Implementation of a Lossless Moving Target Defense Mechanism

Round 1

Reviewer 1 Report

Article looks informative. Please contribute more such to community. 

Update Section 7 title to "Conclusion and Future Work".

Author Response

Dear Reviewer,

We would like to thank for insightful and constructive comments and feedback. They allowed us to improve the form and description of the research presented in the article. We consider that with these changes, the article will better present the topics covered in the article.  

On behalf of the authors,

Piotr Zwierzykowski

Author Response File: Author Response.pdf

Reviewer 2 Report

The article, through its study, proposed MTD technique utilization IP address mutation to minimize cyber security attack over the SDN environment utilizing P4 programming language. I have following comments/opinions.

-       The actual contributions of the work is not clear enough. The study objective does not reflect the title proposed.

-       Please include paper structure/organization in the introduction section with solid contributions in points.

-       Figure 1 only reflects the difference from the architectural perspective, while there are many differences between traditional network Vs SDN. Those differences have to be reflected in the figure or changes the figure caption for its suitability.

-       The focus of the article is on cyber security, hence, in section 2, a detail about the SDN architecture is not needed, since SDN concepts is already recognized as an well-established architecture. Similarly, the operation level of OpenFlow in detail simply increases the paper pages. Focus to security part is more important on this article.

-       Definition 1 and 2, IP address means IPv4 or IPv6? Is the proposed work IP protocol independent? Since Figure 6, Algorithm 1 & 2 indicate that the proposed work was carried out all over IPv4 network. If the work is IP protocol dependent, a case study on IPv6 addressing is more suitable for the latest generation networking security issues, while IPv4 addressing is already obsolete.

-       Can see many typos/grammar error in the manuscript. L90-PSA Architecture …., L109 – Devices Planes ??, L370 – citation missing.

-       Please put algorithm caption above the algorithm.

-       In the performance evaluation, if talking about the convergence time, what about the memory type used for flow table entries. Most of the researches, proposed TCAM memory for faster processing with its compression. Will there be any effect on the convergence time if proposed TCAM memory in this proposed work too?

-       For time complexity analysis, it also relate with the congestion and propagation delay between switches and it has to see from the point of traffic engineering/QoS perspectives.

-       Table 1, all citations missing.

-       Figure 9 shows the linearly increasing convergence time with respect to increasing switch numbers, will that possible for dynamically changing parameters considered for time complexity analysis? Please justify.

-       The conclusion mentioned that “The presented solution is distinguished from other proposed solutions…”, but justification of such statement by relative comparison is not seen.

Extensive English editing required.

Author Response

Dear Reviewer,

We would like to thank for insightful and constructive comments and feedback. They allowed us to improve the form and description of the research presented in the article. We consider that with these changes, the article will better present the topics covered in the article.  

On behalf of the authors,

Piotr Zwierzykowski

Author Response File: Author Response.pdf

Reviewer 3 Report

1. The current abstract is not very adequate in describing the innovative part of the article, and it is recommended that the abstract section be optimized to make the innovative part of the article more prominent, e.g., describing how your approach takes advantage of the properties of SDN networks and the P4 language to model flexibly, and how the modeling part relates to MTD. 

2. "This gives administrators additional time to detect the threat. One such method is Moving Target Defense (MTD),…". MTD is a defense technique, and the previous sentence is about detecting threats, so there is a problem with the logic.

3. Figures and tables in the article should appear below the introductory paragraph or sentence, not all the way at the top of the page, and it is recommended that you refer to the template provided on the journal's official website. 

4. The sentence “The differences between these types are presented in Figure X.” in Page 7. Figure X does not appear in the article.

5. The spacing of some section headings, such as "5. and 5.1." and "6 and 6.1.", is not quite right, and it is recommended that the templates provided by the journals' official websites be referred to.

6. The formulas are recommended to be adjusted by referring to the templates provided on the journal's official website.

7. "Scenario II In this scenario, it is….". Missing punctuation ':'. 

8. The title of 6.2. is the same as the title of 6. It is suggested that the chapter title of 6. be replaced with a summarizing one, such as Experiments. 

9. "Figure 7 compares the convergence times of networks using scenario 1 and 2 for different link bandwidths (10 Gbps and 40 Gbps) and different numbers of switches." The wrong label for the Figure. 

10. Many [?] appear after 16 pages. , please check the document.

11. Can the article add other experiments or introduce other evaluation indicators to prove the effectiveness of the proposed method? Or compare the performance of other methods as a way to prove the advantages of this method. By virtue of the content of Chapter 6 of the article does not visualize the advantages of the method.

12. It is suggested that some updated references be added.

Moderate editing of English language required.

Author Response

Dear Reviewer,

We would like to thank for insightful and constructive comments and feedback. They allowed us to improve the form and description of the research presented in the article. We consider that with these changes, the article will better present the topics covered in the article.  

