The rapid proliferation of Internet of Things (IoT) devices across sectors such as smart homes, healthcare, and industrial automation has significantly increased the attack surface, making IoT networks prime targets for cyberattacks. Traditional Intrusion Detection Systems (IDS) often struggle to balance detection accuracy with the resource constraints inherent in IoT devices. While deep learning-based IDS have shown promise, they are frequently computationally intensive, limiting their applicability in real-time, resource-constrained environments. To address these challenges, we propose a lightweight, two-stage IDS that integrates dynamic, time-aware profiling with a Convolutional Neural Network–Long Short-Term Memory (CNN–LSTM) classifier. This hybrid approach reduces computational overhead while maintaining high detection accuracy. Building upon our previous DLA-ABIDS work, this paper introduces dynamic profiling capabilities and real-time evaluation methodology. The approach is evaluated using the Ton-IoT and Bot-IoT datasets, encompassing diverse normal and malicious traffic scenarios. Experimental results demonstrate that the proposed system achieves a 98% overall accuracy with a 5% false-negative rate, indicating its potential to improve security and resilience in IoT networks.
Kalboussi et al. (Thu,) studied this question.