Ijraset Journal For Research in Applied Science and Engineering Technology
Authors: Dr. Kamalakshi Naganna, Preethi R, Rakshitha B, Shrusti M, Syed Ashika N
DOI Link: https://doi.org/10.22214/ijraset.2026.82464
Certificate: View Certificate
TherapidexpansionoftheInternetofThings(IoT)hasled to the interconnection of a large number of devices, which has significantly increased exposure to cybersecurity threats Examples include unauthorized entry, data misuse, malicious software, and traffic flooding attacks breaches, and denial-of-service attacks. Traditional intrusion detection systems (IDS) commonly rely on centralized structures and complex machine learning models, which notonlyraiseconcernsaboutdataprivacybutalsolacktransparency indecision-making.Thesechallengeshighlightthenecessityformore secure, efficient, and interpretable intrusion detection solutions. This paper presents a comprehensive survey of a Blockchain-enabled Explainable Artificial Intelligence (XAI) framework aimed at enhancing intrusion detection in IoT environments. The framework explored in this survey unifies three complementary paradigms: This survey synthesizes three intersecting research directions: privacy- preserving model training via federated learning, tamper-evident logging via distributed ledger technology, and post-hoc decision attribution via explainability methods — and evaluates how their combinationaddressesgapsleftbysingle-paradigmapproaches.This combinationis motivatedbypractical gapswe identify across reviewed literature. The survey analyzes existing methods by considering key factors such as detection performance, scalability, and real-world applicability, while also identifying ongoing challenges including computational complexity and data heterogeneity. The findings indicate that the integration of blockchain, federated learning, and explainableAI can greatly enhance the overall performance security, transparency, and reliability of security monitoring systems for detecting attacks in IoT networks. However, further research is mandatory to develop lightweight and scalable solutions suitable for practical deployment.
The Internet of Things (IoT) has become an important technology that connects devices, sensors, and systems for intelligent communication and automation across industries such as healthcare, smart homes, transportation, and industrial automation. However, the rapid growth of IoT networks has increased cybersecurity risks because every connected device can become a potential attack point. Common threats include unauthorized access, malware attacks, data manipulation, and Distributed Denial-of-Service (DDoS) attacks.
Traditional Intrusion Detection Systems (IDS) based on signature and anomaly detection methods can identify known attacks but struggle with new and evolving threats. Additionally, many machine learning-based IDS models lack transparency, making it difficult for security analysts to understand why an alert was generated. This creates trust issues, especially in critical applications such as healthcare and power systems.
To overcome these challenges, advanced technologies such as Explainable Artificial Intelligence (XAI), Federated Learning (FL), and Blockchain are being integrated into IoT security frameworks. XAI improves transparency by explaining model decisions and identifying important features responsible for detecting threats. Federated Learning enables multiple IoT devices to collaboratively train machine learning models without sharing sensitive raw data, improving privacy. Blockchain provides secure and tamper-resistant data storage through decentralized ledger technology.
The proposed research focuses on reviewing recent IoT intrusion detection approaches that combine deep learning, XAI, FL, and blockchain technologies. The goal is to identify existing advantages, limitations, and research gaps while developing secure, scalable, lightweight, and real-time intrusion detection solutions.
Several researchers developed IoT intrusion detection systems using deep learning, federated learning, and explainable AI:
Existing systems show a trade-off between accuracy, efficiency, privacy, and explainability. High-accuracy models usually require significant computing resources, while lightweight models may compromise detection capability. Most existing methods perform well on benchmark datasets but lack real-world testing under dynamic IoT environments.
