SPIoT: An Adaptive Federated Sparse Framework for Intrusion Detection in IoT

Download PDF
Open Webpage

Huijia Liang, Jin Yang, Haonan Deng, Dongqing Jia, Yulin Lei

Published: 01 Jan 2026, Last Modified: 26 Mar 2026IEEE Internet of Things JournalEveryoneRevisionsCC BY-SA 4.0
Abstract: The proliferation of Internet of Things (IoT) devices introduces significant security vulnerabilities that traditional centralized intrusion detection systems (IDS) struggle to address due to privacy, resource constraints, and data isolation. Although federated learning (FL) offers a decentralized alternative, it remains limited in handling non-IID data distributions and heterogeneous device capacities. In this work, we propose SPIoT, an adaptive federated sparse learning framework tailored for intrusion detection in IoT environments. SPIoT enables each device to collaboratively train a personalized and lightweight detection model derived from a shared global structure, effectively addressing both statistical and system heterogeneity. The core of SPIoT lies in a feature-driven, input-adaptive model sparsification mechanism, which dynamically generates sub-models based on local data and resource constraints through a device-side feature extractor and control module. To further enhance structural flexibility, SPIoT introduces a hierarchical sparsity budgeting scheme that supports fine-grained control across layers or operator-defined partitions. Extensive experiments on the UNSW-NB15 and CICIoT2023 datasets demonstrate that SPIoT significantly outperforms state-of-the-art centralized and federated baselines in detection accuracy, robustness, and scalability, particularly under extreme heterogeneity. Theoretical analysis further confirms its efficiency in computation, communication, and storage, highlighting its practicality for real-world IoT deployments.