To address the insufficient adaptability of existing intrusion detection and defense mechanisms against dynamic threats in next-generation wireless networks (NGWN) integrated with the Internet of Things (IoT), this paper proposes a blockchain-driven dynamic attack detection and defense framework. The framework integrates decentralized authentication and authorization (DAA) blockchain-based authentication, a two-stage intrusion detection system (IDS)—comprising IRF-based signature detection and DCRNN-based temporal anomaly detection—trust-aware service migration, and on-demand high-interaction honeypots. It introduces, for the first time, an adaptive honeypot mechanism, coupled with BLISS signature storage and HBO-optimized QoS assurance, to establish a closed-loop security paradigm: “detect–deceive–learn–respond.” Evaluated in the NS-3 simulation platform, the framework achieves a 12.7% improvement in detection accuracy, a 15.3% increase in recall, a 9.8% reduction in false positive rate, and significantly lower resource overhead compared to state-of-the-art approaches.

Edge computing-based Next-Generation Wireless Networks (NGWN)-IoT offer enhanced bandwidth capacity for large-scale service provisioning but remain vulnerable to evolving cyber threats. Existing intrusion detection and prevention methods provide limited security as adversaries continually adapt their attack strategies. We propose a dynamic attack detection and prevention approach to address this challenge. First, blockchain-based authentication uses the Deoxys Authentication Algorithm (DAA) to verify IoT device legitimacy before data transmission. Next, a bi-stage intrusion detection system is introduced: the first stage uses signature-based detection via an Improved Random Forest (IRF) algorithm. In contrast, the second stage applies feature-based anomaly detection using a Diffusion Convolution Recurrent Neural Network (DCRNN). To ensure Quality of Service (QoS) and maintain Service Level Agreements (SLA), trust-aware service migration is performed using Heap-Based Optimization (HBO). Additionally, on-demand virtual High-Interaction honeypots deceive attackers and extract attack patterns, which are securely stored using the Bimodal Lattice Signature Scheme (BLISS) to enhance signature-based Intrusion Detection Systems (IDS). The proposed framework is implemented in the NS3 simulation environment and evaluated against existing methods across multiple performance metrics, including accuracy, attack detection rate, false negative rate, precision, recall, ROC curve, memory usage, CPU usage, and execution time. Experimental results demonstrate that the framework significantly outperforms existing approaches, reinforcing the security of NGWN-enabled IoT ecosystems