No single existing system completely solves all major challenges simultaneously. A practical IoT IDS should provide:
This survey examined eight recently published intrusion detectionsystemsforIoTenvironments,eachintegratingoneor more of three complementary technologies: deep learning, federated learning, and explainable AI. The review was motivated by a practical observation: despite strong individual progressineachoftheseareas,noproduction-readysystemhas simultaneously resolved the four core deficiencies that make existingIDSdeploymentsinadequateforrealIoTinfrastructure modelopacity,centraliseddataexposure, tamper-vulnerable audit records, and per-device computational overhead. The comparative analysis in Section IV reveals a consistent patternacrossalleightsystems.Detectionaccuracyonstandard benchmarks is high, ranging from approximately 92% to 99%, andthealgorithmicfoundations—SHAP-basedexplainability, federatedaggregationprotocols,anddeeplearningclassifiers aresufficientlymature.Thebottleneckisnotalgorithmic.It issystems-level.TheevaluationgapidentifiedinSectionIV— cleanbenchmarks,noadversarialstress,nohardwareprofiling is not a property of any individual system but a structural featureoftheentirefieldasof2025.Closingitwillrequirenew evaluation protocols, not new algorithms. or heterogeneous network configurations representative of live deployments. None measures end-to-end alert latency — the time from detection event to analyst notification — despite the fact that fast-escalating attacks such as DDoS amplification can cause irreversible damage within seconds of onset. None quantifies per-device energy consumption, which is a hard deployment constraint on battery-powered IoT endpoints. Among the reviewed systems, only Fatema et al. [7] and Taheri et al. [5] simultaneously address privacy, detection accuracy, and interpretability within a single framework. This makes them the closest existing approximations to the integrated architecture this survey advocates. However, both systems validate exclusively on benchmark data and neither reportshardware-levelperformancemetrics.Theircomplexity arising from the coordination overhead of combining federated aggregation with SHAP computation — remains unquantifiedindeploymentterms,leavingpractitionerswithout the information needed to assess feasibility on constrained devices. Theintegrationofblockchainasatamper-evidentauditlayer, surveyed in related work [12][13][16][30][32], addresses the storage-layer vulnerability that federated and XAI-capable systemsleaveopen. Currentevidencesuggeststhatlightweight blockchain schemes can be implemented on resource- constrainedIoTnodes[16],butnoreviewedpapercombinesall four layers — federated training, blockchain audit, XAI inference, and edge deployment — within a single validated system.Closingthisgapisthemostconsequentialdirectionfor future work in this domain. Three specific research directions follow directly from this survey\'s findings. First, the community needs standardised evaluation protocols that measure detection performance, alert latency,explainabilityfidelity,andenergyconsumptionjointly onphysicalIoThardwareunderliveoradversarially-perturbed traffic — not in isolation on clean benchmarks. Second, lightweight model architectures that preserve the accuracy of systemslike[1]and[4]whileoperatingwithinthememoryand power budgets of constrained edge devices remain an open design problem; the quantization approach in [2] is a partial step,butgeneralisationtolargedynamicnetworkshasnotbeen demonstrated. Third, federated aggregation schemes must be hardened against adversarial participants — poisoning attacks on the shared model are a known vulnerability [9] that none of the eight reviewed systems explicitly defends against. In summary, this survey identifies the primary barrier to practical IoT intrusion detection not as a shortage of accurate models, but as an absence of systems-level evaluation frameworks that treat latency, energy, explainability, and adversarialrobustnessasco-equaldesignconstraintsalongside detection accuracy. Addressing this gap will require closer collaboration between the machine learning, systems security, and IoT hardware communities — and it represents the most impactful open problem in this field as of the time of writing.
