International Journal of Engineering
Trends and Technology

Research Article | Open Access | Download PDF
Volume 74 | Issue 3 | Year 2026 | Article Id. IJETT-V74I3P107 | DOI : https://doi.org/10.14445/22315381/IJETT-V74I3P107

A Multi-Source Deep Learning and Swarm Intelligence Framework for Secure and Interpretable IoT Forensic Analysis

Mashiya Afroze F, V. Poornima

Received Revised Accepted Published
19 Nov 2025 22 Jan 2026 29 Jan 2026 28 Mar 2026

Citation :

Mashiya Afroze F, V. Poornima, "A Multi-Source Deep Learning and Swarm Intelligence Framework for Secure and Interpretable IoT Forensic Analysis," International Journal of Engineering Trends and Technology (IJETT), vol. 74, no. 3, pp. 89-103, 2026. Crossref, https://doi.org/10.14445/22315381/IJETT-V74I3P107

Abstract

With the rapid proliferation of Internet-of-Things(IoT) devices in diverse domains, securing IoT ecosystems has risen to an urgent problem because of the heterogeneity and vulnerabilities to cyber-attacks associated with these devices. Typical security and forensic models are unable to comprehend the changed, complex device behaviors and multi-source evidence, leading to mistimed and/or inaccurate indicators of threat. This study proposes a new multi-source IoT forensic framework that includes Deep Learning (DL) and swarm intelligence that models device behaviors, detects anomalies, and provides actionable forensic analysis through the thoughtful consideration of multi-source evidence. The framework has a hybrid CNN-LSTM(Convolutional Neural Network-Long Short-term Memory) architecture to extract spatial-temporal features, where both deep learning and swarm intelligence optimization strategies are applied as hyperparameter tuning and feature selection, along with multi-modal evidence fusion to correlate data across several sources of evidence. Experiments simulating attacks using the TON-IoT data set show its superior performance, with an accuracy of 99.62%, precision of 99.41%, recall of 99.83%, F1-Score of 99.62%, MCC of 0.996, and AUC-ROC of 0.998. The findings posit that our framework demonstrated more ability versus baselines, including Random Forest(RF), LSTM, and Autoencoder(AE). The research findings assert that our framework is reliable, interpretable, and efficient for conducting forensic analysis, which can expedite cybersecurity measures through a timely, equitable, and reliable method for IoT analysis processing.

Keywords

IoT security, Forensic framework, Anomaly detection, CNN-LSTM, Swarm Intelligence Optimization, Multi-modal evidence fusion, Deep Learning, TON-IoT dataset.

References

[1] Ons Aouedi et al., “A Survey on Intelligent Internet of Things: Applications, Security, Privacy, and Future Directions,” IEEE Communications Surveys & Tutorials, vol. 27, no. 2, pp. 1238-1292, 2024.
[CrossRef] [Google Scholar] [Publisher Link]

[2] Amirmohammad Pasdar et al., “Cybersecurity Solutions and Techniques for Internet of Things Integration in Combat Systems,” IEEE Transactions on Sustainable Computing, vol. 10, no. 2, pp. 345-365, 2024.
[CrossRef] [Google Scholar] [Publisher Link]

[3] Ahmed Al Shihimi et al., “Enhancing Internet of Things Security with Random Forest-based Anomaly Detection,” International Journal of Computer Science & Network Security, vol. 24, no. 6, pp. 67-76, 2024.
[Google Scholar] [Publisher Link]

[4] M. Wasim Abbas Ashraf et al., “A Hybrid Approach using Support Vector Machine Rule-based System: Detecting Cyber Threats in Internet of Things,” Scientific Reports, vol. 14, no. 1, pp. 1-19, 2024.
[CrossRef] [Google Scholar] [Publisher Link]

[5] Fatma S. Alrayes et al., “Intrusion Detection in IoT Systems using Denoising Autoencoder,” IEEE Access, vol. 12, pp. 122401-122425, 2024.
[CrossRef] [Google Scholar] [Publisher Link]

