1. SISN
  2. All Volumes and Issues
  3. Volume 17, 2025
  4. Real-time Anomaly Detection in Distributed Iot Systems:a Comprehensive Review and Comparative Analysis

Real-time Anomaly Detection in Distributed Iot Systems:a Comprehensive Review and Comparative Analysis

SISN.
2025;
Volume 17
: pp. 160 - 169
https://doi.org/10.23939/sisn2025.17.160
Authors:
  1. Pavlo Pustelnyk
  2. Yevheniya Levus
1
Lviv Polytechnic National University, Department of Software Engineering, Lviv, Ukraine
2
Lviv Polytechnic National University, Lviv, Ukraine

The rapid expansion of the Internet of Things (IoT) has resulted in a substantial increase of diverse data from distributed devices. This extensive data stream makes it increasingly important to implement robust and efficient real-time anomaly detection techniques that can promptly alert about issues before they could escalate into critical system failures. Anomaly detection in data is essential in today’s interconnected landscape, as it facilitates the early identification of deviations from established baseline behavior that may indicate system malfunctions, security vulnerabilities, or operational inefficiencies. By promptly identifying these deviations, organizations can reduce downtime, optimize performance, and safeguard critical assets.
This article provides a comprehensive review and comparative analysis of modern methods for detecting anomalies in distributed IoT systems. It examines a wide range of techniques, including traditional statistical approaches, distance-based methods, machine learning models, deep learning architectures, and explainable AI frameworks. Each category is evaluated with respect to detection accuracy, computational efficiency, and interpretability. Real-world examples – ranging from predictive maintenance in industrial IoT and energy management in smart grids to fraud detection in financial networks – demonstrate the broad practical applications of these techniques.
The review further identifies current challenges and promising future research directions, including active learning-based approaches, which offer potential solutions to improve adaptability and reduce the reliance on large labeled datasets. The insights from this review provide a strong foundation for future research aimed at developing hybrid anomaly detection models that integrate advanced techniques to further enhance system adaptability and security in distributed IoT environments.

IoT
anomaly detection
real-time processing
machine learning
deep learning
explainable AI
distributed systems
  1. Abououf, M., Singh, S., Rabeb Mizouni, & Hadi Otrok. (2023). Explainable AI for Event and Anomaly Detection and Classification in Healthcare Monitoring Systems. IEEE Internet of Things Journal, 1–1. https://doi.org/10.1109/jiot.2023.3296809
  2. Abudurexiti, Y., Han, G., Zhang, F., & Liu, L. (2025). An explainable unsupervised anomaly detection framework for Industrial Internet of Things. Computers & Security, 148, 104130. https://doi.org/10.1016/j.cose.2024.104130
  3. Alrashdi, I., Alqazzaz, A., Aloufi, E., Alharthi, R., Zohdy, M., & Ming, H. (2019). AD-IoT: Anomaly Detection of IoT Cyberattacks in Smart City Using Machine Learning. IEEE Xplore. https://doi.org/10.1109/CCWC. 2019.8666450
  4. Aminu, M., Akinsanya, A., Oyedokun, O., Dickson, A., & Dako. (2024). Enhancing cyber threat detection through real‐time threat intel Technology and Research, 13, 11–27. https://doi.org/10.7753/IJCATR1308.1002
  5. Anusha, R. S., Dadavali, S. P., Akash, D., Vinay, M. G., Tapkire, M., & Manjunath, N. (2024). Efficient learning  ‐driven anomaly detection and classification for IoT‐based monitori 20(11), 3749–3758. https://doi.org/10.52783/jes.8237
  6. Balega, M., Farag, W., Wu, X.-W., Ezekiel, S., & Good, Z. (2024). Enhancing IoT security: Optimizing anomaly detection through machine learning. Electronics, 13(11), 2148. https://doi.org/10.3390/electronics13112148
  7. Cauteruccio, F., Cinelli, L., Corradini, E., Terracina, G., Ursino, D., Virgili, L., Savaglio, C., Liotta, A., & Fortino,G. (2021). A framework for anomaly detection and classification in Multiple IoT scenarios. Future Generation Computer Systems, 114, 322–335. https://doi.org/10.1016/j.future.2020.08.010
