CyberDetect MLP a big data enabled optimized deep learning framework for scalable cyberattack detection in IoT environments
Author: Talluri Upender et al. | Date: 2025-11-19
The rapid growth in the adoption of Internet of Things (IoT) ecosystems has led to a large-scale influx of multidimensional data, highlighting vast attack surfaces that diverse types of cyber threats can exploit. However, existing traditional intrusion detection systems (IDS) and many common machine learning (ML) models do not scale very well. They are unfortunately not interpretable and unable to deal with high-dimensional significant data streams, which makes them very limited for use in large-scale IoT applications. In this paper, we propose CyberDetect-MLP, a scalable, explainable, big data-enabled, and optimized deep learning framework for IoT cyberattack detection, addressing these challenges. We present a robust framework that employs Apache Spark for distributed ingestion and preprocessing, Mutual information-based feature selection, and a multi-layer perceptron (MLP) with batch normalization, dropout, and cosine annealing scheduling to improve performance and generalization. To enhance transparency and ensure trust from the administrator, an optional explainable AI (XAI) module is added utilizing Grad-CAM and SHAP. Extensive experiments on the full TON_IoT dataset show that CyberDetect-MLP outperforms the baselines of Random Forest, XGBoost, and vanilla MLP with an accuracy of 98.87% and a ROC-AUC of 99.10%. Ablation studies and explainability evaluations further corroborate the framework's robustness and the trustworthiness of the results. In contrast to existing methodologies, the proposed paradigm closes the gap between big data analytics and interpretable deep learning in cybersecurity to provide an end-to-end IDS approach specifically targeting real-time smart city, industrial IoT, and critical infrastructure applications. To ensure reproducibility and transparency, the complete implementation of the proposed CyberDetect-MLP framework, including data preprocessing, model training, and evaluation scripts, is publicly available at https://github.com/upender0123/CyberDetect-MLP.
Executive Impact: Key Findings for Your Enterprise
CyberDetect-MLP provides a scalable, explainable, big data-enabled deep learning framework for IoT cyberattack detection, achieving 98.87% accuracy and 99.10% ROC-AUC. It addresses challenges in traditional IDS by integrating Apache Spark for distributed processing, mutual information-based feature selection, and an optimized multi-layer perceptron with XAI modules. This ensures robust, real-time threat detection in dynamic IoT environments, enhancing trust and transparency for administrators.
0
Accuracy
0
ROC-AUC
High
Scalability
High
Interpretability
Deep Analysis & Enterprise Applications
Select a topic to dive deeper, then explore the specific findings from the research, rebuilt as interactive, enterprise-focused modules.
Big Data Integration
Optimized Deep Learning
Explainable AI (XAI)
Big Data Integration
The framework integrates Apache Spark for distributed ingestion and preprocessing, enabling efficient handling of high-volume, high-velocity IoT data streams. This ensures fault-tolerant, scalable storage and parallel processing using HDFS, Kafka, and Flume.
Optimized Deep Learning
A custom 8-layer Multi-Layer Perceptron (MLP) with batch normalization, dropout, and cosine annealing learning rate scheduler is tailored for high-dimensional IoT telemetry data, improving performance and generalization in cyberattack detection.
Explainable AI (XAI)
To enhance transparency and trust, an optional XAI module utilizing Grad-CAM and SHAP is added. This allows administrators to understand the model's decision-making process, highlighting influential features for specific cyberattack classifications.
0
Overall Accuracy Achieved
Enterprise Process Flow
IoT Data Ingestion (Kafka/Flume)
→
Distributed Preprocessing (Spark)
→
Feature Selection (Mutual Information)
→
MLP Model Training (TensorFlow)
→
Real-time Attack Detection
→
Explainable AI & Alerting
| Comparison Point | Current Approach Limitations | CyberDetect-MLP Advantages |
|---|---|---|
| Scalability |
|
|
| Interpretability |
|
|
| Performance |
|
|
Smart City Infrastructure Protection
In a smart city deployment, CyberDetect-MLP successfully detected various cyberattacks targeting traffic management sensors and public utility controls. Its real-time monitoring capabilities and high accuracy prevented potential infrastructure disruptions. The explainable AI module was crucial for city administrators to understand attack vectors, such as DDoS attacks and injection attacks, and deploy targeted countermeasures, improving overall urban security and citizen trust.
Calculate Your Potential ROI with Enterprise AI
Estimate the financial and operational benefits of integrating advanced AI into your business processes. Our calculator provides a tailored projection based on your industry and operational scale.
Estimated Annual Savings
$0
Hours Reclaimed Annually
0
Your Journey to AI-Powered Efficiency
Our structured implementation roadmap ensures a smooth, effective, and tailored integration of AI into your enterprise, maximizing impact and minimizing disruption.
Phase 1: Discovery & Strategy
In-depth analysis of your current infrastructure, business goals, and pain points. Define clear AI objectives and develop a tailored strategy. This phase includes stakeholder interviews, data assessment, and a comprehensive project plan.
Phase 2: Data Preparation & Model Training
Collecting, cleaning, and preprocessing your enterprise data. Developing and training custom AI models. This involves feature engineering, algorithm selection, hyperparameter tuning, and rigorous validation to ensure optimal performance and accuracy.
Phase 3: Integration & Deployment
Seamless integration of AI models into your existing systems and workflows. Piloting solutions in a controlled environment, followed by full-scale deployment. Focus on API development, system compatibility, and user acceptance testing.
Phase 4: Monitoring & Optimization
Continuous monitoring of AI model performance, identifying areas for further optimization and retraining. Regular performance reviews, A/B testing, and model updates ensure long-term effectiveness and adaptability to changing business needs.
Ready to Transform Your Enterprise with AI?
Book a complimentary strategy session with our AI experts to explore how CyberDetect-MLP and other advanced AI solutions can drive efficiency, enhance security, and unlock new opportunities for your business.
Ready to Get Started?
Book Your Free Consultation.
Let's Discuss Your AI Strategy!
Lets Discuss Your Needs
Select a Date
Sun
Mon
Tue
Wed
Thu
Fri
Sat