Lightweight Intrusion Detection System Using a Hybrid CNN and ConvNeXt-Tiny Model for Internet of Things Networks

• URL: http://arxiv.org/abs/2509.06202v1
• Date: Sun, 07 Sep 2025 20:32:38 GMT
• Title: Lightweight Intrusion Detection System Using a Hybrid CNN and ConvNeXt-Tiny Model for Internet of Things Networks
• Authors: Fatemeh Roshanzadeh, Hamid Barati, Ali Barati,
• Abstract summary: We propose a lightweight intrusion detection system (IDS) for IoT environments, leveraging a hybrid model of CNN and ConvNeXt-Tiny.<n>The proposed method is designed to detect and classify different types of network attacks, particularly botnet and malicious traffic, while the lightweight ConvNeXt-Tiny architecture enables effective deployment in resource-constrained devices and networks.
• Score: 1.5803208833562954
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: The rapid expansion of Internet of Things (IoT) systems across various domains such as industry, smart cities, healthcare, manufacturing, and government services has led to a significant increase in security risks, threatening data integrity, confidentiality, and availability. Consequently, ensuring the security and resilience of IoT systems has become a critical requirement. In this paper, we propose a lightweight and efficient intrusion detection system (IDS) for IoT environments, leveraging a hybrid model of CNN and ConvNeXt-Tiny. The proposed method is designed to detect and classify different types of network attacks, particularly botnet and malicious traffic, while the lightweight ConvNeXt-Tiny architecture enables effective deployment in resource-constrained devices and networks. A real-world dataset comprising both benign and malicious network packets collected from practical IoT scenarios was employed in the experiments. The results demonstrate that the proposed method achieves high accuracy while significantly reducing training and inference time compared to more complex models. Specifically, the system attained 99.63% accuracy in the testing phase, 99.67% accuracy in the training phase, and an error rate of 0.0107 across eight classes, while maintaining short response times and low resource consumption. These findings highlight the effectiveness of the proposed method in detecting and classifying attacks in real-world IoT environments, indicating that the lightweight architecture can serve as a practical alternative to complex and resource-intensive approaches in IoT network security.

