Lightweight Intrusion Detection Systems for IoT–Edge Environments: A PRISMA-ScR Systematic Review of Deployability Evidence and a Unified Assessment Framework

Future internet services are expected to increasingly depend on IoT–edge deployments, in which intrusion detection must operate close to constrained, heterogeneous devices rather than only in cloud or data-center environments. Although the literature focuses on many “lightweight” intrusion detection systems (IDSs), the evidence supporting deployability is uneven and often limited to accuracy-oriented benchmark results. This PRISMA-ScR review, which was cross-checked against the PRISMA 2020 reporting items, synthesizes 78 peer-reviewed studies published between January 2017 and March 2026 and evaluates how they report model compactness, data and preprocessing burden, system placement, hardware measurements, operational robustness, and reproducibility. The reviewers independently screened 1162 deduplicated records and charted the included studies. This review found that architectural compactness is commonly reported, whereas target device latency, runtime memory, measured power or energy, zero-day evaluation, time-aware splitting, and device shift validation remain inconsistent. To make these gaps auditable, this study introduces a five-dimensional deployability framework using log-scale normalization, bounded benefit coding, completeness penalties, scorer agreement checks, and scenario-based sensitivity analysis. The results show that no IDS family dominates across all deployment scenarios: rankings change when hardware constraints or operational robustness receive priority. This review concludes with a benchmark blueprint, reporting protocol, completed PRISMA checklist, and research agenda for deployment-grade IoT–edge IDS studies.

Перевод пока недоступен