Submit to this Journal Review for this Journal Propose a Special Issue

Article Menu

Share Help Cite Discuss in SciProfiles

Open AccessFeature PaperArticle

Peer-Review Record

Exposure of Botnets in Cloud Environment by Expending Trust Model with CANFES Classification Approach

Electronics 2022, 11(15), 2350; https://doi.org/10.3390/electronics11152350

by Nagendra Prabhu Selvaraj¹, Sivakumar Paulraj²

, Parthasarathy Ramadass³, Rajesh Kaluri^4,*

, Mohammad Shorfuzzaman⁵

, Abdulmajeed Alsufyani⁵

and Mueen Uddin⁶

Reviewer 1: Anonymous

Reviewer 2: Anonymous

Reviewer 3:

Sobhan Roshani

Electronics 2022, 11(15), 2350; https://doi.org/10.3390/electronics11152350

Submission received: 22 May 2022 / Revised: 3 July 2022 / Accepted: 13 July 2022 / Published: 28 July 2022

(This article belongs to the Section Computer Science & Engineering)

Round 1

Reviewer 1 Report

1) A motivation of the work with respect the existing commercial anti-virus/malware tools (if any) would be appreciated.

2) The specific aim of the presented work appears not clear; instead, multiple objectives are mentioned spread in the text and this makes the reader confused.

3) The article requires a deep format and formal check as it appears edited without the appropriate care and this makes it annoying to the reader.

4) The article requires a deep english language revision in order to fix: sentences with no subject, verbal forms, expressions, etc. At current state, the reader has difficulties in clearly understanding sections of text.

5) The equations should be clearly explained: are they from literature? (if yes, references are needed) or are they specifically developed for the presented work? What is the meaning of every mathematical variable? Does the simbol "x": stand for a special mathematical operation? Or, is it just the usual algebraic multiplication? (if so, the "x" should be omitted).

6) For tables/figures please use the same style, ordinal numbering or roman cardinal numbering, not a mixture of the two.

7) Please check the captions of tables/figures since there is text resulting from original template document.

Author Response

Response to Reviewer-1:

We are very much grateful for critical observation by respected reviewer(s).

In the following paragraphs we have given the response (Highlighted in red color) along with the comments (Highlighted by blue color) received by the respected reviewer. We request the reviewer to consider our response,

Reviewer 1: electronics-1759547- “Exposure of Botnets in Cloud Environment by Expending Trust Model with CANFES Classification Approach”

Comment 1: 1) A motivation of the work with respect the existing commercial anti-virus/malware tools (if any) would be appreciated.

Response

Thank you very much for summarizing our work and giving us a chance to work on your constructive comments. This shall definitely increase the quality of our paper and I will be try to implement in my future enhancement.

2) The specific aim of the presented work appears not clear; instead, multiple objectives are mentioned spread in the text and this makes the reader confused.

Response

Thank you for this suggestion. This was extremely helpful. As per the suggestion; we have revised the abstract for better readability as follow,

The purpose of this study was to create a multi-layered architecture that could detect a variety of existing and emerging botnets. The goal is to be able to detect a larger range of bots and botnets by relying on building in the capacity to support several techniques called trust model. On this work, the port access verification in trust model is achieved by Heuristic factorizing algorithm which verifies the port accessibility between client-end-user and client server. Further, back-off features are extracted from the particular node and all these structures are trained and categorized with Co-Active Neuro Fuzzy Expert System (CANFES) classifier.

3) The article requires a deep format and formal check as it appears edited without the appropriate care and this makes it annoying to the reader.

Response

Your suggestion has been incorporated throughout the article and up to the best of our ability we have fixed the issues. we have now revised accordingly.

Response

Thank you for this suggestion, we have now revised accordingly.

Response

The symbols are from mathematical operation, each and every symbol has been represented and justified.

6) For tables/figures please use the same style, ordinal numbering or roman cardinal numbering, not a mixture of the two.

Response

Thank you for this suggestion, we have now revised table / figures style.

7) Please check the captions of tables/figures since there is text resulting from original template document.

