LDCT-IDS A Lightweight Intrusion Detection System for IoT Networks via Denoising Diffusion Models and Hybrid Convolutional-Transformer Architectur

Malicious traffic is one of the most central hazards in IoT security, and accurately detecting malicious traffic is crucial for maintaining the proper functionality of IoT devices. With recent advancements in artificial intelligence, deep learning models have become powerful tools for classifying malicious traffic, but deep learning models with high floating-point operations for parameters are difficult to deploy because IoT devices are usually resource constrained. In addition, the unbalanced nature of network data poses a great challenge to traffic classification. Addressing the problem from both data generation and intrusion detection aspects, this study presents a novel method based on a deep learning framework that combines a denoising diffusion probabilistic model and a Transformer-enhanced convolutional neural network. For the data generation task, our approach leverages classifier-free guidance within the Denoising Diffusion Probabilistic Model (DDPM) framework. We then systematically evaluate this model against conventional data generation techniques. Our approach achieves superior accuracy and demonstrates a more effective capture of the categorical feature distribution. In the intrusion detection phase, we analyzed the proposed method combining Convolutional Neural Networks with Transformer on two distinct datasets, Edge-IIoTset and CSE-CIC-IDS2018, which achieved 99.92% and 99.28% detection accuracy, respectively. The proposed framework demonstrates its superiority over existing methods, as validated by the experimental results.