Architectural Threats to Security and Privacy: A Challenge for Internet of Things (IoT) Applications
, Sayed Fayaz Ahmad 4, Nur Agus Salim 5 and Nasir Khan 6
Round 1
Reviewer 1 Report
1. The contribution is not stated clearly.
2. The choice of parameters used in the algorithm is not well justified.
3. A deep and detailed comparison with other methods is mandatory.
4. The authors claim that their method is faster and more efficient, but this is not rigorously demonstrated since it is applied just for a particular case.
5. What do you mean by experimental validation? Where the data exactly comes from, what is their reliability and accuracy for which model? Please address this important point seriously. Authors must cite the following papers;
Overall the quality of this paper is very good.
I recommend this paper. Authors must cite the following papers:
Alrashed, Fahad Abdulaziz, Abdulrahman M. Alsubiheen, Hessah Alshammari, Sarah Ismail Mazi, Sara Abou Al-Saud, Samha Alayoubi, Shaji John Kachanathu et al. "Stress, Anxiety, and Depression in Pre-Clinical Medical Students: Prevalence and Association with Sleep Disorders." Sustainability 14, no. 18 (2022): 11320.
Ahmad, F., Shahid, M., Alam, M., Ashraf, Z., Sajid, M., Kotecha, K., & Dhiman, G. (2022). Levelized Multiple Workflow Allocation Strategy under Precedence Constraints with Task Merging in IaaS Cloud Environment. IEEE Access.
Singamaneni, K. K., Dhiman, G., Juneja, S., Muhammad, G., AlQahtani, S. A., & Zaki, J. (2022). A Novel QKD Approach to Enhance IIOT Privacy and Computational Knacks. Sensors, 22(18), 6741.
Chatterjee, I. (2021). Artificial Intelligence and Patentability: Review and Discussions. International Journal of Modern Research, 1, 15-21.
Vaishnav, P.K., Sharma, S., & Sharma, P. (2021). Analytical Review Analysis for Screening COVID-19. International Journal of Modern Research, 1, 22-29.
Gupta, V. K., Shukla, S. K., & Rawat, R. S. (2022). Crime tracking system and people’s safety in India using machine learning approaches. International Journal of Modern Research, 2(1), 1-7.
Sharma, T., Nair, R., & Gomathi, S. (2022). Breast Cancer Image Classification using Transfer Learning and Convolutional Neural Network. International Journal of Modern Research, 2(1), 8-16.
Shukla, S. K., Gupta, V. K., Joshi, K., Gupta, A., & Singh, M. K. (2022). Self-aware Execution Environment Model (SAE2) for the Performance Improvement of Multicore Systems. International Journal of Modern Research, 2(1), 17-27
6. The authors should provide other applications of the proposed algorithm.
7. To demonstrate the effectiveness of the proposed algorithm a real experimental validation is mandatory for a rigorous and accurate comparison and validation.
8. Please discuss the performance of the technique for real-time applications?
9. Specify the limitations and drawbacks of the proposed method.
10. The conclusion must be rewritten.
Author Response
Response to Reviewer 1 Comments
It is humbly requested that the following review provided about my manuscript is not related to my work and may be forwarded mistakenly to me. You are hereby requested to please check it.
Point 1: The contribution is not stated clearly.
Response 1: Not related to my manuscript, please
Point 2: The choice of parameters used in the algorithm is not well justified.
Response 2: Not related to my manuscript, please
Point 3: A deep and detailed comparison with other methods is mandatory
Response 3: Not related to my manuscript, please
Point 4: The authors claim that their method is faster and more efficient, but this is not rigorously demonstrated since it is applied just to a particular case
Response 4: Not related to my manuscript, please
Point 5: What do you mean by experimental validation? Where the data exactly come from, and what is their reliability and accuracy for which model? Please address this important point seriously. Authors must cite the following papers;
Response 5: Not related to my manuscript, please
Alrashed, Fahad Abdulaziz, Abdulrahman M. Alsubiheen, Hessah Alshammari, Sarah Ismail Mazi, Sara Abou Al-Saud, Samha Alayoubi, Shaji John Kachanathu et al. "Stress, Anxiety, and Depression in Pre-Clinical Medical Students: Prevalence and Association with Sleep Disorders." Sustainability 14, no. 18 (2022): 11320.
Ahmad, F., Shahid, M., Alam, M., Ashraf, Z., Sajid, M., Kotecha, K., & Dhiman, G. (2022). Levelized Multiple Workflow Allocation Strategy under Precedence Constraints with Task Merging in IaaS Cloud Environment. IEEE Access.
Singamaneni, K. K., Dhiman, G., Juneja, S., Muhammad, G., AlQahtani, S. A., & Zaki, J. (2022). A Novel QKD Approach to Enhance IIOT Privacy and Computational Knacks. Sensors, 22(18), 6741.
Chatterjee, I. (2021). Artificial Intelligence and Patentability: Review and Discussions. International Journal of Modern Research, 1, 15-21.