Response

Thank you for this suggestion, we have now revised table / figures captions.

Reviewer 2 Report

Please see the attached PDF file.

Comments for author File: Comments.pdf

Author Response

Response to Reviewer-2:

We are very much grateful for critical observation by respected reviewer(s).

Reviewer 2: electronics-1759547- “Exposure of Botnets in Cloud Environment by Expending Trust Model with CANFES Classification Approach”

Response

Thank you very much for summarizing our work and giving us a chance to work on your constructive comments. This shall definitely increase the quality of our paper.

Comment 1: The detection methodology is related to botnets of any type, and has nothing to do specifically with cloud platforms. Why this research is related to cloud ?

Response

Thank you very much for summarizing our work and giving us a chance to work on your constructive comments. As per the suggestion; we have revised the content why this research is related to cloud with diagrammatic point of view for better readability

The reason for focusing in cloud, Cloud computing is a way to use the Internet in the daily life of a single machine or single room, using all the tools installed on computers (Fig. 1.b). It is also the ability to use shared computing resources with local servers handling applications. With cloud computing users do not worry about the location and the storage of their data. They just start using the services anywhere and at any time. The main driver of this technology is Virtualization (Hypervisor) and virtual appliance. Here the botnet can act as any suspicious files.

(Source: Jiang, Y et al. 2014)

Figure 1.b. Flow Process of the cloud computing system

Comment 2: Specific comments according to chapters

Abstract:

The abstract is nor clear enough, I suggest to be more precise on the type of attack thar is referred in this paper.

Please be consist. I don’t think you should write the word “Cloud” in the middle of a sentence with capital letter, however, if you do so it should go all over the paper.

Response

Thank you for this suggestion. This was extremely helpful. As per the suggestion; we have revised the abstract for better readability

Comment 3: Introduction:

Already at the beginning you run into your research motivation. This should come later, and here provide the background only.

Having that said, the introduction is to brief.

Response

As per the suggestions, we have introduction section and revised these sections entirely, for better readability.

Comment 4: Related Work:

The sentence “But still research on botnet detection is immature, and need more research 61 to improve data security in cloud computing.” Is a dramatic say and must be supported (or omitted).

Response

Thank you for this suggestion, we have now revised accordingly.

Various botnet detection research has been carried out, and attackers have created their own strategies in emerging bots and botnet attacks. So, more study is needed to increase data security in internet-based usage.

Comment 5: Test is not organized. For example, you say that detection can be categorized inti two categories…, and repeat this say after few sentences.

Response

Your suggestion has been incorporated throughout the manuscript and up to the best of our ability we have fixed the issues. we have now revised as follow,

According to the previous research botnet detection techniques can be classified into two categories honeynets detection view and intrusion detection view [1–3]. Intrusion detection system is further divided into sub-categories into signature based and anomaly based and is described below.

Comment 6: At 2.1 (line 68) add a apace before the “&” sign.

Response

Thank you for this suggestion, we have now revised accordingly.

Honeynets & Honeypots Based Detection System

Comment 7: Wrong sentence (line 69): “The term Honey nets and Honey pots[18] denote the end user devices.”

Response

Thank you for this suggestion, we have now revised accordingly.

Honeynets and Honeypots[18] denote the end user devices. A honeynet is a decoy network that contains one or more honeypots.

Comment 8: Strange and unclear sentence (line 87): “In signature based botnet detection, the malware was the packet sequence or the 87 transportation of the bytes series in seeking network”.

Response

Thank you for this suggestion. This was extremely helpful. As per the suggestion, we have revised the line 87 for better readability

A prominent security mechanism is communication signature detection, which detects bot activity based on predetermined patterns and signatures acquired from well-known bots.

Comment 9: Line 116 to 117 have a wrong line break.

Response

Thank you for this suggestion, we have now revised line 116 to 117 accordingly.

Comment 10: Line 122: not the “author achieved”, but the methodology.

Response

Thank you for this suggestion, we have now revised line 112 accordingly.

The authors applied different machine learning algorithms on the detection process of botnets and the methodology achieved 98.5% of average detection accuracy and 1.2% of false positive rate.

