TY  - EJOU
AU  - Lamjid, Ali 
AU  - Ariffin, Khairul Akram Zainol 
AU  - Aziz, Mohd Juzaiddin Ab 
AU  - Sani, Nor Samsiah 

TI  - Intrusion Detection Systems from IT to IIoT: Survey and Taxonomy
T2  - Journal of Cyber Security

PY  - 2026
VL  - 8
IS  - 1
SN  - 2579-0064

AB  - The convergence of Operational Technology (OT) and Information Technology (IT) within Critical Infrastructures gives rise to complex and heterogeneous network architectures in the Industrial Internet of Things (IIoT). Traditional Intrusion Detection Systems (IDS), designed for conventional IT environments, are suited for mitigating vulnerabilities inherent in these systems; however, they often fail to address vulnerabilities intrinsic to heterogeneous IIoT architectures, most notably adversarial threats. To address this challenge, this study undertakes a systematic review of 23 representative papers published between 2016 and 2025, analyzing the IIoT-based IDS approaches. Distinguishing itself from existing reviews, this work classifies IDS approaches based on deployment architecture, detection methodology, and security threat types, thereby identifying a critical gap in current defensive capabilities. This analytical framework reveals a critical deficiency in current defense mechanisms against sophisticated threats such as adversarial attacks. The proposed taxonomy provides a foundational framework for the rational design of robust hybrid IDS solutions that can secure both legacy supervisory control and data acquisition (SCADA) systems and modern smart devices. Ultimately, these findings provide a strategic road-map for researchers and practitioners to advance Cybersecurity resilience in the rapidly maturing IIoT platforms.
KW  - Cybersecurity; intrusion detection system; IT; OT; industrial IoT; taxonomy

DO  - 10.32604/jcs.2026.077850