ICCK Journal of Software Engineering Home About Editors Current Issue
-
CiteScore
-
Impact Factor
  1. Home
  2. Journals
  3. ICCK Journal of Software Engineering
  4. Volume 1, Issue 2
IoT Security through ML/DL: Software Engineering Challenges and Directions
Review Article | Published: 02 November 2025
ICCK Journal of Software Engineering Volume 1, Issue 2, 2025: 90-108
Volume 1, Issue 2, ICCK Journal of Software Engineering
Volume 1, Issue 2, 2025
Submit Manuscript Edit a Special Issue
Article QR Code
Article QR Code
Scan the QR code for reading
Popular articles
Case Studies on Integrating Artificial Intelligence in Finance to Transform Decision Making and Risk Management for Enhanced Financial Outcomes Reinforcement Learning for Prompt Optimization in Language Models: A Comprehensive Survey of Methods, Representations, and Evaluation Challenges AI and the Future of Education: Advancing Personalized Learning and Intelligent Tutoring Systems Plant Disease Detection Using Deep Learning Techniques Modeling Brain Functional Networks Using Graph Neural Networks: A Review and Clinical Application Bridging Modalities: A Survey of Cross-Modal Image-Text Retrieval Research on A Ship Trajectory Classification Method Based on Deep Learning Enhancing Fake News Detection with a Hybrid NLP-Machine Learning Framework Acrylamide in Food: Sources and Prevention Analyzing the Translation and Impact of Popular Science Literature in China: A Case Study Approach
ICCK Journal of Software Engineering, Volume 1, Issue 2, 2025: 90-108

