The rapid expansion of Internet of Things (IoT) deployments necessitates intrusion detection systems that deliver high detection accuracy, extreme computational efficiency, and transparent decision-making to ensure operational trust. In this work, we propose the Feature Resonance Classifier (FRC), a lightweight neural architecture that integrates attention-based Top-K feature selection with resonance-driven feature interaction modeling, providing native multi-level interpretability without incurring additional computational overhead. FRC demonstrates strong and consistent performance across heterogeneous IoT security benchmarks. On CICIoT2023 (352,218 samples, 46 features), FRC achieves 99.35% binary classification accuracy using only 1,843 parameters and 5.32k FLOPs. On the more challenging RT-IoT2022 dataset (123,117 samples, 84 features, 8 attack classes), FRC attains 99.57% accuracy and 0.9583 F1-macro with 16,621 parameters and 22.5k FLOPs. Compared to CNN and multi-head attention baselines, this corresponds to a 22–48× reduction in parameters, with memory footprints of 7.4 KB (binary) and 66.5 KB (multi-class), enabling direct deployment on resource-constrained devices such as Raspberry Pi and ESP32. Beyond efficiency, FRC delivers three critical operational benefits. First, transparent decision-making reveals that just 12 features account for 80% of discriminative power, while class-specific attention patterns expose distinct attack signatures. Second, intrinsic uncertainty awareness is achieved through attention variance, which differs significantly between correct and incorrect predictions (p = 1.15×10−45), enabling confidence-aware alerting. Third, robustness and stability are demonstrated through consistent feature selection (Spearman ρ = 0.89) and superior resilience under data augmentation (+12.93% F1-macro with SMOTE). With inference times of 0.024–0.077 ms and over 50× fewer FLOPs than CNNs, FRC satisfies the practical requirements of explainability, auditability, and efficiency, enabling trustworthy on-device intrusion detection for large-scale IoT ecosystems. These findings are validated through comprehensive offline evaluation on benchmark datasets.
Farfoura et al. (Mon,) studied this question.