Comment 11: Line 171 wi should be with subscript i.

Response

Thank you for this suggestion, we have now revised accordingly.

Comment 12: Proposed Method:

Line 133-147 belongs to the Introduction section.

Section 3.1 is not clear to the reader. Equations must be explained shortly and not only presented.

Line 205-209 should be presented in a more elegant and readable way like a table.

Figure’s 3 resolution, like all other figures should be improved.

Response

Thanks for your suggestion: “as same response given to the line 133-147, line 205-209.

Comment 13: Result Discussion on Performance Analysis:

Line 162, you cannot start a sentence related to its predecessor title. Same in line 277.

Line 281 refers to Table III, and the table is captioned as Table 3.

In Figure 5m why you suddenly shifted to 3-D ?!

Line 301, the index PDR must be explained.

A major concern: I understood hoe latency was measured, but not how the Detection Rate, which is the most important index was measured.

The title of this section includes the promise to a Discussion, but there is no discussion in this chapter. A discussion must be part of a paper, and raw results are not enough.

Response

Following your query I have briefed the formula,

The latency is computed using the following formula.

??????? = ???? ??????? ??????? ?? ?????? − ??????? ????????? ?? ??????

The detection rate is computed using the following equation,

????????? ????= (No. of malicious requests detected / total numbers of requests sent) ∗ 100%

PDR

The number of packets correctly received in each node of the system is defined as PDR. It is the ratio between number of packets correctly received and the total number of packets sent and it is measured in terms of percentage. It is given in the following equation as,

???= (?????? ?? ??????? ????????? ???????? / ????? ?????? ?? ??????? ????)∗100%

Reviewer 3 Report

In this manuscript, bots affected client end-server in cloud environment is identified using CANFES classification approach, which proposed architecture has good Latency, Malicious Packet Detection Rate, Packet Delivery Ratio (PDR), Energy Availability and Precision. This manuscript can be reconsidered after major modifications listed bellows:

1. The abstract should be revised carefully, with numbers. Parameters should be provided quantitatively in the abstract. The value of the Latency, Malicious Packet Detection Rate, Packet Delivery Ratio (PDR), Energy Availability and Precision parameters should be provided.

2. The main contribution of the proposed work and novelty of design should be provided clearly.

3. The caption of Figure 1. “This is a figure. Schemes follow the same formatting” should be revised.

4-Juranl template should be followed. For example citation in Table 4, 5, 6,7 should be revised and also Subramaniam et al. (2016) , Omar Y et al. (2016), Dilara et al. (2019) and so on should be replaced with [12], [15],….

5- The reference of “Dilara et al. (2016)” not cited in the references section, which should be added.

6- There are a lot of garamerial and typo mistakes in the text should be modified for example

“Dilara et al. (2016). (2019)” in line 294.

7- How the “Packet Delivery Ratio” parameter is obtained in Fig. 6 and Table 5. Add sufficient explanation and related equations about this parameter.

8-The plagiarism index is high many paragraph are copied without any changes, which should be modified.

For example:

Lines: 36-42.

Lines: 102-111.

Lines: 175-208.

Lines: 215-225.

Lines: 262-268.

9. Applied CANFES is not clearly stated. Is there one hidden layer with 10 numbers of neurons? How to find this one hidden layer and these 10 neurons.

This is not acceptable which mentioned “after several level of training to get optimum response”.

10. How weight of neurons are determined. Add sufficient explanations in the revised version of manuscript.

Author Response

Response to Reviewer-3:

We are very much grateful for critical observation by respected reviewer(s).

Reviewer 3: electronics-1759547- “Exposure of Botnets in Cloud Environment by Expending Trust Model with CANFES Classification Approach”

Comment 1: 1. The abstract should be revised carefully, with numbers. Parameters should be provided quantitatively in the abstract. The value of the Latency, Malicious Packet Detection Rate, Packet Delivery Ratio (PDR), Energy Availability and Precision parameters should be provided.

Response

Thank you very much for summarizing our work and giving us a chance to work on your constructive comments.