Open Access | Review Article | 02 November 2025
IoT Security through ML/DL: Software Engineering Challenges and Directions
by
Haroon Arif Haroon Arif 1
Abdul Karim Sajid Ali Abdul Karim Sajid Ali 1 *
Hussain Abdul Nabi Hussain Abdul Nabi 2
1 College of Computing, Illinois Institute of Technology, Chicago, IL 60616, United States
2 Superior University, Lahore 54000, Pakistan
* Corresponding Author: Abdul Karim Sajid Ali, [email protected]
DOI: 10.62762/JSE.2025.372865
Received: 11 August 2025, Accepted: 20 September 2025, Published: 02 November 2025  
   PDF  (1.96 MB)
Article Metrics Cite This Article
Abstract
The Internet of Things (IoT) is increasingly integrated into modern software-driven systems across consumer, industrial, and healthcare domains. The heterogeneity of IoT devices, combined with their resource constraints, often renders conventional software security mechanisms insufficient, exposing systems to breaches and exploitation. This study examines recent IoT security incidents to illustrate common vulnerabilities in software-intensive IoT ecosystems, highlighting the resulting risks to critical applications. In response, we review emerging machine learning (ML)-driven security modules and deep learning (DL)-based intrusion detection software, positioning them as adaptive components that can be integrated into IoT system architectures. This review highlights recent peer-reviewed contributions, ensuring alignment with the most current developments in IoT security using ML and DL, and follows a systematic review methodology based on IEEE Xplore (2020--2024). The study further identifies software engineering challenges in integrating these intelligent modules into resource-constrained IoT environments and outlines future directions for building secure-by-design, AI-driven IoT software frameworks. Results demonstrate that ML- and DL-enhanced security modules strengthen software resilience by enabling real-time detection of cyber-attacks, reducing false alarms, and adapting to evolving threat landscapes. The review is structured to first discuss notable case studies of IoT security breaches, followed by an analysis of ML- and DL-based security modules, a comparative evaluation of their effectiveness, and finally, a discussion of key challenges and future research opportunities.
Graphical Abstract
IoT Security through ML/DL: Software Engineering Challenges and Directions
Keywords
internet of things (IoT)
cybersecurity
machine learning (ML)
deep learning (DL)
intrusion detection system (IDS)
anomaly detection
IoT security
adversarial attacks
Data Availability Statement
Not applicable.
Funding
This work was supported without any funding.
Conflicts of Interest
The authors declare no conflicts of interest.
Ethical Approval and Consent to Participate
Not applicable.
References
  1. Rachakonda, L. P., Siddula, M., Sathya, V. (2024). A comprehensive study on IoT privacy and security challenges with focus on spectrum sharing in Next-Generation networks (5G/6G/beyond). High-Confidence Computing, 4(2), 100220.
    [CrossRef]   [Google Scholar]
  2. Sahu, S. K., Mazumdar, K. (2024). Exploring security threats and solutions Techniques for Internet of Things (IoT): from vulnerabilities to vigilance. Frontiers in Artificial Intelligence, 7, 1397480.
    [CrossRef]   [Google Scholar]
  3. Awad, A. I., Babu, A., Barka, E., Shuaib, K. (2024). AI-powered biometrics for Internet of Things security: A review and future vision. Journal of Information Security and Applications, 82, 103748.
    [CrossRef]   [Google Scholar]
  4. Baral, S., Saha, S., Haque, A. (2024, November). An Adaptive End-to-End IoT Security Framework Using Explainable AI and LLMs. In 2024 IEEE 10th World Forum on Internet of Things (WF-IoT) (pp. 469-474). IEEE.
    [CrossRef]   [Google Scholar]
  5. Humayun, M., Tariq, N., Alfayad, M., Zakwan, M., Alwakid, G., Assiri, M. (2024). Securing the Internet of Things in artificial intelligence era: A comprehensive survey. IEEE access, 12, 25469-25490.
    [CrossRef]   [Google Scholar]
  6. Al-Shurbaji, T., Anbar, M., Manickam, S., Hasbullah, I. H., ALfriehate, N., Alabsi, B. A., ... Hashim, H. (2025). Deep learning-based intrusion detection system for detecting IoT botnet attacks: a review. IEEE Access.
    [CrossRef]   [Google Scholar]
  7. Attkan, A., Ranga, V. (2022). Cyber-physical security for IoT networks: a comprehensive review on traditional, blockchain and artificial intelligence based key-security. Complex Intelligent Systems, 8(4), 3559-3591.
    [CrossRef]   [Google Scholar]
  8. Villegas-Ch, W., Govea, J., Gurierrez, R., Mera-Navarrete, A. (2025). Optimizing security in IoT ecosystems using hybrid artificial intelligence and blockchain models: a scalable and efficient approach for threat detection. IEEE Access.
    [CrossRef]   [Google Scholar]