[1] M.Tserenkhuu, M. D. Hossain, Y. Taenaka, and Y. Kadobayashi, \"Deep Learning-Based Intrusion Detection with Explainable Feature Selection for SDN-Enabled IoT Environments,\" IEEE Access, vol. 13, pp. 136864–136880, 2025. [2] A.Khan,M.A.Hussain,andF.Anwer,\"LightweightHybrid Deep Learning for IoT Intrusion Detection Combining Bi- LSTM, Genetic Feature Selection, and ExplainableAI,\" IEEE Access, vol. 13, pp. 192451–192470, 2025. [3] M. J. C. S. Reis, \"Privacy-Preserving and Scalable IoT Intrusion Detection via Property Testing and Federated Edge Intelligence,\"IEEEAccess,vol.13,pp.153244–153260,2025. [4] A. Alabbadi and F. Bajaber, \"XAI-Driven Intrusion Detection over Continuous IoT Data Streams Using CNN, DNN, and TabNet,\" Sensors, vol. 25, no. 3, p. 847, 2025. [5] S. Taheri et al., \"Towards Transparent IoT Security: A FederatedLearningFrameworkwithBuilt-InExplainabilityfor Intrusion Detection,\" IEEE Internet of Things Journal, 2025. [6] T. Olanrewaju-George and B. Pranggono, \"Decentralized Intrusion Detection for IoT Using Federated Learning with Supervised and Unsupervised Techniques,\" Journal of Information Security and Applications, vol. 75, 2024. [7] N. Fatema et al., \"FEDXAIIDS: A Privacy-Preserving Intrusion DetectionArchitecture Unifying Federated Learning and SHAP-Based Explainability,\" IEEE Access, 2025. [8] Q. Zhang, C. Yue, X. Dong, G. Du, and D. Wang, \"Blockchain-PoweredLSTM-AttentionHybridModelfor DeviceSituationAwarenessandOn-ChainAnomalyDetection in IIoT,\" Sensors, vol. 25, no. 15, p. 4663, Jul. 2025. [9] H.B.McMahan,E.Moore,D.Ramage,S.Hampson,and [10] B. A. y Arcas, \"Communication-Efficient Learning of Deep Networks from Decentralized Data,\" in Proc. 20th Int. Conf. Artif.Intell.Stat.(AISTATS),FortLauderdale,FL,USA,Apr. 2017, pp. 1273–1282. [11] S. M. Lundberg and S.-I. Lee, \"A Unified Approach to Interpreting Model Predictions,\" in Advances in Neural Information Processing Systems (NeurIPS), vol. 30, 2017, pp. 4765–4774. [12] M. T. Ribeiro, S. Singh, and C. Guestrin, \"\'Why Should I Trust You?\': Explaining the Predictions ofAny Classifier,\" in Proc. 22nd ACM SIGKDD Int. Conf. Knowledge Discovery andDataMining(KDD),SanFrancisco,CA,USA,Aug.2016, pp.1135–1144. [13] Z. A. El Houda, H. Moudoud, B. Brik, and L. Khoukhi, \"Securing Federated Learning Through Blockchain and Explainable AI for Robust Intrusion Detection in IoT Networks,\" in Proc. IEEE INFOCOM Workshops, Hoboken, NJ, USA, May 2023, pp. 1–6. [14] K.Begum,M.A.I.Mozumder,M.-I.Joo,andH.-C.Kim, \"BFLIDS:Blockchain-DrivenFederatedLearningforIntrusion DetectioninIoMTNetworks, \"Sensors,vol.24,no.14, p.4591, Jul. 2024. [15] R.W.Anwar,M.Abrar,A.Salam,andF.Ullah,\"Federated Learning with LSTM for Intrusion Detection in IoT-Based Wireless Sensor Networks: A Multi-Dataset Analysis,\" PeerJ Computer Science, vol. 11, p. e2751, Mar. 2025. [16] R. Baidar, S. Maric, and R. Abbas, \"Hybrid Deep Learning–Federated Learning Powered Intrusion Detection System for IoT/5G Advanced Edge Computing Networks,\" arXiv preprint arXiv:2509.15555, 2025. [17] Y. Mirsky, T. Golomb, and Y. Elovici, \"Lightweight Collaborative Anomaly Detection for the IoT Using Blockchain,\" Journal of Parallel and Distributed Computing, Elsevier, Jun. 2020. [18] A. A. Diro and N. Chilamkurti, \"Distributed Attack