The latency is computed using the following formula.

??????? = ???? ??????? ??????? ?? ?????? − ??????? ????????? ?? ??????

The detection rate is computed using the following equation,

????????? ????= (No. of malicious requests detected / total numbers of requests sent) ∗ 100%

PDR

???= (?????? ?? ??????? ????????? ???????? / ????? ?????? ?? ??????? ????)∗100%

The computation of energy availability is given in the following equation as,

??= ?????? ??????????? / ????? ??????

Precision

Precision can be calculated using the formula

?????????= [?? / (??+??) ]∗100%

The main contribution of the proposed work and novelty of design should be provided clearly.

Response

Thank you for this suggestion. This was extremely helpful. As per the suggestion; we have revised the abstract for better readability as follow,

(Source: Jiang, Y et al. 2014)

Figure 1.b. Flow Process of the cloud computing system

The caption of Figure 1. “This is a figure. Schemes follow the same formatting” should be revised.

Response

Thank you for this suggestion, we have now revised accordingly. I have changed the figure according to your valuable suggestion,

Figure 1.a. Botnet lifecycle

Response

Thank you for this suggestion, we have now revised Table 4, 5, 6,7 accordingly.

5- The reference of “Dilara et al. (2016)” not cited in the references section, which should be added.

Response

Thank you for this suggestion, we have now revised in the paper.

Dilara, A.; Muttukrishnan R.; Nikos K.; Zarpelão, B., Modelling the Spread of Botnet Malware in IoT-Based Wireless Sensor Networks, Hindawi Security and Communication Networks, 2019; Article ID 3745619, https://doi.org/10.1155/2019/3745619.

6- There are a lot of garamerial and typo mistakes in the text should be modified for example

Response

Your suggestion has been incorporated throughout the manuscript and up to the best of our ability we have fixed the issues. we have now revised accordingly.

7- How the “Packet Delivery Ratio” parameter is obtained in Fig. 6 and Table 5. Add sufficient explanation and related equations about this parameter.

Response

Thank you for this suggestion, we have now revised by adding other suggested performance metrics.

Packet Delivery Ratio (PDR) The number of packets correctly received in each node of the system is defined as PDR. It is the ratio between number of packets correctly received and the total number of packets sent and it is measured in terms of percentage. It is given in the following equation as,

???= (?????? ?? ??????? ????????? ???????? * ????? ?????? ?? ??????? ????) ∗ 100%

8-The plagiarism index is high many paragraph are copied without any changes, which should be modified.

Response

Thank you for this suggestion, we have now revised accordingly..

Applied CANFES is not clearly stated. Is there one hidden layer with 10 numbers of neurons? How to find this one hidden layer and these 10 neurons.

This is not acceptable which mentioned “after several level of training to get optimum response”.

Response

As per the suggestions, we have introduction section and revised these sections entirely, for better readability

CANFES architecture can be operated in two modes as training the input features of the client-end-user requests and produces trained patterns. The similar CANFES architecture is now getting input features from real time client end user requests. These feature set are classified against with trained patterns thus produces classified response either trusty or non-trusty request. This CANFES architecture have inbuilt fuzzy rules as unsupervised form. This architecture has three internal layers where as first layer is input layer which receives input features from the client end user and second layer is hidden layer. Third layer is output layer which is responsible for producing output. Each layer has number of neurons which are trained by weight factor. The internal weights of the CANFES architecture are w1 and w2, which can have the initial values, varies from 0.1 to 0.9.

How weight of neurons are determined. Add sufficient explanations in the revised version of manuscript.

Response

As per the suggestions, we have introduction section and revised these sections entirely, for better readability

In this research work, the initial weights are set to 0.5, after several iterations in order to obtain optimum classification rate. In this research work, CANFES model is designed with 2 input nodes, 10 hidden nodes and one output nodes. The extracted features are used for both training & classification phase. The output produced by this network would be either low or high. Low value indicates that the request from client-end-user is fake and high value indicates that the request from client-end-user is trusty. In Figure 4.2, weights of the fuzzy membership functions are represented by w1 and w2, the fuzzy rules are represented by A1, A2, B1 and B2. In this research work, triangular membership function is used as membership function to activate the neurons.