  8. Chandola, V., Banerjee, A., & Kumar, V. (F). Anomaly detection: A survey. ACM Computing Surveys, 41(3), 1– 58.    https://doi.org/10.1145/1541880.1541882
  9. Cook, A. A., Mısırlı, G., & Fan, Z. (2020). Anomaly detection for IoT time-series data: A survey. IEEE Internet of Things Journal, 7(7), 6481–6494. https://doi.org/10.1109/JIOT.2019.2958185
  10. DeMedeiros, K., Hendawi, A., & Alvarez, M. (2023). A Survey of AI-Based Anomaly Detection in IoT and Sensor Networks. Sensors, 23(3), 1352. https://doi.org/10.3390/s23031352
  11. Dickson, S. M. (2024). Detection of anomalies in Internet of Things (IoT) devices and sensors. Radinka Journal of Science and Systematic Literature Review, 2(3), 475–481. https://doi.org/10.56778/rjslr.v2i3.347
  12. Diro, A., Chilamkurti, N., Nguyen, V.-D., & Heyne, W. (2021). A Comprehensive Study of Anomaly Detection Schemes in IoT Networks Using Machine Learning Algorithms. Sensors, 21(24), 8320. https://doi.org/10.3390/ s21248320
  13. Gad, I. M. (2025). TOCA-IoT: Threshold optimization and causal analysis for IoT network anomaly detection based on explainable random forest. Algorithms, 18, 117. https://doi.org/10.3390/a18020117
  14. Giannoni, F., Mancini, M., & Marinelli, F. (2018). Anomaly Detection Models for IoT Time Series Data. ArXiv (Cornell University). https://doi.org/10.48550/arxiv.1812.00890
  15. Gummadi, A. N., Napier, J. C., & Abdallah, M. (2023). XAI-IoT: An explainable AI framework for enhancing anomaly detection in IoT systems. IEEE Access. https://doi.org/10.1109/ACCESS.2023.0322000
  16. Gupta, P., & Tripathy, P. (2024). Unsupervised learning for real-time data anomaly detection: A comprehensive approach. SSRG International Journal of Computer Science and Engineering, 11(10), 1-11. https://doi.org/10.14445/23488387/IJCSE-V11I10P101
  17. Hu, X., Xu, Q., &  Guo, Y. (2020). Trajectory anomaly  detection  based on  the mean distance deviation. Communications in Computer and Information Science, 140–147. https://doi.org/10.1007/978-3-030-63820-7_16
  18. Idhalama, O., & Oredo, J. (2024). Exploring the next generation Internet of Things (IoT) requirements and applications: A comprehensive overview. Information Development. https://doi.org/10.1177/02666669241267852
  19. Iturbe, J., & Rifà-Pous, H. (2023). Anomaly-based cyberattacks detection for smart homes: A systematic literature review. Internet of Things, 22, 100792. https://doi.org/10.1016/j.iot.2023.10079
  20. Jaiswal, A., & Koupaei, A. N. (2024). Deep comparison analysis: Statistical methods and deep learning for network anomaly detection. International Journal of Computer Science and Information Security, 22. https://doi.org/10. 5281/zenodo.14051106
  21. Jot, J., & Sharma, L. (2023). Study of anomaly detection in IoT sensors. International Journal for Research in Applied Science and Engineering Technology, 11, 767–774. https://doi.org/10.22214/ijraset.2023.55226
  22. Kalutharage, C. S., Liu, X., Chrysoulas, C., Pitropakis, N., & Papadopoulos, P. (2023). Explainable AI-Based DDOS Attack Identification Method for IoT Networks. Computers, 12(2), 32. https://doi.org/10. 3390/computers12020032
  23. Kaya, M. O., Ozdem, M., & Das, R. (2025). A novel approach for graph-based real-time anomaly detection from dynamic network data listened by Wireshark: A novel approach for graph-based real-time anomaly detection. EAI Endorsed Transactions on I ndustrial Networks and Intelligent Systems, 12. https://doi.org/10.4108/ eetinis.v12i2.7616
  24. Krzyszton, E., Rojek, I., & Mikołajewski, D. (2024). A comparative analysis of anomaly detection methods in IoT networks: An experimental study. Applied Sciences, 14, 11545. https://doi.org/10.3390/app142411545
  25. Lee, C.-Y., & Maceren, E. D. (2025). Physics-informed anomaly and fault detection for wind energy systems using deep CNN and adaptive elite PSO-XGBoost. IET Generation, Transmission & Distribution, 19(1). https://doi.org/10.1049/gtd2.13289
  26. Liao, N., & Li, X. (2022). Traffic Anomaly Detection Model Using K-Means and Active Learning Method. International Journal of Fuzzy Systems, 24(5), 2264–2282. https://doi.org/10.1007/s40815-022-01269-0
