[2603.00363] Quantifying Catastrophic Forgetting in IoT Intrusion Detection Systems

Computer Science > Machine Learning arXiv:2603.00363 (cs) [Submitted on 27 Feb 2026] Title:Quantifying Catastrophic Forgetting in IoT Intrusion Detection Systems Authors:Sourasekhar Banerjee, David Bergqvist, Salman Toor, Christian Rohner, Andreas Johnsson View a PDF of the paper titled Quantifying Catastrophic Forgetting in IoT Intrusion Detection Systems, by Sourasekhar Banerjee and 4 other authors View PDF HTML (experimental) Abstract:Distribution shifts in attack patterns within RPL-based IoT networks pose a critical threat to the reliability and security of large-scale connected systems. Intrusion Detection Systems (IDS) trained on static datasets often fail to generalize to unseen threats and suffer from catastrophic forgetting when updated with new attacks. Ensuring continual adaptability of IDS is therefore essential for maintaining robust IoT network defence. In this focused study, we formulate intrusion detection as a domain continual learning problem and propose a method-agnostic IDS framework that can integrate diverse continual learning strategies. We systematically benchmark five representative approaches across multiple domain-ordering sequences using a comprehensive multi-attack dataset comprising 48 domains. Results show that continual learning mitigates catastrophic forgetting while maintaining a balance between plasticity, stability, and efficiency, a crucial aspect for resource-constrained IoT environments. Among the methods, Replay-based approaches ach...