# A Novel Architecture for Mitigating Botnet Threats in AI-Powered IoT Environments

**Authors:** Vasileios A. Memos, Christos L. Stergiou, Alexandros I. Bermperis, Andreas P. Plageras, Konstantinos E. Psannis

PMC · DOI: 10.3390/s26020572 · Sensors (Basel, Switzerland) · 2026-01-14

## TL;DR

A new system detects and stops botnet attacks in AI-powered IoT networks using machine learning and other techniques.

## Contribution

A novel multi-layered architecture combining machine learning, sandboxing, and deception for botnet mitigation in AIoT.

## Key findings

- The system enables early detection of botnet activity with reduced false positives.
- It demonstrates scalability and resilience in large AIoT networks.
- The framework supports threat hunting and compliance with privacy regulations.

## Abstract

What are the main findings?
The proposed multi-layered architecture enables early detection of botnet activity in AIoT environments.Integration of machine learning, sandboxing, and deception techniques improves threat analysis, reduces false positives, and enhances automated response.The system demonstrates scalability and resilience, effectively protecting large, distributed AIoT networks, while maintaining operational efficiency.

The proposed multi-layered architecture enables early detection of botnet activity in AIoT environments.

Integration of machine learning, sandboxing, and deception techniques improves threat analysis, reduces false positives, and enhances automated response.

The system demonstrates scalability and resilience, effectively protecting large, distributed AIoT networks, while maintaining operational efficiency.

What is the implication of the main finding?
AIoT systems can operate securely despite the limited computational resources of individual devices, reducing vulnerability to cyber attacks.Organizations deploying AIoT solutions can achieve proactive threat management, minimizing downtime and operational disruption from BoT attacks.The framework enables threat hunting, forensic investigation, and compliance with privacy regulations, which enhances trust in AIoT technologies.

AIoT systems can operate securely despite the limited computational resources of individual devices, reducing vulnerability to cyber attacks.

Organizations deploying AIoT solutions can achieve proactive threat management, minimizing downtime and operational disruption from BoT attacks.

The framework enables threat hunting, forensic investigation, and compliance with privacy regulations, which enhances trust in AIoT technologies.

The rapid growth of Artificial Intelligence of Things (AIoT) environments in various sectors has introduced major security challenges, as these smart devices can be exploited by malicious users to form Botnets of Things (BoT). Limited computational resources and weak encryption mechanisms in such devices make them attractive targets for attacks like Distributed Denial of Service (DDoS), Man-in-the-Middle (MitM), and malware distribution. In this paper, we propose a novel multi-layered architecture to mitigate BoT threats in AIoT environments. The system leverages edge traffic inspection, sandboxing, and machine learning techniques to analyze, detect, and prevent suspicious behavior, while uses centralized monitoring and response automation to ensure rapid mitigation. Experimental results demonstrate the necessity and superiority over or parallel to existing models, providing an early detection of botnet activity, reduced false positives, improved forensic capabilities, and scalable protection for large-scale AIoT areas. Overall, this solution delivers a comprehensive, resilient, and proactive framework to protect AIoT assets from evolving cyber threats.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/PMC12846264/full.md

## Figures

6 figures with captions in the complete paper: https://tomesphere.com/paper/PMC12846264/full.md

## References

42 references — full list in the complete paper: https://tomesphere.com/paper/PMC12846264/full.md

---
Source: https://tomesphere.com/paper/PMC12846264