys. Both the logger and verifier interact with their respective HSMs to generate a random number, which serves as an input for the filter.

 

Comment 4- [The essay mostly talks about how to measure processing times and doesn't talk about other important metrics for evaluating systems, such as how accurate integrity checks are and how well they protect against intentional data manipulation. No assessments are provided in which the system endeavours to identify the alteration of video frames, such as substituting an original frame with a modified one, omitting a frame from the sequence, or altering the metadata. ]

Response 4- Thank you for pointing this out.  We agree this comment. To handle the integrity of video frames, we modified the overall system structure with logger and verifier in Figure 4. To make clear the workflow of the system, the modified system structure is added the function named “Build hash tree”.  To explain the “Build hash tree” function, we added the details that follow in section 3.2. Delivery scheme:

 

In the integrity verification process of Figure 4, the verified hash value obtained after verifying the video frame is passed to the build hash tree process, which is the hash tree generation process, as input for the construction of the hash tree. The hash tree is then constructed in units of hash tree construction nodes as defined in the configuration. To deliver the verified hash value to the build hash tree process, a message queue, which is an IPC mechanism, is used.

 

Comment 5- [The incorporation of these tests would markedly enhance the scientific validity of the work and amplify its impact. Moreover, the article fails to address the scalability of the method. The efficacy of the proposed technique in cases involving substantial data, such as real-time video surveillance systems with numerous cameras, remains uncertain. Evaluating performance on extensive datasets and during peak traffic situations would be advantageous.]

Response 5- Thank you for pointing this out. We agree your comment about “scalability of the method”. We added the details that follow in section 3.1 System structure design.

Considering the scalability of the system, the verifier will be configured to operate as a container within a Kubernetes environment in a cloud-based infrastructure as part of future work. To handle large-scale hash data, we construct a lightweight hash tree. This lightweight hash tree is designed to perform compression on consecutive duplicate hash values.

Comment 6- [The final section may be enhanced as well. The concluding discussion is overly general and fails to adequately encapsulate the results achieved. The proposed method fails to thoroughly examine potential enhancements for future research, and it proposes no alternative applications beyond video monitoring.]

Response 6- Thank you for pointing this out. We agree your comment. Hence we described the future works to extend the prototype. We added the details that follow in section 7. Conclusions.

A proof-of-concept prototype was developed to demonstrate the efficacy of the proposed encoding scheme. This prototype can be integrated between the sensor data acquisition module and the anomaly detection system within a nuclear power plant's architecture.

Deployed on an edge server, the prototype enhances data integrity, a critical non-functional requirement for mission-critical systems. Furthermore, it ensures the authenticity of data sources through digital signatures. In future work, the prototype will be extended to ensure the determination of digital record authenticity by maintaining the continuity of evidence storage and the linkage between digital records.

Author Response File: Author Response.pdf

Round 2

Reviewer 1 Report

Comments and Suggestions for Authors

all comments were addresses - recommend acceptance

Comments on the Quality of English Language

English is acceptable

Author Response

Manuscript applsci-3525226

Response to Reviewers

 

Thank you for giving us the opportunity to submit a revised draft of the manuscript “Secure delivery method for preserving data integrity of a video frame with sensitive objects” for publication in Applied Sciences. We appreciate the time and effort that you and the reviewers dedicated to providing feedback on our manuscript and are grateful for the insightful comments on and valuable improvements to our paper. We have incorporated most of the suggestions made by the reviewers.  Those changes are updated within the manuscript. Please see below, in red, for a point-by-point response to the reviewers’ comments and concerns. All page numbers refer to the revised manuscript file with tracked changes.

 

Comment 1- [all comments were addresses - recommend acceptance.]

Response 1- N/A

Author Response File: Author Response.docx

Reviewer 2 Report

Comments and Suggestions for Authors

I have reviewed the revised version of the article "Secure delivery method for preserving data integrity of a video frame with sensitive objects" and the response letter to the reviewers. The authors have done a thorough job of integrating the reviewers' requests, expanding various aspects of the manuscript, and improving its scientific completeness. I have confirmed that the comparison with the state of the art has been adequately expanded, with watermarking and AES encryption in the contributions section and a comparative table in hash functions to show the security and performance differences between SHA-256 and SHA-3.
I thought the discussion about the method's flaws was properly expanded. For example, the weaknesses of XOR encoding were thought through, and security solutions like Shamir's Secret Sharing (SSS) and the use of Hardware Security Modules (HSMs) were brought up. The method's ability to detect tampering in videos has also been improved with the introduction of the Build hash tree function, which allows for the identification of any changes in the video frames. Furthermore, the authors addressed the issue of scalability, planning an implementation on Kubernetes and the adoption of an optimized hash tree. The concluding section has been expanded to include a discussion of future developments, such as the integration of the method into the security systems of nuclear power plants.
Overall, the responses to the reviewers were satisfactory, and the improvements made have made the article more solid and comprehensive. However, I observed that the performance evaluation section could enhance its clarity by refining some graphical aspects. In Figure 16, which shows the processing time and the standard error for the logger threads, it would be appropriate to make the labels more readable and include a brief explanation within the figure's caption to clarify the meaning of the measurements. The comparison between CPU and GPU is shown in Figures 15 and 16. To make the results easier to understand, the scales could be made clearer or direct notes could be added to the graphs.
These latest adjustments would make the work even clearer and more accessible, especially for readers interested in quickly understanding the performance of the proposed method. In summary, the article has undergone a significant improvement thanks to the revision and now presents a more complete and solid structure. With some further refinements in the graphical presentation of the results, the manuscript could reach an optimal level for publication.

Author Response

Manuscript applsci-3525226

Response to Reviewers

Thank you for giving us the opportunity to submit a revised draft of the manuscript “Secure delivery method for preserving data integrity of a video frame with sensitive objects” for publication in Applied Sciences. We appreciate the time and effort that you and the reviewers dedicated to providing feedback on our manuscript and are grateful for the insightful comments on and valuable improvements to our paper. We have incorporated most of the suggestions made by the reviewers.  Those changes are updated within the manuscript. Please see below, in red, for a point-by-point response to the reviewers’ comments and concerns. All page numbers refer to the revised manuscript file with tracked changes.

 

Comment 1- [However, I observed that the performance evaluation section could enhance its clarity by refining some graphical aspects. In Figure 16, which shows the processing time and the standard error for the logger threads, it would be appropriate to make the labels more readable and include a brief explanation within the figure's caption to clarify the meaning of the measurements.]

Response 1- Thank you for pointing this out. We agree this comment. Therefore, we added the details that follow in section 5.1. Evaluation of logger thread.

As shown in Figure 15, the image save thread exhibits a higher standard deviation in execution time compared to other threads, indicating high variability in its execution time. This variability arises from the write performance limitations inherent in storage media utilizing microSD cards. To reduce the observed standard deviation, a high-throughput storage medium should be considered. With an average execution time of 31.64 milliseconds, the capture thread meets the 30 frames per second (FPS) performance specification.

 

Comment 2-[ The comparison between CPU and GPU is shown in Figures 15 and 16. To make the results easier to understand, the scales could be made clearer or direct notes could be added to the graphs.]

Response 2- Thank you for pointing this out. We agree this comment.
Therefore, we added the details that follow in section 5.2. Evaluation of Object detection and Encoding.

As seen in Figure 16, the encoding time of the video using the GPU is, on average, 13.59 times faster compared to the CPU. Additionally, the standard deviation is 0.05 ms, confirming excellent processing performance.

I added the unit of execution time, “ms”, to Figure 16. 

Author Response File: Author Response.docx

Back to TopTop