All reviews of published articles are made public. This includes manuscript files, peer review comments, author rebuttals and revised materials. Note: This was optional for articles submitted before 13 February 2023.
Peer reviewers are encouraged (but not required) to provide their names to the authors when submitting their peer review. If they agree to provide their name, then their personal profile page will reflect a public acknowledgment that they performed a review (even if the article is rejected). If the article is accepted, then reviewers who provided their name will be associated with the article itself.
The revised paper is interesting and good to accept.
- A comprehensive and clearer conclusion is included.
- The paper has proper analysis can be shown to prove the strength of the approach.
- The description of the technical details is fine and this lead to improve the quality.
- The references in this manuscript are recent and Included the recent researches in this field.
All comments are resolved.
All comments are resolved.
All comments are resolved.
All comments are resolved.
The paper needs further improvements - the paper methodology should be clarified more. The authentication process should be explained as a flowchart figure.
Also the comments from the reviewers should be considered into account.
All comment seems to be resolved except the following:
• There is a need to explain the authentication problem in more details, some of the IIoT networks are designed in a closed network where they have their own cables and devices and no one outside the network has any access to it, in this case the authentication problem needs to be clarified at what circumstances it is considered an issue. I suggest the authors provide an example to explain when/how the authentication step should be included in the design.
• Authors need to identify the terminologies earlier in the paper such as authentication rate, authentication acceptance false rate, and authentication time.
I think authors should submit a corrected copy that marked all text change in red, it will be easier to see the new updates.
343-347 references and citations are required.
Conclusion is not sufficient, more details should be illustrated in this section.
The author should follow the comments from the reviewers
[# PeerJ Staff Note: Please ensure that all review comments are addressed in a rebuttal letter and any edits or clarifications mentioned in the letter are also inserted into the revised manuscript where appropriate. It is a common mistake to address reviewer questions in the rebuttal letter but not in the revised manuscript. If a reviewer raised a question then your readers will probably have the same question so you should ensure that the manuscript can stand alone without the rebuttal letter. Directions on how to prepare a rebuttal letter can be found at: https://peerj.com/benefits/academic-rebuttal-letters/ #]
1.Use of deep learning models with wsn is good for intrusion detection
2. For authentication and authorisation alone ML/DL are not required, however to minimise the false acceptance rate use of sophisticated algorithms is good technique
3. It is generally preferable to use light weight techniques in wsn/ IoT systems , deep learning is time and resource intensive when it comes to training. If a certain protocol has to be followed for authentication ,violation of it leads to an alarm. To detect this violation an anomaly based model is used . The same can be implemented without a model by simply using a checklist that contains a exhaustive list of items that need to be covered before the device can be safely added to the network. So while the approach of the author seems to be effective for now , better algorithms will keep coming up. To setup an authentication based on checklist mechanism is however time resilient unlike a learning based method. Statistical analysis of data could be useful from time to time , but for wsn lesser data that needs to be processed the better.
4. Deep learning and machine learning models tend to work based on historic data and behaviour . Training the models when planned changes occur in the infrastructure is an operational overhead.
5 gradient based algorithm is not the best approach in security mechanisms as , things need to be as deterministic as possible . Sometimes the position of a sensor or its configuration could be constantly changing in the IWSN . In such a case it's not clear how this system works.
No comments
The English language of the paper is clear and readable.
• There is a need to explain the authentication problem in more details, some of the IIoT networks are designed in a closed network where they have their own cables and devices and no one outside the network has any access to it, in this case the authentication problem needs to be clarified at what circumstances it is considered an issue. I suggest the authors provide an example to explain when/how the authentication step should be included in the design.
• Line 67: “in this paper” is repeated.
• Authors need to identify the terminologies earlier in the paper such as authentication rate, authentication acceptance false rate, and authentication time.
• Figure 1 in the paper should me improved to tell more details about the system model; not much information can be extracted from the figure in its current design.
• Line 213: “the gateway node has to approve the authenticity of the sensors. The gateway node verifies whether the sensor has been tampered with or not in order to guarantee the confidentiality and integrity of the data packets”. Authors are required to identify what the gateway node is, what type of data is gathered, and how the authentication, confidentiality, and integrity of the sensors are being verified?
• Line 220: Extra word “input”
• Figure 2 is meaningless and not clear, E.g., What is the input look like? Etc.,.
• The paper has no example of where their design is applicable.
• Line 237, “The QSAE checks for energy availability, authenticity and authorization of the sensor by employing the quantum readout function to ensure smooth communication between the sensor and the supervisory control unit with a minimum false acceptance rate”. How are the energy availability, authenticity, and authorization verified by the QSAE? Authors should mention that it will be explained in coming sections.
• QRH should be used in full words for the first time then used as a short cut.
The approach of this paper in not fully explained with the technical and theoretical details, more details need to be explained.
• Equation #7 should be Sj0 instead of Si0.
• Line 296: The gradient-associating sensors is not identified anywhere earlier in the paper.
• Equations should be after the parameters are identified for better understanding.
• Why the number of the simulation runs is 10? No explanation of why this value is chosen, in the literature, values converged after 45 runs.
• In all tables, the increase in values gradually with the increase in the number of sensors ; this is intuitively expected and should not be mentioned as a result. However results of optimizations are valid.
All text and materials provided via this peer-review history page are made available under a Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.