DetectionSchemeUsingDeepLearningApproachforInternet ofThings,\" Future Generation Computer Systems, vol. 82, pp. 761–768, 2018. [19] N.MoustafaandJ.Slay,\"UNSW-NB15:AComprehensive Data Set for Network Intrusion Detection Systems,\" in Proc. Military Communications and Information Systems Conf. (MilCIS), Canberra, Australia, Nov. 2015, pp. 1–6. [20] I. Sharafaldin, A. H. Lashkari, and A. A. Ghorbani, \"Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization,\" in Proc. 4th Int. Conf. Information Systems Security and Privacy (ICISSP), Funchal, Madeira, Jan. 2018, pp. 108–116. [21] M.A.Ferrag,L.Maglaras,A.Ahmim,M.Derdour,andH. Janicke, \"RDTIDS: Rules and Decision Tree-Based Intrusion Detection System for Internet-of-Things Networks,\" Future Internet, vol. 12, no. 3, p. 44, 2020. [22] Y. Meidan et al., \"N-BaIoT: Network-Based Detection of IoTBotnetAttacks Using DeepAutoencoders,\" IEEE Pervasive Computing, vol. 17, no. 3, pp. 12–22, Jul.–Sep. 2018. [23] P.Porambage,J.Okwuibe,M.Liyanage,M.Ylianttila,and T.Taleb,\"SurveyonMulti-AccessEdgeComputingforInternet of Things Realization,\" IEEE Communications Surveys & Tutorials, vol. 20, no. 4, pp. 2961–2991, 2018. [24] A. B. Arrieta et al., \"Explainable Artificial Intelligence (XAI): Concepts, Taxonomies, Opportunities and Challenges Toward ResponsibleAI,\" Information Fusion, vol. 58, pp. 82– 115, Jun. 2020. [25] S.Wang,T.Tuor,T.Salonidis,K.K.Leung,C.Makaya,T. He, and K. Chan, \"Adaptive Federated Learning in Resource ConstrainedEdgeComputing,\"IEEEJournalonSelectedAreas in Communications, vol. 37, no. 6, pp. 1205–1221, Jun. 2019. [26] M. Zhao, F. Ge, T. Zhang, and Z. Yuan, \"AntiFraud: A System for Online Credit Card Transaction Fraud Detection Using Machine Learning,\" in Proc. IEEE Int. Conf. Big Data, Washington, DC, USA, Dec. 2019, pp. 5–7. [27] A.Yazdinejad,R.M. Parizi,A.Dehghantanha, Q.Zhang, and K.-K. R. Choo, \"An Energy-Efficient SDN Controller Architecture for IoT Networks With Blockchain-Based Security,\" IEEE Transactions on Services Computing, vol. 13, no. 4, pp. 625–638, Jul.–Aug. 2020. [28] M.A.Ferrag and L. Maglaras, \"DeepCoin:ANovel Deep LearningandBlockchain-BasedEnergyExchangeFramework for Smart Grids,\" IEEE Transactions on Engineering Management, vol. 67, no. 4, pp. 1285–1297, Nov. 2020. [29] X. Zheng, Z. Cai, andY. Li, \"Data Linkage in Smart IoT Systems:A Consideration From a Privacy Perspective,\" IEEE CommunicationsMagazine,vol.56,no.9,pp.55–61,Sep. 2018. [30] F.A.Alaba,M.Othman,I.A.T.Hashem,andF.Alotaibi, \"InternetofThingsSecurity:ASurvey,\"JournalofNetworkand Computer Applications, vol. 88, pp. 10–28, Jun. 2017. [31] O.A. H. Gwassi, O. N. Uçan, and E.A. Navarro, \"Cyber- XAI-Block: An End-to-End Cyber Threat Detection and FL- Based Risk Assessment Framework for IoT-Enabled Smart Organizations Using XAI and Blockchain Technologies,\" Scientific Reports, 2025. [32] S. Sun, L. Zhou, Z.Wang, and L. Han, \"Robust Intrusion Detection Based on Personalized Federated Learning for IoT Environments,\" Computers & Security, 2025.
Copyright © 2026 Dr. Kamalakshi Naganna, Preethi R, Rakshitha B, Shrusti M, Syed Ashika N. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
Paper Id : IJRASET82464
Publish Date : 2026-05-13
ISSN : 2321-9653
Publisher Name : IJRASET
DOI Link : Click Here
Submit Paper Online
