ABSTRACT The exponential growth of the Internet of Things (IoT) has significantly broadened the attack surface for cyber threats, necessitating robust and adaptive security frameworks. This study introduces a novel suite of hybrid deep learning‐based Intrusion Detection System (IDS) models tailored for large‐scale IoT environments. Specifically, we propose and optimize three IDS models—CNN‐LSTM, GRU‐AE, and Bi‐LSTM‐CNN—leveraging hybrid architectures to address the challenges of real‐time threat detection, computational limitations, and adaptive learning. The models are evaluated on two benchmark datasets, BoT‐IoT and CICIDS2017, achieving average accuracies of 97.8%, 98.3%, and 98.6%, and F1‐scores of 97.5%, 98.1%, and 98.4%, respectively. These results demonstrate a performance improvement of 6%–12% in accuracy and 8%–15% in F1‐score over conventional IDS methods, with false positive rates consistently below 2.5% and detection rates exceeding 98.7%. The proposed models are optimized for lightweight deployment and low‐latency detection, reducing inference time by up to 35% and energy consumption by 22% compared to baseline deep learning models—ensuring feasibility in resource‐constrained environments. Furthermore, the study explores mechanisms for continuous learning, enabling a 15%–20% improvement in adaptability to previously unseen attack patterns. Interpretability is enhanced through the integration of SHAP (SHapley Additive exPlanations) values, with over 92% of critical prediction decisions explained by the top 10 contributing features. A comparative analysis highlights not only performance gains but also the models' robustness, scalability, and resilience under adversarial conditions. The results confirm that the proposed hybrid IDS models offer a scalable, efficient, and interpretable solution for enhancing IoT network security. This work contributes a comprehensive and deployable framework to address the evolving landscape of cyber threats in the IoT ecosystem.
Sagu et al. (Thu,) studied this question.