  9. Al-Garadi, M. A., Mohamed, A., Al-Ali, A. K., Du, X., Ali, I., Guizani, M. (2020). A survey of machine and deep learning methods for internet of things (IoT) security. IEEE communications surveys tutorials, 22(3), 1646-1685.
    [CrossRef]   [Google Scholar]
  10. Desanamukula, V. S., Priyadarshini, M. A., Srilatha, D., Rao, K. V., Kumari, R. L., Vivek, K. (2023, July). A Comprehensive Analysis of Machine Learning and Deep Learning Approaches towards IoT Security. In 2023 4th International Conference on Electronics and Sustainable Communication Systems (ICESC) (pp. 1165-1168). IEEE.
    [CrossRef]   [Google Scholar]
  11. Chen, F., Luo, D., Li, J., Leung, V. C., Li, S., Fan, J. (2022). Arm PSA-certified IoT chip security: a case study. Tsinghua Science and Technology, 28(2), 244-257.
    [CrossRef]   [Google Scholar]
  12. Xenofontos, C., Zografopoulos, I., Konstantinou, C., Jolfaei, A., Khan, M. K., Choo, K. K. R. (2021). Consumer, commercial, and industrial iot (in) security: Attack taxonomy and case studies. IEEE Internet of Things Journal, 9(1), 199-221.
    [CrossRef]   [Google Scholar]
  13. Rajendran, R. K. (2025). Data Privacy and Security Risks in Third-Party App Integrations. In Analyzing Privacy and Security Difficulties in Social Media: New Challenges and Solutions (pp. 311-334). IGI Global Scientific Publishing.
    [CrossRef]   [Google Scholar]
  14. Fazeldehkordi, E., Owe, O., Noll, J. (2019, May). Security and privacy in IoT systems: a case study of healthcare products. In 2019 13th International Symposium on Medical Information and Communication Technology (ISMICT) (pp. 1-8). IEEE.
    [CrossRef]   [Google Scholar]
  15. Sharma, P., Jain, S., Gupta, S., Chamola, V. (2021). Role of machine learning and deep learning in securing 5G-driven industrial IoT applications. Ad Hoc Networks, 123, 102685.
    [CrossRef]   [Google Scholar]
  16. Sánchez, P. M. S., Celdrán, A. H., Bovet, G., Pérez, G. M. (2024). Adversarial attacks and defenses on ML-and hardware-based IoT device fingerprinting and identification. Future Generation Computer Systems, 152, 30-42.
    [CrossRef]   [Google Scholar]
  17. Haghighi, M. S., Farivar, F., Jolfaei, A. (2020). A machine-learning-based approach to build zero-false-positive IPSs for industrial IoT and CPS with a case study on power grids security. IEEE Transactions on Industry Applications, 60(1), 920-928.
    [CrossRef]   [Google Scholar]
  18. Makkar, A., Garg, S., Kumar, N., Hossain, M. S., Ghoneim, A., Alrashoud, M. (2020). An efficient spam detection technique for IoT devices using machine learning. IEEE Transactions on Industrial Informatics, 17(2), 903-912.
    [CrossRef]   [Google Scholar]
  19. Da Cruz, M. A., Abbade, L. R., Lorenz, P., Mafra, S. B., Rodrigues, J. J. (2022). Detecting compromised IoT devices through XGBoost. IEEE transactions on intelligent transportation systems, 24(12), 15392-15399.
    [CrossRef]   [Google Scholar]
  20. Renjith, G., Vinod, P., Aji, S. (2022). Evading machine-learning-based Android malware detector for IoT devices. IEEE Systems Journal, 17(2), 2745-2755.
    [CrossRef]   [Google Scholar]
  21. Ali, A., Akram, M. A., Farooq, W., Ali, M., Nazir, M., Muhammad, A., Mazhar, T. (2025). MalwareVison: A Deep Learning-Driven Approach For Malware Classification. Journal of Computing Biomedical Informatics, 8(02).
    [Google Scholar]
  22. Chavhan, G. S., Rautkar, A., Prithviraj, J., Agrawal, R., Chavhan, N., Dhule, C. (2023, November). Machine learning for 5G security using random forest. In 2023 International Conference on Advances in Computation, Communication and Information Technology (ICAICCIT) (pp. 544-549). IEEE.
    [CrossRef]   [Google Scholar]
  23. Subathra, K., Vignesh, G. R., Babu, S. T., Mendhe, D., kumar Yada, R., Maranan, R. (2024, April). Secure Data Transmission in IoT Networks: A Machine Learning-Based Approach. In 2024 Ninth International Conference on Science Technology Engineering and Mathematics (ICONSTEM) (pp. 1-5). IEEE.
    [CrossRef]   [Google Scholar]
  24. Mahmood, M. A., Zeki, A. M. (2020, September). Securing IOT against DDOS attacks using machine learning. In IET Conference Proceedings CP777 (Vol. 2020, No. 6, pp. 471-476). Stevenage, UK: The Institution of Engineering and Technology.
    [CrossRef]   [Google Scholar]
  25. Luqman, M., Zeeshan, M., Riaz, Q., Hussain, M., Tahir, H., Mazhar, N., Khan, M. S. (2025). Intelligent parameter-based in-network IDS for IoT using UNSW-NB15 and BoT-IoT datasets. Journal of the Franklin Institute, 362(1), 107440.
    [CrossRef]   [Google Scholar]
  26. Kumar, P. M., Kavin, B. P., Jagathpally, A., Shahwar, T. (2025, February). Transforming the cybersecurity space of healthcare IoT devices using Deep Learning. In 2025 IEEE 4th International Conference on AI in Cybersecurity (ICAIC) (pp. 1-6). IEEE.
    [CrossRef]   [Google Scholar]