Round 2

Reviewer 1 Report

-The specific objective of the presented work appears not clear; instead, multiple objectives are mentioned spread in the main text and this makes the reader confused.

-A motivation of the work with respect to the existing commecial anti-virus/malware tools would be appreciated.

-The equations must be explained: are they from literature? (if yes, a reference is needed) or are they developed specifically for the presented work?

-In equation 3: What is the meaning of the letters in it?

-Paragraph 3.3, in its current version, it is unacceptable. As paragraph 3.3 is a core element of the presented work, it should be described with more care; in its current version it is a set of sentences with no motivation and with little meaning (just for an example, lines 256-257: "Third layer is output layer which is responsible for producing output").

-Please specify what is "cloudsim simulator" by providing the appropriated reference.

-Line 280, in the equation n. 12: is that "@" a typo?

-Line 280, in the equation n. 12: please give a clearer explanation about the physical meaning of the elements involved in it.

-Lines 299-300, "For a better cloud environment, the detection rate should be high": please provide an example number for that.

-Lines 333-335 (with Fig. 6), lines 348-352 (with Fig. 7) and lines 364-366 (with Fig. 8): the sentences about the evaluation of the proposed method appear a bit strong to the reader, on the other hand the related figures show moderate differences with respect the other methods. Maybe the reasons should be clarified. More important, given the above sentences, the final sentence in lines 372-377 (Paragraph 5, Conclusions), sounds to the reader too strong and not coherent with the results.

-Lines 355-357: in its current version, this sentence is unaccetapble, it is a sort of tautology.

-The article needs some discussion about limitations of the study and ideas for future enhancements.

-The article requires a check for typos and for a correct formatting of the text. For example, lines 107, 119: the "[6]" is written with a different character size; For example, when an item (like equation, variable, step of the procedure) is introduced please use the ":" (see end of line 182); For example, line 187, "dini": the last "i" should be a subscript.

-Make sure that the text is always with the same line-spacing, as there are different line-spaced blocks of text. For example, lines 243-246 compared to lines after 250; For example, lines 306-307: a different character has been used.

-Please check the captions of tables/figures since some texts from template document of Editor form is still there. For example: Table 5.

-The article requires a deep english language revision in order to fix: sentences with no subject, verbal forms, expressions, subject-verb with singular/plural inconsistencies, and so on. At current state, the reader has difficulties in clearly understanding whole sections of text.

For example, line 57, the block "The reason for focusing in cloud,": what does it mean?

For example, line 81: missing ":" after the word "categories".

For example, lines 82-83.

For example, lines 92: do you mean "its" instead of "their"?

For example, lines 121-124: cannot understand.

For example, lines 130-132: cannot understand.

For example, line 132: what is "UTM"?

For example, lines 133-134: what does this mean?

Author Response

Review comments are updated in the paper

Author Response File: Author Response.pdf

Reviewer 2 Report

I would like to thanks the author for resubmitting this manuscript.

While most of my comments were addressed, I still think that the author did not support the insertion of the Cloud Platform to this paper at the title level. The author supported the importance and the central place of the Cloud in our life, which I agree, however it has to be related to botnet – the issue of this paper. Being important cannot justify any integration, e.g., COVID-19 vaccination is critical, can it be combined into this paper ?! (Sorry for the sarcasm, my intentions are far to be it from hurt, but to demonstrate my claim). While I do think that the paper has some novelty, I found this issue misleading.

Furthermore, the paper must still be better organized, Its not friendly to the reader.

While the author did make some corrections, I found no reason to change my previous review.

Good Luck

Author Response

Review comments are updated in the paper

Author Response File: Author Response.pdf

Reviewer 3 Report

The manuscript is improved, compared to the previous version; however, some modifications should be considered in the manuscript.

- The advantages of the proposed work, compared to “Subramaniam et al.” and “Omar Y et al.” should be emphasized in the result section.

