SecureIoT: Robust AI-Driven Cyber Threat Detection for IoT Applications

The cyberattack surface in critical sectors is expanding due to the rapid proliferation of Internet of Things (IoT) devices. Artificial Intelligence (AI) models, such as Deep Neural Networks (DNNs) and Convolutional Neural Networks (CNNs), offer promising capabilities for detecting and classifying cyber threats. However, these models often struggle to generalize to previously unseen attacks after deployment. This study investigates how well different AI techniques can generalize to such novel threats in the presence of class imbalance. We evaluate three data balancing strategies: Generative Adversarial Networks (GAN), Synthetic Minority Over-sampling Technique (SMOTE), and class weighting. Experimental results indicate that DNNs outperform CNNs when provided with identical input data. While each balancing method has distinct advantages and trade-offs, the highest multiclass accuracy of 81.16 % was achieved by a DNN using GAN-augmented data for the previously seen attack types. The best performance on unseen attacks was achieved by a DNN trained with SMOTE, yielding a multiclass accuracy of 51 % among eight classes. The binary classification (benign vs. malicious) results were satisfactory, with DNN using GAN-augmented data achieving an accuracy of 99.20 %. These findings highlight the importance of not only separating data into training and test splits, but also incorporating a “seen vs. unseen” evaluation strategy.