Artificial intelligence in mitigating security threats for lightweight IoT devices: a survey of technologies, protocols, and future challenges

Lightweight Internet of Things (IoT) devices—microcontroller-class nodes with less than 512KB RAM, sub-100MHz clocks, and low-power radios (BLE, Zigbee, LoRa, NB-IoT)—are now widely deployed in settings where traditional security stacks are infeasible. This survey examines how Artificial Intelligence (AI) can harden such constrained platforms against device-, network-, and application-layer threats, including spoofing, routing manipulation, DDoS, malware, and Advanced Persistent Threats (APTs). We (i) formalize a lightweight envelope that bounds feasible defenses in terms of RAM, CPU, bandwidth, and energy; (ii) consolidate protocol-side risks across BLE, Zigbee, and LoRaWAN; and (iii) review deployable AI techniques through a deployment-first lens that separates training (edge, cloud, federated learning) from on-device inference. Distinct from prior surveys, we provide resource-annotated comparisons that report accuracy alongside model size, peak RAM, latency, and estimated energy per inference, showing how pruning, post-training quantization, distillation, and feature narrowing shift feasibility on MCU targets. Covered methods include compact classifiers (linear models, trees, SVM), quantized TinyCNN/TinyRNN and graph-based intrusion detection, reinforcement learning for adaptive rate limiting and channel selection, and privacy-preserving federated learning with update compression. We conclude with a pragmatic agenda—energy-adaptive inference, LPWAN-aware scheduling and federated learning, robustness to poisoning and evasion, and reproducible benchmarks that couple accuracy with size/latency/energy on real hardware—aimed at making AI-based security practical at scale for lightweight IoT deployments.