  27. Koroniotis, N., Moustafa, N., Turnbull, B., Schiliro, F., Gauravaram, P., Janicke, H. (2021, October). A deep learning-based penetration testing framework for vulnerability identification in internet of things environments. In 2021 IEEE 20th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom) (pp. 887-894). IEEE.
    [CrossRef]   [Google Scholar]
  28. Kim, T. H., Srinivasulu, A., Chinthaginjala, R., Dhakshayani, J., Zhao, X., Obaidur Rab, S. (2025). Enhancing cybersecurity through script development using machine and deep learning for advanced threat mitigation. Scientific Reports, 15(1), 8297.
    [CrossRef]   [Google Scholar]
  29. Jablaoui, R., Liouane, N. (2024, May). An effective deep CNN-LSTM based intrusion detection system for network security. In 2024 International Conference on Control, Automation and Diagnosis (ICCAD) (pp. 1-6). IEEE.
    [CrossRef]   [Google Scholar]
  30. Nguyen, T. T., Reddi, V. J. (2021). Deep reinforcement learning for cyber security. IEEE Transactions on Neural Networks and Learning Systems, 34(8), 3779-3795.
    [CrossRef]   [Google Scholar]
  31. Khoa, T. V., Hoang, D. T., Trung, N. L., Nguyen, C. T., Quynh, T. T. T., Nguyen, D. N., ... Dutkiewicz, E. (2022). Deep transfer learning: A novel collaborative learning model for cyberattack detection systems in IoT networks. IEEE Internet of Things Journal, 10(10), 8578-8589.
    [CrossRef]   [Google Scholar]
  32. Javed, A., Malhi, A., Kinnunen, T., Främling, K. (2020). Scalable IoT platform for heterogeneous devices in smart environments. IEEE access, 8, 211973-211985.
    [CrossRef]   [Google Scholar]
  33. Racherla, S., Sripathi, P., Faruqui, N., Kabir, M. A., Whaiduzzaman, M., Shah, S. A. (2024). Deep-IDS: A real-time intrusion detector for IoT nodes using deep learning. IEEE Access, 12, 63584-63597.
    [CrossRef]   [Google Scholar]
  34. Gueriani, A., Kheddar, H., Mazari, A. C. (2024, April). Enhancing iot security with cnn and lstm-based intrusion detection systems. In 2024 6th International Conference on Pattern Analysis and Intelligent Systems (PAIS) (pp. 1-7). IEEE.
    [CrossRef]   [Google Scholar]
  35. Dritsas, E., Trigka, M. (2025). A survey on the applications of cloud computing in the industrial internet of things. Big data and cognitive computing, 9(2), 44.
    [CrossRef]   [Google Scholar]
  36. Ray, P. P. (2023). An overview of WebAssembly for IoT: Background, tools, state-of-the-art, challenges, and future directions. Future Internet, 15(8), 275.
    [CrossRef]   [Google Scholar]
  37. Mishra, R., Mishra, A. (2025). Current research on Internet of Things (IoT) security protocols: A survey. Computers Security, 104310.
    [CrossRef]   [Google Scholar]
  38. Ni, C., Li, S. C. (2024). Machine learning enabled industrial iot security: Challenges, trends and solutions. Journal of Industrial Information Integration, 38, 100549.
    [CrossRef]   [Google Scholar]
  39. Halgamuge, M. N., Niyato, D. (2025). Adaptive edge security framework for dynamic IoT security policies in diverse environments. Computers Security, 148, 104128.
    [CrossRef]   [Google Scholar]
  40. Rehman, Z., Gondal, I., Ge, M., Dong, H., Gregory, M., Tari, Z. (2024). Proactive defense mechanism: Enhancing IoT security through diversity-based moving target defense and cyber deception. Computers Security, 139, 103685.
    [CrossRef]   [Google Scholar]
  41. Alwahedi, F., Aldhaheri, A., Ferrag, M. A., Battah, A., Tihanyi, N. (2024). Machine learning techniques for IoT security: Current research and future vision with generative AI and large language models. Internet of Things and Cyber-Physical Systems, 4, 167-185.
    [CrossRef]   [Google Scholar]
Cite This Article
APA Style
Arif, H., Ali, A. K. S., & Nabi, H. A. (2025). IoT Security through ML/DL: Software Engineering Challenges and Directions. ICCK Journal of Software Engineering, 1(2), 90–108. https://doi.org/10.62762/JSE.2025.372865
Export Citation
RIS Format
Compatible with EndNote, Zotero, Mendeley, and other reference managers
RIS format data for reference managers
TY  - JOUR
AU  - Arif, Haroon
AU  - Ali, Abdul Karim Sajid
AU  - Nabi, Hussain Abdul
PY  - 2025
DA  - 2025/11/02
TI  - IoT Security through ML/DL: Software Engineering Challenges and Directions
JO  - ICCK Journal of Software Engineering
T2  - ICCK Journal of Software Engineering
JF  - ICCK Journal of Software Engineering
VL  - 1
IS  - 2
SP  - 90
EP  - 108
DO  - 10.62762/JSE.2025.372865
UR  - https://www.icck.org/article/abs/JSE.2025.372865
KW  - internet of things (IoT)
KW  - cybersecurity
KW  - machine learning (ML)
KW  - deep learning (DL)
KW  - intrusion detection system (IDS)
KW  - anomaly detection
KW  - IoT security
KW  - adversarial attacks