On behalf of the authors,

Piotr Zwierzykowski

Author Response File: Author Response.pdf

Reviewer 4 Report

Notes about the manuscript
Title: "Implementation of a lossless MTD mechanism "
ID: 2828513
Journal: Electronics
Section: Computer Science & Engineering
Special issue: Cybersecurity and Mobility in 5G and beyond II



In this work, the authors proposes an Moving Target Defense (MTD) technique based on IP address mutations of hosts operating in a protected network. They claims that the proposed solution is based on the features of Software-Defined Networks (SDN) and the Programming Protocol-independent Packet Processors (P4) language, which together allow for extremely flexible modeling of data plane functionalities, and it provides the complete lack of impact of changes in the network structure on the continuity of the services provided.
 

The paper includes the following sections:

Abstract
Keywords

1. Introduction
2. SDN Networks Concept
3. Moving Target Defense
4. Protocol-independent Packet Processors Programming
5. Implementation
   5.1. Environment description
   5.2. Lossless dynamic IP address mutation algorithms
6. Performance evaluation
   6.1. Convergence time
   6.2. Performance evaluation
7. Conclusions and future works
Author Contributions
Funding
Institutional Review Board Statement
Informed Consent Statement
Data Availability Statement
Acknowledgment
Conflicts of interest
References

Comments:

1. The authors should review the writing and presentation quality of their manuscript. Some tipographic and spelling errors have been discovered, for example lines 115, 125, 297, 370, 550, and 559 should be analyzed.
2. The authors should define the acronyms before using them.
3. The whole document needs to be checked because there are some typing, spelling, and orthographic errors. Some sentences and ideas are confusing and in the introduction some statments are repeated (see lines 50 and 69).
4. Direct and concise writing should be used by authors.
5. The authors must be careful when defining a hacker or cracker. The terms are more associated with the technical skills a person develops to penetrate or violate a system,  seeking (cracker) or not (hacker) some benefit for themselves or someone else. This does not mean that they are breaking the law. Rather, it should be said that not everything is criminal, but a they could be criminals if they break the law. (see page 2 lines 38-40).
6. The authors should be clearer in the Abstract, similar to how they describe the claims in the introduction. Boths Section must match.
7. The authors shoudl define that is an SDN device and then an SDN network.
8. This paper lacks a discussion of the state of the art of the topic being addressed. In order for the authors to highlight the contribution they should show a literature review showing what other authors have done in relation to MTD systems.
9. The authors should provide more arguments as to why MTD mechanisms are not available in traditional (no-SDN) networks considering PNA and PSA architectures.
10. The authors should provide information on the hardware required to implement SDN systems.
11. The authors should include in Section 5 the premises or arguments that led them to propose the model described in Fig. 5. They only explain the differences with the PSA architecture, but do not explain the reasons that led them to propose their model.
11. The authors must provide some bibliographic references related to Behavioral Model v.2 (BMv2) and Mininet environment.
12. The authors should emphasize how the asynchronous strategy used in the proposed method works and is defined, which guarantees efficiency in changing the IP address group.
13. Figures 7 and 8 should be close to Alg. 1 and 2 respectively.
14. Section 6 lacks the definition of all the variables used in the case studies considered.
15. Table 1 does not include the bibliographic references. It is not close to the paragraph that mentions it.
16. The authors must provide results from simulations performed on an appropriate simulation platform to confirm, for the considered case studies, that equations (6) and (7) calculating the convergence times are correct.
17. The preparation time shown in Fig. 10 seems be very long for a real case. The authors should explain that these times are appropiate.
18. This work lacks an adequate experimental or simulation case study to confirm the reported results.
19. The authors should explain how their work can be considered to be within the scope of the journal Electronics.

The authors should review the writing and presentation quality of their manuscript. Some tipographic and spelling errors have been discovered.

Author Response

Dear Reviewer,

We would like to thank for insightful and constructive comments and feedback. They allowed us to improve the form and description of the research presented in the article. We consider that with these changes, the article will better present the topics covered in the article.  

On behalf of the authors,

Piotr Zwierzykowski

Author Response File: Author Response.pdf

Reviewer 5 Report

> Require more Lit. Review. Only 10 peer reviewed articles used in this article. 

Author Response

Dear Reviewer,

We would like to thank for insightful and constructive comments and feedback. They allowed us to improve the form and description of the research presented in the article. We consider that with these changes, the article will better present the topics covered in the article.  

On behalf of the authors,

Piotr Zwierzykowski

Author Response File: Author Response.pdf

Round 2

Reviewer 2 Report

The refined work with comments/address are justifiable.

minor proof reading required.

Reviewer 3 Report

The paper requires minor editing of English language.

The paper requires minor editing of English language.

Reviewer 4 Report

Comments:

1. Ok.
2. Ok.
3. Ok.
4. Ok.
5. Ok.
6. Ok.
7. Ok.
8. Ok.
9. Ok.
10. Ok.
11. Ok.
11. Ok.
12. Ok.
13. Ok.
14. Ok.
15. Ok.
16. Ok.
17. Ok.
18. Ok.
19. Ok.

It is recommended that the English wording be thoroughly revised.