Next Article in Journal
An Integrated Approach to Cyber Risk Management with Cyber Threat Intelligence Framework to Secure Critical Infrastructure
Next Article in Special Issue
Humans and Automation: Augmenting Security Operation Centers
Previous Article in Journal
Understanding and Classifying Permanent Denial-of-Service Attacks
Previous Article in Special Issue
Incidental Data: A Survey towards Awareness on Privacy-Compromising Data Incidentally Shared on Social Media
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
JCP
Volume 4
Issue 2
10.3390/jcp4020017
Review Report
jcp-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
Article
Peer-Review Record

Mapping Automated Cyber Attack Intelligence to Context-Based Impact on System-Level Goals

J. Cybersecur. Priv. 2024, 4(2), 340-356; https://doi.org/10.3390/jcp4020017
by Pete Burnap 1, Eirini Anthi 1,*, Philipp Reineckea 1, Lowri Williams 1, Fengnian Cao 1, Rakan Aldmoura 1 and Kevin Jones 2
Reviewer 1:
Bob Duncan
Reviewer 2:
Renita Murimi
J. Cybersecur. Priv. 2024, 4(2), 340-356; https://doi.org/10.3390/jcp4020017
Submission received: 27 March 2024 / Revised: 21 May 2024 / Accepted: 31 May 2024 / Published: 6 June 2024
(This article belongs to the Special Issue Data Protection and Privacy)

Round 1

Reviewer 1 Report

Many existing approaches to cyber risk, leave a number of gaps in the methodology, which makes it difficult to adapt automated attack detection systems to cope with the speed of large scale complex attacks. I very much like your approach here, which is thorough, and with meticulous attention to detail and you have clearly thought through every step you propose to take. I sat down and carefully visualised every step you proposed you would take and I have not found any flaw in what you propose. There is no doubt that this work is a success. 

I also appreciate the effort put in to prepare the work to an exceptionally high standard, which takes some serious effort with a team of 7 authors. The thoroughness of the approach leaves me no room to suggest any improvements, since you have already dealt with any necessary gaps. 

The attention to detail evident in your writing is, for me, a very rare event. I often find I need to write a good number of pages of comments and suggestions for improvements. I have read your work every day for a week and there is not a single weakness or improvement I would suggest needs making. During the last 10 years, I do not believe I have ever seen a submission so well polished and finished. 

Author Response

The authors would like to thank the reviewer for their compliments regarding the manuscript.

Reviewer 2 Report

1     The methodology proceeds by assuming an exponential distribution of a device’s operational abilities. This assumption needs to be justified. A different distribution would result in different correlations and ultimately different changes to the probability of goal changes. Instead of using a specific distribution, would it be better to use a generic probability distribution?

The parenthetical content in the first sentence of the abstract is distracting and a bit vague. Rephrasing might help.

2.      Further, in the abstract, it mentions a “Data Science” approach. What exactly is meant by that term?

3.      The last paragraph of the introduction states that, “This paper introduces a novel methodology which determines the severity of a cyberattack in a digital environment (exemplified in a converged IoT/ICS context”. I think that the scope needs to be clearly defined. Does this methodology apply to the IoT context or the broader digital environment? One is a subset of the other.

4.      A diagram or some other visual would be immensely helpful in clarifying how the proposed methodology (Section 3) maps the impact of an attack to system goals, instead of the traditional approach of using failure modes or attack paths.

5.      The paper uses the Dependency Modeling methodology from ODM. What other dependency modeling techniques exist, and why was this methodology chosen over the others?

6.      Figures 11 and 12 would benefit from a higher resolution image.

Author Response

Please see the attachment.

Author Response File: Author Response.pdf

Back to TopTop