Explainable Decision Tree Model Achieves Near-Perfect Accuracy for IoT Intrusion Detection

Global: Explainable Decision Tree Model Achieves Near-Perfect Accuracy for IoT Intrusion Detection

On January 2026, a team of researchers unveiled an explainable artificial intelligence (XAI) framework designed to enhance intrusion detection systems (IDS) for Internet of Things (IoT) environments. The approach combines an optimized Decision Tree classifier with both local (SHAP) and global (Morris sensitivity) importance methods, reporting a test accuracy of 99.91%, an F1‑score of 99.51%, and a Cohen Kappa of 0.9960.

Rising Threat Landscape

The proliferation of IoT devices has expanded the attack surface for cyber threats, creating a demand for IDS solutions that balance detection quality, model interpretability, and computational efficiency—especially on resource‑constrained edge hardware.

Explainable AI Approach

According to the study, the proposed framework leverages a Decision Tree classifier optimized for low‑resource deployment. Local feature attribution is derived from SHAP values, while Morris sensitivity analysis provides a global view of feature importance, together offering transparent decision‑making pathways.

Performance Results

The authors report that cross‑validation yields a mean accuracy of 98.93%, confirming the model’s stability across multiple data splits. These metrics place the solution at the state‑of‑the‑art level for IoT IDS performance.

Computational Efficiency

Compared with ensemble‑based models, the Decision Tree architecture reduces inference time, enabling faster detections suitable for real‑time processing on edge devices.

Key Feature Insights

Feature analysis identified “SrcMac” as the most significant predictor, a finding consistently supported by both SHAP and Morris methods.

Regulatory Alignment

The framework’s explainability aligns with emerging AI transparency regulations, facilitating compliance while maintaining high detection rates for diverse attack classes.

Potential Impact

By delivering a blend of high accuracy, interpretability, and low computational demand, the solution positions itself as a viable option for securing resource‑limited IoT deployments in real‑world settings.

This report is based on information from arXiv, licensed under Academic Preprint / Open Access. Based on the abstract of the research paper. Full text available via ArXiv.