Detecting Denial-of-Service (DoS) attacks on resource-constrained IoT devices remains a critical challenge due to stringent memory, computational, and latency constraints. To address this, we propose the first lightweight DoS detection framework for edge IoT based on the Kolmogorov–Arnold Network (KAN). Our method replaces conventional weight matrices with learnable spline functions, enabling compact parameterization and linear computational complexity. We further introduce a spline-parameterized feature transformation and a purpose-built lightweight inference architecture optimized for edge deployment. Evaluated on the CICIDS2017 dataset, our model achieves 99.0% detection accuracy, with only 2.00 ms inference latency per sample and a mere 0.19 MB memory footprint—reducing memory usage by up to 98% compared to state-of-the-art deep learning models. This work pioneers the application of KANs to IoT security analytics, establishing a new paradigm for high-accuracy, ultra-low-overhead edge intelligence in cybersecurity.

The proliferation of Internet of Things (IoT) devices has created a pressing need for efficient security solutions, particularly against Denial of Service (DoS) attacks. While existing detection approaches demonstrate high accuracy, they often require substantial computational resources, making them impractical for IoT deployment. This paper introduces a novel lightweight approach to DoS attack detection based on Kolmogorov-Arnold Networks (KANs). By leveraging spline-based transformations instead of traditional weight matrices, our solution achieves state-of-the-art detection performance while maintaining minimal resource requirements. Experimental evaluation on the CICIDS2017 dataset demonstrates 99.0% detection accuracy with only 0.19 MB memory footprint and 2.00 ms inference time per sample. Compared to existing solutions, KAN reduces memory requirements by up to 98% while maintaining competitive detection rates. The model's linear computational complexity ensures efficient scaling with input size, making it particularly suitable for large-scale IoT deployments. We provide comprehensive performance comparisons with recent approaches and demonstrate effectiveness across various DoS attack patterns. Our solution addresses the critical challenge of implementing sophisticated attack detection on resource-constrained devices, offering a practical approach to enhancing IoT security without compromising computational efficiency.