Next Article in Journal
Bioelectrochemical CO2 Reduction to Methane: MES Integration in Biogas Production Processes
Previous Article in Journal
An Algorithm for Scene Text Detection Using Multibox and Semantic Segmentation
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Applied Sciences
Volume 9
Issue 6
10.3390/app9061055
Review Report
applsci-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
Article
Peer-Review Record

A Novel Deep Learning Stack for APT Detection

Appl. Sci. 2019, 9(6), 1055; https://doi.org/10.3390/app9061055
by Tero Bodström * and Timo Hämäläinen
Reviewer 1:
Jongsub Moon
Reviewer 2: Anonymous
Appl. Sci. 2019, 9(6), 1055; https://doi.org/10.3390/app9061055
Submission received: 11 February 2019 / Revised: 8 March 2019 / Accepted: 8 March 2019 / Published: 13 March 2019
(This article belongs to the Section Computing and Artificial Intelligence)

Round 1

Reviewer 1 Report

1.     You should describe a summary of your proposed method and the result of the experiments in the abstract section. Lessen the introduction statements in the abstract section.

2.     I can’t understand the sentence “This way one does not reduce overall complexity nor randomness” in the page 1.

3.     You are recommended to add some sentences which explain the structure of your paper in the latter part of the introduction section.

4.     Some of your proposal such as the data dimension is described in the section 2 (current detection problem). This is not sensible because you should describe only problems of existing methods. You should describe your method in the proposal system.

5.     The sentence that “These issues are solved with multiple sequential neural networks.” Is not correct. This should be changed to “These issues may be solved with multiple sequential neural networks”.

6.     I recommend that the simple suggestion for outlier, data dimension, and so on should be combined into section 3 with another section name like a proposed system. In section 2, there should be only existing systems and you should compare the performance of your proposed system with theses existing system.

7.     Define KT and NT instead of deleting T in line between 189-103.

8.     You should use the RNN instead of LSTM because the LSTM is a cell engine. It is not a deep learning model. The model is RNN

9.     For proposal, you just combined the pre-existing systems. For first layer, you used a SDL or a UDL, for third layer, you used LSTM. In this case, you should define a concrete model with exact parameters for each deep learning model like CNN with the layer numbers.

10.  You just suggested a strategy for the purpose, but, not the methods for the way how.

11.  In experiments, you should show for exact experimental results. You just describe the result only.


Author Response

1) Abstract re-written

2) Added more information, lines 32-35

3) Lines 24-27

4) Fixed as proposed in point 6

5) Fixed as proposed

6) Fixed as proposed

7) Fixed

8) All LSTM are now changed to RNN-LSTM

9) This is a concept paper, information will be available in a next paper

10) This is a concept paper, information will be available in a next paper

11) This is a concept paper, information will be available in a next paper

Author Response File: Author Response.pdf

Reviewer 2 Report

The authors describe how intrusion detection system can detect APT attack by using data mining techniques.

The Abstract looks more like an introduction. It does not provide a brief of the methodological details neither the results of the experiments conducted for the purposes of this study. The author(s) should revisit. Also, I recommend avoiding citation in the abstract.

The evaluation phase needs to be expanded by providing more details and comparison.

My suggestion is also to cite the following paper:

1) Recognizing unexplained behavior in network traffic. In Network Science and Cybersecurity (pp. 39-62). Springer, New York, NY.

2) Privacy-preserving personal data operation on mobile cloud—Chances and challenges over advanced persistent threat. Future Generation Computer Systems, 79, 337-349

Finally, I suggest to perform a linguistic revision and to check the conference format guideliness.

Author Response

1) Abstract re-written

2) For evaluation part,  this is a concept paper, information will be available in a next paper

3) Suggested papers cited, lines 40 - 48

light proof reading has been done


Author Response File: Author Response.pdf

Round 2

Reviewer 1 Report

1.     What is xNy (where x, y is 1 or 2) in between line 142 and 147. First, specify these notations.

2.     Terminology of “Deep Autoencoder” does not exist. Changer this term to “An Autoencoder which consists of deep layers”.

3.     If the layers become deep like 365 in line 154, the deep neural network doesn’t work because the learning doesn’t work in the deeper layers. So, your suggestion doesn’t work for long time periods learning. How would you resolve this problem ?

4.     References should be ordered by Last name. Reference index 2 and index 3 are should be re-located.

5.     The author name in reference should be written with last name first then first name acronym.


Author Response

1) Added explanation to text, lines 139 - 141
2) Changed as requested
3) Added explanation to text, lines 126 - 127 and 141 - 143
4) Fixed as requested
5) Fixed as requested

Light proof reading has been done

Reviewer 2 Report

The authors describe how intrusion detection system can detect APT attack by using data mining techniques. The authors addressed my concerns about the methodological approach..

Author Response

This is a concept paper, empirical test results will be available in a next paper

Light proof reading has been done

Back to TopTop