Enhancing IoT Security with Generative AI: Threat Detection and Countermeasure Design

The rapid proliferation of Internet of Things (IoT) devices has increased the attack surface for cyber threats. Traditional intrusion detection systems often struggle to keep pace with novel or evolving threats. This study proposes an end-to-end generative AI-based intrusion detection and response pipeline designed for automated threat mitigation in smart home IoT environments. It leverages a Variational Autoencoder (VAE) trained on benign traffic to flag anomalies, a fine-tuned Bidirectional Encoder Representations from Transformers (BERT) model to classify anomalies into five attack categories (C&C, DDoS, Okiru, PortScan, and benign), and Grok3—a large language model—to generate tailored countermeasure recommendations. Using the Aposemat IoT-23 dataset, the VAE model achieves a recall of 0.999 and a precision of 0.961 for anomaly detection. The BERT model achieves an overall accuracy of 99.90% with per-class F1 scores exceeding 0.99. End-to-end prototype simulation involving 10,000 network traffic samples demonstrate a 98% accuracy in identifying cyber attacks and generating countermeasures to mitigate them. The pipeline integrates generative models for improved detection and automated security policy formulation in IoT settings, enhancing detection and enabling quicker and actionable security responses to mitigate cyber threats targeting smart home environments.