[6] Ali Ghaffari et al., “Securing Internet of Things using Machine and Deep Learning Methods: A Survey,” Cluster Computing, vol. 27, no. 7, pp. 9065-9089, 2024.
[CrossRef] [Google Scholar] [Publisher Link]

[7] Saida Hafsa Rafique et al., “Machine Learning and Deep Learning Techniques for Internet of Things Network Anomaly Detection-Current Research Trends,” Sensors, vol. 24, no. 6, pp. 1-32, 2024.
[CrossRef] [Google Scholar] [Publisher Link]

[8] Fahad Alblehai, “Artificial Intelligence-Driven Cybersecurity System for Internet of Things using Self-Attention Deep Learning and Metaheuristic Algorithms,” Scientific Reports, vol. 15, no. 1, pp. 1-25, 2025.
[CrossRef] [Google Scholar] [Publisher Link]

[9] Dheyaaldin Alsalman, “A Comparative Study of Anomaly Detection Techniques for IoT Security using Adaptive Machine Learning for IoT Threats,” IEEE Access, vol. 12, pp. 14719-14730, 2024.
[CrossRef] [Google Scholar] [Publisher Link]

[10] Vivek alias M. Chidambaram, and Karthik Painganadu Chandrasekaran, “Integrating Novel Mechanisms for Threat Detection in Enhanced Data Classification using Ant Colony Optimization with Recurrent Neural Network,” Journal of Cybersecurity & Information Management, vol. 14, no. 2, pp. 132-147, 2024.
[CrossRef] [Google Scholar] [Publisher Link]

[11] Yangyang Mei et al., “A Novel Network Forensic Framework for Advanced Persistent Threat Attack Attribution through Deep Learning,” IEEE Transactions on Intelligent Transportation Systems, vol. 25, no. 9, pp. 12131-12140, 2024.
[CrossRef] [Google Scholar] [Publisher Link]

[12] U. Vivek Menon et al., “AI-Powered IoT: A Survey on Integrating Artificial Intelligence with IoT for Enhanced Security, Efficiency, and Smart Applications,” IEEE Access, vol. 13, pp. 50296-50339, 2025.
[CrossRef] [Google Scholar] [Publisher Link]

[13] Maria Balega et al., “Enhancing IoT Security: Optimizing Anomaly Detection through Machine Learning,” Electronics, vol. 13, no. 11, pp. 1-18, 2024.
[CrossRef] [Google Scholar] [Publisher Link]

[14] Ali Hamid Farea, Omar H. Alhazmi, and Kerem Kucuk, “Advanced Optimized Anomaly Detection System for IoT Cyberattacks using Artificial Intelligence,” Computers, Materials & Continua, vol. 78, no. 2, pp. 1525-1545, 2024.
[CrossRef] [Google Scholar] [Publisher Link]

[15] Sonam Bhardwaj, and Mayank Dave, “Attack Detection and Mitigation using Intelligent Attack Graph Model for Forensic in IoT Networks,” Telecommunication Systems, vol. 85, no. 4, pp. 601-621, 2024.
[CrossRef] [Google Scholar] [Publisher Link]

[16] Lei Ma, and Yunwei Li, “Multi-source Data Collection Data Security Analysis,” International Conference on Advanced Hybrid Information Processing, pp. 458-472, 2023.
[CrossRef] [Google Scholar] [Publisher Link]

[17] Mohammed Al-Shabi, and Anmar Abuhamdah, “Using Deep Learning to Detecting Abnormal Behavior in Internet of Things,” International Journal of Electrical and Computer Engineering, vol. 12, no. 2, pp. 2108-2120, 2022.
[CrossRef] [Google Scholar] [Publisher Link]

[18] Hanieh Agharazi et al., “A Swarm Intelligence-based Approach to Anomaly Detection of Dynamic Systems,” Swarm and Evolutionary Computation, vol. 44, pp. 806-827, 2019.
[CrossRef] [Google Scholar] [Publisher Link]

