To address security control challenges—including unregulated device onboarding, insufficient monitoring, and delayed incident response—arising from the proliferation of IoT devices in academic networks, this paper designs and implements a closed-loop IoT security response platform. The platform unifies device registration, real-time monitoring, and automated response within a single framework—the first such integration in educational networks. It introduces a lightweight rule engine fused with network traffic behavioral analysis for anomaly detection, augmented by SDN-driven dynamic policy enforcement and fine-grained device fingerprinting to enable sub-second automated blocking. Experimental evaluation demonstrates an average detection-to-blocking latency of 28.6 seconds, significantly reducing manual intervention frequency while improving response standardization and management consistency. The platform establishes a practical, deployable technical paradigm for IoT security governance in higher education environments.

The growing presence of IoT devices in academic environments has increased operational complexity and exposed security weaknesses, especially in academic institutions without unified policies for registration, monitoring, and incident response involving IoT. This work presents IoTEdu, an integrated platform that combines access control, incident detection, and automatic blocking of IoT devices. The solution was evaluated in a controlled environment with simulated attacks, achieving an average time of 28.6 seconds between detection and blocking. The results show a reduction in manual intervention, standardization of responses, and unification of the processes of registration, monitoring, and incident response.