Vaishnav, P.K., Sharma, S., & Sharma, P. (2021). Analytical Review Analysis for Screening COVID-19. International Journal of Modern Research, 1, 22-29.
Gupta, V. K., Shukla, S. K., & Rawat, R. S. (2022). Crime tracking system and people’s safety in India using machine learning approaches. International Journal of Modern Research, 2(1), 1-7.
Sharma, T., Nair, R., & Gomathi, S. (2022). Breast Cancer Image Classification using Transfer Learning and Convolutional Neural Network. International Journal of Modern Research, 2(1), 8-16.
Shukla, S. K., Gupta, V. K., Joshi, K., Gupta, A., & Singh, M. K. (2022). Self-aware Execution Environment Model (SAE2) for the Performance Improvement of Multicore Systems. International Journal of Modern Research, 2(1), 17-27
Point 6: The authors should provide other applications of the proposed algorithm.
Response 6: Not related to my manuscript, please
Point 7: To demonstrate the effectiveness of the proposed algorithm a real experimental validation is mandatory for a rigorous and accurate comparison and validation.
Response 7: Not related to my manuscript, please
Point 8: Please discuss the performance of the technique for real-time applications?
Response 8: Not related to my manuscript, please
Point 9: Specify the limitations and drawbacks of the proposed method.
Response 9: Not related to my manuscript, please
Point 10: The conclusion must be rewritten.
Response 10: Not related to my manuscript, please
Author Response File: 
Author Response.docx
Reviewer 2 Report
This paper targets IoT applications, and presents a general overview of the layered architecture of IoT and the security and privacy issues of the IoT system. The different security threats and vulnerabilities are discussed and the security challenges are reviewed as well.
Overall, the paper presents a comprehensive view on IoT architecture and its security issues. However, there are some concerns and it is advised to address them.
First, it is advised to discuss the organization of this paper at the end of the Sec. Introduction, which will benefit the readers for following the paper.
Second, regarding IoT architecture, why is IoT classified into such three layers? Please briefly justify it.
Third, as the paper discusses the Security Threats & Vulnerabilities in IoT according to the architecture/layered structures, it is advised to discuss the Security Challenges of IoT according to the IoT architecture/layered structures as well.
Forth, regarding each security threats and challenges in Sec. IV and V, it is advised to nominate each of them as a subsection.
Fifth, it is advised to discuss the related work doi.org/10.3390/su141912409, which discusses the security challenges, issues and solutions in the representative connected vehicles and smart transportation.
Sixth, is there any security threats/challenges across the different layers of IoT architecture?
Author Response
Response to Reviewer 2 Comments
Point 1: First, it is advised to discuss the organization of this paper at the end of the Sec. Introduction, which will benefit the readers for following the paper.
Response 1: The advised organization of the paper is provided in the introduction part of the article.
“This research article is intended to analyze and review the privacy and security issues related to IoT. The paper is organized as below: Section 2 is comprised of the basic architecture of IoT and its layers. In section 3 of the article, smart applications, for instance, home, agriculture, transportation, and healthcare of IoT, and corresponding security issues are identified and examined. In section 4, security threats and vulnerabilities are introduced and confronted with each layer of IoT. In Section 5, the security challenges are classified into seven different classes to elaborate on the threats of IoT with the help of different models. Finally, in section 6 concluding remarks are added.”
Point 2: Second, regarding IoT architecture, why is IoT classified into such three layers? Please briefly justify it.
Response 2: Thanks for this point. It is stated while determining the security and privacy of the internet of things, the division of IoT into the layered structure can greatly help to explain which part of architecture is vulnerable to what type of attacks and what necessary measures should be taken to protect it. That is the reason that IoT is classified into three layers.
Point 3: Third, as the paper discusses the Security Threats & Vulnerabilities in IoT according to the architecture/layered structures, it is advised to discuss the Security Challenges of IoT according to the IoT architecture/layered structures as well.
Response 3: The advised point is incorporated in form of a table as below:
Table 5. Layer-wise security challenges
|
IoT Layers |
Security Challenges |
|
Application Layer |
· Establishment of Privacy protection · Authentication among different devices · Flexibility in terms of framework authorization · Key-Management |
|
Communication |
· Denial of service attack · Encryption of data · Man in the middle attack · Authentication and data access · Creation of communication Session · Availability · Non-Repudiation |
|
Sensing Layer |
· Authentication of the wireless sensory network (WSN) · Confidentiality of network · Integrity · Radio Frequency security issues · Node security and related threats · Creation of Fake node · Node authentication |
Point 4: Forth, regarding each security threat and challenge in Sec. V, it is advised to nominate each of them as a subsection.
Response 4: The mentioned section is divided into sub-section (5.1 to 5.7) as per your valuable advice
Point 5: Fifth, it is advised to discuss the related work doi.org/10.3390/su141912409, which discusses the security challenges, issues, and solutions in the representative connected vehicles and smart transportation.