- The four sentences in lines 221-224 can be written in a better way. For example, they can be written in a single sentence as: “If M is Di, then the request received from port i of the client-end-server is affected by bot.”

- Kindly indicate the parts of CANFES network (hidden layer, hidden neurons, input layer, output layer, fuzzy layer, and etc.) in “Figure 3. Architecture of CANFES”

- The quality of figures 1, 2, and 3 should be improved. Also, it is suggested to allocate Figures 1a and 1b next to each other. In addition, kindly Follow the template of the journal for text, equations, tables, and etc.

- The authors should provide their reply in a single pdf file and upload it; several equations and figures cannot be shown in the author reply in the text format.

- The references are not cited in the text in the numerical order. Some references are not cited in the text.

Author Response

Review comments are updated in the paper

Author Response File: Author Response.pdf

Round 3

Reviewer 1 Report

The presented work, as it is, is not mature enough since it lacks:

—clear description of the contribution.

—clear description of the core components of the proposed procedures.

—analysis and comments about experimental results (figures/tables only are not enough). Comments about results with respect to other referenced works are needed. The reader can not appreciate the value of obtained results.

—proper English language, proper structure of sentences and of syntax.

—correct references to proper figures and tables while presenting the obtained results.

—proper text formatting, elimination of all the typos.

Author Response

We are very much grateful for critical observation by the respected reviewer(s).

Comment 1: The presented work, as it is, is not mature enough since it lacks:

clear description of the contribution

Response

Thank you very much for summarizing our work and giving us a chance to work on your constructive comments. In this article, a methodology is developed for identifying and classifying the malicious nodes in network environment, using soft computing approaches. The purpose of this study was to create a multi-layered architecture that could detect a variety of existing and emerging botnets. The goal is to be able to detect a larger range of bots and botnets by relying several techniques called trust model. On this work, the port access verification in trust model is achieved by Heuristic factorizing algorithm which verifies the port accessibility between client-end-user and client server. Further, back-off features are extracted from the particular node and all these structures are trained and categorized with Co-Active Neuro Fuzzy Expert System (CANFES) classifier. Further, link failures are detected using CANFES classification methods, which identify the bot master.

Comment 2: Clear description of the core components of the proposed procedures.

Response

Thank you for this suggestion. This was extremely helpful. As per the suggestion, This architecture can explain the overall work of the core component.

Comments 3: Aanalysis and comments about experimental results (figures/tables only are not enough). Comments about results with respect to other referenced works are needed. The reader can not appreciate the value of obtained results.

Response

Your suggestion has been incorporated throughout the article and up to the best of our ability we have fixed the issues.

The performance of the proposed bots detection system in network environment is analyzed using cloudsim simulator in terms of latency and malicious packets detection rate with respect to number of nodes or computers in network. The proposed system used CANFES classifier which classifies each node in cloud environment into either bot or non-bot node. In cloud environment, the cloud master node receives the data from its surrounding nodes. Then, the proposed classification methodology is applied on these data to classify each node in cloud into either bot or non- bot nodes. This classification results are sent to all other nodes in cloud environment to prevent contact with these detected bots. The proposed methodology is applied on both client and server side. The initial setup of the simulation tool is described in Table 1. The maximum number of packets for each client-end-user used in this research work is 1500 and each node or computer transfers the packets at the rate of 100 kb/s with the energy consumption of 100 mJ per cycle.

Comments 4: Proper English language, proper structure of sentences and of syntax.

Response

Thank you for this suggestion, we have now revised accordingly.

Comments 5: Correct references to proper figures and tables while presenting the obtained results.

Response

Thank you for this suggestion, we have now revised table and figures regarding obtained result.

Comments 6: Proper text formatting, elimination of all the typos.

Response

Your suggestion has been incorporated throughout the article and up to the best of our ability we have fixed the issues. we have now revised accordingly.

Reviewer 2 Report

Again, I would like to thanks the author for resubmitting this manuscript.

The author made some minor changes. To my humble opinion, my precious comments were not answered:

A) The research was not focused to the cloud. The author explained why it is relevant to the cloud, and I conciliate with the explanation, however, it is relevant to other platforms and architectures as well. Please also see my note regarding the “important od the cloud” in the previous review (round 2)

B) The paper is still not organized.