  27. Martins, I., Resende, J. S., Sousa, P. R., Silva, S., Antunes, L., & Gama, J. (2022). Host-based IDS: A review and open issues of an anomaly detection system in IoT. Future Generation Computer Systems, 133, 95–113. https://doi.org/10.1016/j.future.2022.03.001
  28. Mutambik, I. (2024). Enhancing IoT security using GA-HDLAD: A hybrid deep learning approach for anomaly detection. Applied Sciences, 14(21), 9848-9848. https://doi.org/10.3390/app14219848
  29. Nguyen, M.-D., La, V.-H., Mallouli, W., Cavalli, A. R., & Oca, E. M. de. (2023). Toward Anomaly Detection Using Explainable AI. CyberSecurity in a DevOps Environment, 293–324. https://doi.org/10.1007/978-3-031-42212-6_10
  30. Nguyen, T. D., Marchal, S., Miettinen, M., F ereidooni, H., Asokan, N., & Sadeghi, A.-R. (2019). DÏoT: A Federated Self-learning Anomaly Detection System for IoT. 2019 IEEE 39th  International Conference on Distributed Computing Systems (ICDCS). https://doi.org/10.1109/icdcs.2019.00080
  31. Nixon, C., Sedky, M., Champion, J., & Hassan, M. (2024). SALAD: A split active learning based unsupervised network data stream anomaly detection method using autoencoders. Expert Systems with Applications, 248, 123439.    https://doi.org/10.1016/j.eswa.2024.123439
  32. Nizam, H., Zafar, S., Lv, Z., Wang, F., & Hu, X. (2022). Real-Time Deep Anomaly Detection Framework for Multivariate Time-Series Data in Industrial IoT. IEEE Sensors Journal, 1–1. https://doi.org/10.1109/ jsen.2022.3211874
  33. Odoh, K. (2022). Real-time Anomaly Detection for Multivariate Data Streams. ArXiv (Cornell University). https://doi.org/10.48550/arxiv.2209.12398
  34. Ukil, A., Bandyoapdhyay, S., Puri, C., & Pal, A. (2016). IoT Healthcare Analytics: The Importance of Anomaly Detection. 2016 I EEE 30th International Conference on Advanced Information Networking and Applications (AINA).    https://doi.org/10.1109/aina.2016.158
  35. Sahu, N. K., & Mukherjee, I. (2020). Machine Learning based anomaly detection for IoT Network: (Anomaly detection in IoT Network). IEEE Xplore. https://doi.org/10.1109/ICOEI48184.2020.9142921
  36. Sakong, W., Kwon, J., Min, K., Wang, S., & Kim, W. (2024). Anomaly Transformer Ensemble Model for Cloud Data Anomaly Detection. IEEE Transactions on Cloud Computing, 12(4), 1305–1313. https://doi.org/10. 1109/TCC.2024.3466174
  37. Sedjelmaci, H., Senouci, S., & Al-Bahri, M. (2016). A lightweight anomaly detection technique for low-resource IoT devices: A game-theoretic methodology. HAL (Le Centre Pour La Communication Scientifique Directe). https://doi.org/10.1109/icc.2016.7510811
  38. Stradiotti, L., Perini, L., & Davis, J. (2024). Combining active learning and learning to reject for anomaly detection. In Frontiers in Artificial Intelligence and Applications. https://doi.org/10.3233/FAIA240749
  39. Škvára, V., Smidl, V., & Pevný, T. (2024). Anomaly detection in multifactor data. Neural Computing and Applications, 36(34), 21561–21580. https://doi.org/10.1007/s00521-024-10291-2
  40. Tyagi, H., & Kumar, R. (2021). Attack and Anomaly Detection in IoT Networks Using Supervised Machine Learning Approaches. Revue d’Intelligence Artificielle, 35(1), 11–21. https://doi.org/10.18280/ria.350102
  41. Vajda, D. L., Do, T. V., Bérczes, T., & Farkas, K. (2024). Machine learning-based real-time anomaly detection using data pre-processing in the telemetry of server farms. Scientific Reports, 14(1). https://doi.org/10. 1038/s41598-024-72982-z
  42. Wang, C., & Zhu, H. (2024). Enhancing data for hard anomaly detection. In Universal Behavior Computing for Security and Safety, 2, 45–56. https://doi.org/10.1007/978-981-97-9014-2_2
  43. Yang, K., Ren, J., Zhu, Y., & Zhang, W. (2018). Active Learning for Wireless IoT Intrusion Detection. IEEE Wireless Communications, 25(6), 19–25. https://doi.org/10.1109/mwc.2017.1800079
  44. Zeng, F., Wang, M., Pan, Y., Lv, S., Huiyu, M., Han, H., & Yuan, X. (2025). Distributed data privacy protection via collaborative anomaly detection. Electronics, 14(2), 295. https://doi.org/10.3390/electronics14020295
  45. Zakariah, M., & Almazyad, A. S. (2023). Anomaly detection for IoT systems using active learning. Applied Sciences, 13(21), 12029. https://doi.org/10.3390/app132112029