Abstract
The swift incorporation of cutting edge technologies has expanded the range for a potential adversary to conduct adaptive attacks against systems and despite progress in detection, machine learning based security remains vulnerable, highlighting the need for more robust and reliable defense methods. Existing DDoS detection techniques are not resilient against adaptive adversarial manipulation and instead concentrate on accuracy under benign circumstances. To defend against adversarial attacks, this paper presents a reliable and comprehensible intrusion detection paradigm and to improve detection transparency and reliability, the suggested method utilizes Graph Neural Networks (GNNs), Deep Neural Network (DNN), DeepFool, First Gradient Sign Method (FGSM) and an ensemble-based (DeepFool with FGSM) adversarial training procedure, we introduce a novel adversarial dataset, AdvCICDDoS2019, constructed by injecting four types of adversarial attacks, Adversarial Perturbation (AP), Adversarial Outlier Injection (AOI), Adversarial Noise Injection (ANI), and Adversarial Benign (AB), into the original CICDDoS2019 dataset. During training, adversarial perturbations based on DeepFool and FGSM are combined to improve robustness, while SHAP and LIME are utilized to offer both extensive and instance-level interpretability and the extensive experimental tests show that the proposed framework threefold exceeds current methods by between 4% and 12% in a range of attack scenarios. The model is quite resilient against smartly constructed traffic, with a detection accuracy of up to 97% under hostile settings. The results further demonstrate that the reliability of the model is improved by adding explainable adversarial defense mechanisms and adding graph-aware learning improves the system’s ability to recognize complex traffic connections, leading to more transparent and robust IoT intrusion detection.
Similar content being viewed by others
Funding
This research was funded by “1 Decembrie 1918” University of Alba Iulia through the Scientific Research Centre.
Author information
Authors and Affiliations
Corresponding authors
Ethics declarations
Competing interests
The authors declare no competing interests.
Additional information
Publisher’s note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Open Access This article is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License, which permits any non-commercial use, sharing, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if you modified the licensed material. You do not have permission under this licence to share adapted material derived from this article or parts of it. The images or other third party material in this article are included in the article’s Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article’s Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by-nc-nd/4.0/.
About this article
Cite this article
Mohammad, U.G., Afzal, A., Alghamdi, S. et al. An optimized graph neural network approach for robust and explainable IoT intrusion detection against adversarial attacks. Sci Rep (2026). https://doi.org/10.1038/s41598-026-48715-9
Received:
Accepted:
Published:
DOI: https://doi.org/10.1038/s41598-026-48715-9