Therefore, I decided not to change my previous review.

Good Luck

Author Response

We are very much grateful for the critical observation by the respected reviewer(s).

Comments 1: The research was not focused on the cloud. The author explained why it is relevant to the cloud, and I conciliate with the explanation, however, it is relevant to other platforms and architectures as well. Please also see my note regarding the “important od the cloud” in the previous review (round 2)

Response

Thank you for this suggestion, we have now revised it accordingly.

The communication between Bots and Masterbots takes place through Hyper Text Transfer Protocol (HTTP) because most of the nodes in the cloud are web applications, and they can be accessed and communicated through the HTTP protocol. The proposed diagram will give a detailed explanation of the suggestion.

The three service models as shown in the below figure include; software as a service (SaaS), platform as a service (PaaS), and Infrastructure as a service (IaaS). SaaS supports application-level services. Examples of services provided by SaaS include Application Programming Interface (API), Graphical User Interface (GUI), operating system, Virtual machine (VM), solution stack, hypervisors, computer and storage, etc. PaaS supports services like solution stack, VM, hypervisor, network, and storage while IaaS supports hypervisor, computers, storage, and network. The cloud models can be deployed in four different clouds: Private clouds, Hybrid clouds, public clouds, and community clouds.

Comments 2: The paper is still not organized.

Response

Your suggestion has been incorporated throughout the article and up to the best of our ability, we have fixed the issues. we have now revised accordingly.

Author Response File: Author Response.docx

Reviewer 3 Report

The manuscript can be accepted after following minor modifications.

- Kindly write the information for nodes and layers in “Figure 4. Architecture of CANFES”

- There are several typos in the manuscripts, which should be corrected.

- The equations should be written in mathematical style. Correct equations 13 and 14.

- The journal template should be considered in the manuscript. For instance, correct Tables2 and 3 borders lines width, correct citations in the text based on the journal format, and etc.

- The references are still not cited in the text in the numerical order.

- The quality of figures 1, 2, 3, and 4 are still poor.

Author Response

We are very much grateful for the critical observation by the respected reviewer(s).

Comments 1: Kindly write the information for nodes and layers in “Figure 4. Architecture of CANFES”

Response

Thank you for this suggestion. This was extremely helpful. As per the suggestion, we have revised accordingly.

This CANFES classification architecture [17] consists of single input layer, 3 number of hidden layers and single output layer. The input layer keeps the number of extracted features and passes this information to the next level hidden layer, which can be constructed by 15 numbers of neurons. The weight level of each neuron in each hidden layer is adaptive and its value is changed in accordance with the input extracted features. The neuron in output layer produces the output pattern by summing up all the index values which are obtained from the previous hidden layer.

Comments 2: There are several typos in the manuscripts, which should be corrected.

Response

Thank you for this suggestion, we have now revised accordingly.

Comments 3: The equations should be written in mathematical style. Correct equations 13 and 14.

Response

Thank you for this suggestion, we have now revised accordingly.

Where

nMalicious = Number of malicious requests detected

nSentPackets = Number of sent packets

Where

nReceivedPackets = Number of received packets

nSentPackets = Number of sent packets

Comments 4: The journal template should be considered in the manuscript. For instance, correct Tables2 and 3 borders lines width, correct citations in the text based on the journal format, and etc.

Response

As per the suggestions, we have revised section and revised sections entirely, for better readability.

Comments 5: The references are still not cited in the text in the numerical order.

Response

Thank you for this suggestion, we have now revised accordingly.

Comments 6: The quality of figures 1, 2, 3, and 4 are still poor.

Response

Thank you for this suggestion. This was extremely helpful. As per the suggestion, we have increased the quality of the figures 1,2,3 and 4.

Author Response File: Author Response.docx

Article Menu

Exposure of Botnets in Cloud Environment by Expending Trust Model with CANFES Classification Approach

Further Information

Guidelines

MDPI Initiatives

Follow MDPI