The Internet of Things (IoT) enables real-time sensing, communication, and control across heterogeneous intelligent devices, but its increasing use in Internet of Energy (IoE) environments also introduces significant cybersecurity challenges. To address these issues, this paper proposes an adaptive security framework that integrates machine learning, blockchain-based trust management, and virtualized network functions (VNFs) for intrusion detection and response in decentralized IoT networks. A logistic regression model is first used as a baseline classifier, while non-linear models such as Random Forest and XGBoost are employed to improve detection performance on complex traffic patterns. To address the non-stationary nature of IoT traffic, the framework incorporates an Adaptive Confidence Interval (ACI) mechanism based on Exponentially Weighted Moving Average (EWMA), enabling dynamic threshold adjustment and reducing false alarms. In addition, a blockchain-managed trust scoring system, implemented through smart contracts, supports decentralized node isolation and tamper-resistant trust updates. Containerized intrusion detection functions are further deployed as VNFs to provide scalable and resource-aware protection. The framework is evaluated in a layered manner: UNSW-NB15 is used to establish baseline classifier performance, Edge-IIoTset is used to validate robustness under decentralized IoT traffic and concept drift, and prototype as well as Monte Carlo-based analysis are used to evaluate smart contract overhead, VNF deployment latency, and consensus robustness. The results show that the proposed approach improves detection effectiveness while supporting secure and coordinated response in dynamic IoT environments.
Kulkarni et al. (Wed,) studied this question.