Response 5: It is stated that the proposed paper has been discussed and cited in sub-section 3.3 Smart transportation, please
Point 6: Sixth, are there any security threats/challenges across the different layers of IoT architecture?
Response 6: The security threats/challenges are discussed in the table provided in point 3 of this review, please.
I would like to extend thanks for pointing out the weakness in my manuscript. I have tried my level best to understand these points and resolve them as per your valued advice. I believe, it will certainly improve the quality of my research work.
Author Response File: Author Response.docx
Reviewer 3 Report
This study demonstrated general overview layered architecture of IoT followed by critical applications with a particular focus on key features of smart homes, smart agriculture, smart transportation, and smart healthcare. From my view, this paper is not well organized and the proposed method is not valuable for this research filed. After reviewed this paper, there are some questions and suggestions as follows.
1. The innovation of the article is very little.
2. There are many spelling and grammatical errors in the article. For example, in the conclusion section: "This article, a brief overview of the internet of things and its associated network followed by the three layers of the architecture of IoT."
3. You must review all significant similar works that have been done. Also, review some of the good recent works that have been done in this area and are more similar to your paper. The conducted studies do not follow the process of the governorship. It is expected that the SLR method was used to review the studies.
4. All figures need to be enhanced in terms of quality and resolution.
5. Some final cosmetic comments:
* Avoid using first person.
* Avoid using abbreviations and acronyms in title, abstract, headings and highlights.
* Please avoid having heading after heading with nothing in between, either merge your headings or provide a small paragraph in between.
* The first time you use an acronym in the text, please write the full name and the acronym in parenthesis. Do not use acronyms in the title, abstract, chapter headings and highlights.
* Are all the images used in this work copyrights free? If not, have the authors obtained proper copyrights permission to re-use them? Please kindly clarify, and this is just to ensure all the figures are fine to be published in this work.
* Also, the list of references should be carefully checked to ensure consistency with between all references and their compliances with the journal policy on referencing.
Author Response
Response to Reviewer 3 Comments
Point 1: The innovation of the article is very little.
Response 1: This article has succinctly summarized and reviewed the security and privacy issues in the layered architecture of the internet of things. It is considered one of the hot topics to identify the security vulnerabilities and challenges of IoT. Section 2 is comprised of the basic architecture of IoT and its layers. In section 3 of the article, smart applications, for instance, home, agriculture, transportation, and healthcare of IoT, and corresponding security issues are identified and examined. In section 4, security threats and vulnerabilities are introduced and confronted with each layer of IoT. In Section 5, the security challenges are classified into seven different classes to elaborate on the threats of IoT with the help of different models. Finally, in section 6 concluding remarks are added
Point 2: There are many spelling and grammatical errors in the article. For example, in the conclusion section: "This article, a brief overview of the internet of things and its associated network followed by the three layers of the architecture of IoT."
Response 2: The spelling and grammatical errors have been thoroughly reviewed and highlighted in the correct form.
Point 3: You must review all significant similar works that have been done. Also, review some of the good recent works that have been done in this area and are more similar to your paper. The conducted studies do not follow the process of the governorship. It is expected that the SLR method was used to review the studies.
Response 3: Incorporated as advised, please
Point 4: All figures need to be enhanced in terms of quality and resolution.
Response 4: All the figures were drawn with enhanced quality and resolution.
Point 5: Some final cosmetic comments:
|
Review |
Response |
|
Avoid using the first person. |
The advised changes have been incorporated. |
|
Avoid using abbreviations and acronyms in the title, abstract, headings, and highlights. |
The advised changes have been incorporated. |
|
Please avoid having heading after heading with nothing in between, either merge your headings or provide a small paragraph in between. |
The whole manuscript is divided into six main sections. Section 3 has three headings of different layers with sufficient explanations. Similarly, the application of IoT is divided into four sub-sections with required details. The merging of sub-headings will create confusion for readers. |
|
* The first time you use an acronym in the text, please write the full name and the acronym in parentheses. Do not use acronyms in the title, abstract, chapter headings, and highlights. |
The advised changes have been incorporated. |
|
* Are all the images used in this work copyrights free? If not, have the authors obtained proper copyright permission to re-use them? Please kindly clarify, and this is just to ensure all the figures are fine to be published in this work. |
It is hereby declared that all images in the manuscript are copyrighted free and fine to be published. |
|
* Also, the list of references should be carefully checked to ensure consistency between all references and their compliance with the journal policy on referencing. |
The references in the manuscript have been rectified and made per journal policy on referencing |
I would like to extend special thanks to you for pointing out weaknesses in my manuscript. I have tried my level best to understand these points and resolve them as per your valued advice. I believe, it will certainly improve the quality of my research work.
Author Response File: Author Response.docx
Round 2
Reviewer 1 Report
I recommend to accept this work.
Reviewer 2 Report
The revised version is significantly improved, and all of my questions are addressed. I recommend this paper to be published.
Reviewer 3 Report
Good revisions have been made in the paper and the revised version has the necessary qualities for acceptance compared to the previous version. In my opinion, the article is acceptable in its current form.