[19] Rozhin Yasaei, Yasamin Moghaddas, and Mohammad Abdullah Al Faruque, “IoT-GRAF: IoT Graph Learning-based Anomaly and Intrusion Detection through Multi-Modal Data Fusion,” 2024 Design, Automation & Test in Europe Conference & Exhibition (DATE), Valencia, Spain, pp. 1-6, 2024.
[CrossRef] [Google Scholar] [Publisher Link]

[20] Ayanna Armstrong, and Chutima Boonthum-Denecke, “IoT Security: Threats and Forensics,” The 2024 ADMI Symposium, 2024.
[Google Scholar] [Publisher Link]

[21] Zhong Cao et al., “Using the ToN-IoT Dataset to Develop a New Intrusion Detection System for Industrial IoT Devices,” Multimedia Tools and Applications, vol. 84, no. 16, pp. 16425-16453, 2025.
[CrossRef] [Google Scholar] [Publisher Link]

[22] Muhammad Shoaib Mazhar et al., “Forensic Analysis on Internet of Things (IoT) Device using Machine-to-Machine (M2M) Framework,” Electronics, vol. 11, no. 7, pp. 1-23, 2022.
[CrossRef] [Google Scholar] [Publisher Link]

[23] Subir Panja et al., “Anomaly Detection in IoT using Extended Isolation Forest,” International Symposium on Artificial Intelligence, Ravangla, India, pp. 3-14, 2022.
[CrossRef] [Google Scholar] [Publisher Link]

[24] Chin-Wei Tien et al., “Using Autoencoders for Anomaly Detection and Transfer Learning in IoT,” Computers, vol. 10, no. 7, pp. 1-14, 2021.
[CrossRef] [Google Scholar] [Publisher Link]

[25] Victor R. Kebande et al., “Quantifying the Need for Supervised Machine Learning in Conducting Live Forensic Analysis of Emergent Configurations (ECO) in IoT Environments,” Forensic Science International: Reports, vol. 2, pp. 1-10, 2020.
[CrossRef] [Google Scholar] [Publisher Link]

[26] Akinul Islam Jony, and Arjun Kumar Bose Arnob, “A Long Short-Term Memory based Approach for Detecting Cyber Attacks in IoT using CIC-IoT2023 Dataset,” Journal of Edge Computing, vol. 3, no. 1, pp. 28-42, 2024.
[CrossRef] [Google Scholar] [Publisher Link]

[27] Ahsan Nazir et al., “A Deep Learning-based Novel Hybrid CNN-LSTM Architecture for Efficient Detection of Threats in the IoT Ecosystem,” Ain Shams Engineering Journal, vol. 15, no. 7, pp. 1-21, 2024.
[CrossRef] [Google Scholar] [Publisher Link]

[28] Yunyun Hou et al., “IoT Anomaly Detection based on Autoencoder and Bayesian Gaussian Mixture Model,” Electronics, vol. 11, no. 20, pp. 1-17, 2022.
[CrossRef] [Google Scholar] [Publisher Link]

[29] A. Backia Abinaya et al., “Secure IoT: Fortifying IoT Security with Support Vector Machines,” 2024 IEEE North Karnataka Subsection Flagship International Conference (NKCon), Bagalkote, India, pp. 1-7, 2024.
[CrossRef] [Google Scholar] [Publisher Link]

[30] Abitha VK Lija et al., “IoT Security using Deep Learning Algorithm: Intrusion Detection Model using LSTM,” International Journal of Electronic Security and Digital Forensics, vol. 17, no. 1-2, pp. 283-293, 2025.
[CrossRef] [Google Scholar] [Publisher Link]

[31] Adil Yousef Hussein, Paolo Falcarin, and Ahmed T. Sadiq, “Enhancement Performance of Random Forest Algorithm via One Hot Encoding for IoT IDS,” Periodicals of Engineering and Natural Sciences, vol. 9, no. 3, pp. 579-591, 2021.
[CrossRef] [Google Scholar] [Publisher Link]