Related papers

• Unknown Attack Detection in IoT Networks using Large Language Models: A Robust, Data-efficient Approach [5.0363184281919215]
  Existing machine learning approaches rely on large labeled datasets, payload inspection, or closed-set classification.<n>We propose SiamXBERT, a robust and data-efficient Siamese meta-learning framework empowered by a transformer-based language model for unknown attack detection.<n>We show that SiamXBERT consistently outperforms state-of-the-art baselines under both within-dataset and cross-dataset settings.
  arXiv  Detail & Related papers  (2026-02-12T17:15:39Z)
• Multi-Agent Collaborative Intrusion Detection for Low-Altitude Economy IoT: An LLM-Enhanced Agentic AI Framework [60.72591149679355]
  The rapid expansion of low-altitude economy Internet of Things (LAE-IoT) networks has created unprecedented security challenges.<n>Traditional intrusion detection systems fail to tackle the unique characteristics of aerial IoT environments.<n>We introduce a large language model (LLM)-enabled agentic AI framework for enhancing intrusion detection in LAE-IoT networks.
  arXiv  Detail & Related papers  (2026-01-25T12:47:25Z)
• Efficient Asynchronous Federated Evaluation with Strategy Similarity Awareness for Intent-Based Networking in Industrial Internet of Things [42.55497517367321]
  We propose FEIBN, a Federated Evaluation Enhanced Intent-Based Networking framework.<n>We show that SSAFL can improve model accuracy, accelerate model convergence, and reduce the cost by 27.8% with SemiAsyn.
  arXiv  Detail & Related papers  (2025-11-28T09:03:26Z)
• A Novel Ensemble Learning Approach for Enhanced IoT Attack Detection: Redefining Security Paradigms in Connected Systems [1.471773259411406]
  This study presents a novel ensemble learning architecture designed to improve IoT attack detection.<n>The proposed approach applies advanced machine learning techniques, specifically the Extra Trees, along with thorough preprocessing.<n>Results show excellent performance, achieving high recall, accuracy, and precision with very low error rates.
  arXiv  Detail & Related papers  (2025-10-09T11:15:15Z)
• Cyber Attacks Detection, Prevention, and Source Localization in Digital Substation Communication using Hybrid Statistical-Deep Learning [39.58317527488534]
  This paper proposes a novel method using hybrid statistical-deep learning for the detection, prevention, and source localization of IEC 61850 SV injection attacks.<n>It effectively discards malicious SV frames with minimal processing overhead and latency, maintains robustness against communication network latency variation and time-synchronization issues.<n>Results demonstrate the method's suitability for practical deployment in IEC 61850-compliant digital substations.
  arXiv  Detail & Related papers  (2025-07-01T07:38:22Z)
• Efficient IoT Intrusion Detection with an Improved Attention-Based CNN-BiLSTM Architecture [0.2356141385409842]
  This paper presents a compact and efficient approach to detect botnet attacks by employing an integrated approach.<n>The proposed attention-based model achieves 99% classification accuracy in detecting botnet attacks utilizing the N-BaIoT dataset.
  arXiv  Detail & Related papers  (2025-03-25T04:12:14Z)
• A Cutting-Edge Deep Learning Method For Enhancing IoT Security [0.0]
  This paper proposes an innovative design of the Internet of Things (IoT) Environment Intrusion Detection System (or IDS) using Deep Learning-integrated Convolutional Neural Networks (CNN) and Long Short-Term Memory (LSTM) networks. Our model, based on the CICIDS 2017 dataset, achieved an accuracy of 99.52% in classifying network traffic as either benign or malicious.
  arXiv  Detail & Related papers  (2024-06-18T08:42:51Z)
• Lightweight CNN-BiLSTM based Intrusion Detection Systems for Resource-Constrained IoT Devices [38.16309790239142]
  Intrusion Detection Systems (IDSs) have played a significant role in detecting and preventing cyber-attacks within traditional computing systems. The limited computational resources available on Internet of Things (IoT) devices make it challenging to deploy conventional computing-based IDSs. We propose a hybrid CNN architecture composed of a lightweight CNN and bidirectional LSTM (BiLSTM) to enhance the performance of IDS on the UNSW-NB15 dataset.
  arXiv  Detail & Related papers  (2024-06-04T20:36:21Z)
• Effective Intrusion Detection in Heterogeneous Internet-of-Things Networks via Ensemble Knowledge Distillation-based Federated Learning [52.6706505729803]
  We introduce Federated Learning (FL) to collaboratively train a decentralized shared model of Intrusion Detection Systems (IDS) FLEKD enables a more flexible aggregation method than conventional model fusion techniques. Experiment results show that the proposed approach outperforms local training and traditional FL in terms of both speed and performance.
  arXiv  Detail & Related papers  (2024-01-22T14:16:37Z)
• Constrained Twin Variational Auto-Encoder for Intrusion Detection in IoT Systems [30.16714420093091]
  Intrusion detection systems (IDSs) play a critical role in protecting billions of IoT devices from malicious attacks. This article proposes a novel deep neural network/architecture called Constrained Twin Variational Auto-Encoder (CTVAE) CTVAE can boost around 1% in terms of accuracy and Fscore in detection attack compared to the state-of-the-art machine learning and representation learning methods.
  arXiv  Detail & Related papers  (2023-12-05T04:42:04Z)
• Effective Intrusion Detection in Highly Imbalanced IoT Networks with Lightweight S2CGAN-IDS [48.353590166168686]
  Internet of Things (IoT) networks contain benign traffic far more than abnormal traffic, with some rare attacks. Most existing studies have been focused on sacrificing the detection rate of the majority class in order to improve the detection rate of the minority class. We propose a lightweight framework named S2CGAN-IDS to expand the number of minority categories in both data space and feature space.
  arXiv  Detail & Related papers  (2023-06-06T14:19:23Z)
• Automated Identification of Vulnerable Devices in Networks using Traffic Data and Deep Learning [30.536369182792516]
  Device-type identification combined with data from vulnerability databases can pinpoint vulnerable IoT devices in a network. We present and evaluate two deep learning approaches to the reliable IoT device-type identification.
  arXiv  Detail & Related papers  (2021-02-16T14:49:34Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.