Detecting zero-day Denial-of-Service (DoS) attacks in dynamic, class-imbalanced IoT edge networks remains challenging. To address this, we propose CSinkGAN—a novel end-to-end anomaly detection framework based on a Conditional Sinkhorn Divergence Generative Adversarial Network. Methodologically, we introduce Sinkhorn divergence as a geometry-aware loss function to enhance generative stability and mitigate mode collapse; further, we integrate CTGAN to perform class-balanced synthetic data augmentation, significantly improving detection sensitivity for rare attack types. Evaluated on the CICDDoS2019 dataset, CSinkGAN outperforms state-of-the-art deep learning and GAN-based baselines across accuracy, precision, recall, and F1-score. Crucially, the framework maintains low computational overhead, satisfying stringent resource constraints of edge devices.

The increasing complexity of IoT edge networks presents significant challenges for anomaly detection, particularly in identifying sophisticated Denial-of-Service (DoS) attacks and zero-day exploits under highly dynamic and imbalanced traffic conditions. This paper proposes SD-CGAN, a Conditional Generative Adversarial Network framework enhanced with Sinkhorn Divergence, tailored for robust anomaly detection in IoT edge environments. The framework incorporates CTGAN-based synthetic data augmentation to address class imbalance and leverages Sinkhorn Divergence as a geometry-aware loss function to improve training stability and reduce mode collapse. The model is evaluated on exploitative attack subsets from the CICDDoS2019 dataset and compared against baseline deep learning and GAN-based approaches. Results show that SD-CGAN achieves superior detection accuracy, precision, recall, and F1-score while maintaining computational efficiency suitable for deployment in edge-enabled IoT environments.