AB  - The Internet of Things (IoT) is increasingly integrated into modern software-driven systems across consumer, industrial, and healthcare domains. The heterogeneity of IoT devices, combined with their resource constraints, often renders conventional software security mechanisms insufficient, exposing systems to breaches and exploitation. This study examines recent IoT security incidents to illustrate common vulnerabilities in software-intensive IoT ecosystems, highlighting the resulting risks to critical applications. In response, we review emerging machine learning (ML)-driven security modules and deep learning (DL)-based intrusion detection software, positioning them as adaptive components that can be integrated into IoT system architectures. This review highlights recent peer-reviewed contributions, ensuring alignment with the most current developments in IoT security using ML and DL, and follows a systematic review methodology based on IEEE Xplore (2020--2024). The study further identifies software engineering challenges in integrating these intelligent modules into resource-constrained IoT environments and outlines future directions for building secure-by-design, AI-driven IoT software frameworks. Results demonstrate that ML- and DL-enhanced security modules strengthen software resilience by enabling real-time detection of cyber-attacks, reducing false alarms, and adapting to evolving threat landscapes. The review is structured to first discuss notable case studies of IoT security breaches, followed by an analysis of ML- and DL-based security modules, a comparative evaluation of their effectiveness, and finally, a discussion of key challenges and future research opportunities.
SN  - 3069-1834
PB  - Institute of Central Computation and Knowledge
LA  - English
ER  -
BibTeX Format
Compatible with LaTeX, BibTeX, and other reference managers
BibTeX format data for LaTeX and reference managers
@article{Arif2025IoT,
  author = {Haroon Arif and Abdul Karim Sajid Ali and Hussain Abdul Nabi},
  title = {IoT Security through ML/DL: Software Engineering Challenges and Directions},
  journal = {ICCK Journal of Software Engineering},
  year = {2025},
  volume = {1},
  number = {2},
  pages = {90-108},
  doi = {10.62762/JSE.2025.372865},
  url = {https://www.icck.org/article/abs/JSE.2025.372865},
  abstract = {The Internet of Things (IoT) is increasingly integrated into modern software-driven systems across consumer, industrial, and healthcare domains. The heterogeneity of IoT devices, combined with their resource constraints, often renders conventional software security mechanisms insufficient, exposing systems to breaches and exploitation. This study examines recent IoT security incidents to illustrate common vulnerabilities in software-intensive IoT ecosystems, highlighting the resulting risks to critical applications. In response, we review emerging machine learning (ML)-driven security modules and deep learning (DL)-based intrusion detection software, positioning them as adaptive components that can be integrated into IoT system architectures. This review highlights recent peer-reviewed contributions, ensuring alignment with the most current developments in IoT security using ML and DL, and follows a systematic review methodology based on IEEE Xplore (2020--2024). The study further identifies software engineering challenges in integrating these intelligent modules into resource-constrained IoT environments and outlines future directions for building secure-by-design, AI-driven IoT software frameworks. Results demonstrate that ML- and DL-enhanced security modules strengthen software resilience by enabling real-time detection of cyber-attacks, reducing false alarms, and adapting to evolving threat landscapes. The review is structured to first discuss notable case studies of IoT security breaches, followed by an analysis of ML- and DL-based security modules, a comparative evaluation of their effectiveness, and finally, a discussion of key challenges and future research opportunities.},
  keywords = {internet of things (IoT), cybersecurity, machine learning (ML), deep learning (DL), intrusion detection system (IDS), anomaly detection, IoT security, adversarial attacks},
  issn = {3069-1834},
  publisher = {Institute of Central Computation and Knowledge}
}
Article Metrics
Citations:

Google Scholar
0

Crossref

0

Scopus

0

Web of Science

0
Article Access Statistics:
Views: 563
PDF Downloads: 44
Publisher's Note
ICCK stays neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and Permissions
CC BY Copyright © 2025 by the Author(s). Published by Institute of Central Computation and Knowledge. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/), which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made.
ICCK Journal of Software Engineering

ICCK Journal of Software Engineering

ISSN: 3069-1834 (Online)

Email: [email protected]

Portico

Portico

All published articles are preserved here permanently:
https://www.portico.org/publishers/icck/