IoT systems face increasingly severe intrusion threats, yet existing detection models often fail to simultaneously achieve high accuracy and interpretability. This paper proposes a novel IoT intrusion detection framework based on Kolmogorov–Arnold Networks (KANs), which replace fixed nonlinear activation units with learnable, spline-based activation functions—thereby enhancing both representational capacity and structural interpretability. Evaluated on standard IoT benchmark datasets, KANs surpass traditional multilayer perceptrons (MLPs) in accuracy and F1-score, while matching the performance of strong tree-based baselines such as Random Forest and XGBoost. Crucially, KANs provide intrinsic, component-level functional visualizations—offering substantially greater transparency than black-box models. This work establishes a new paradigm for trustworthy IoT security analytics, unifying state-of-the-art detection performance with rigorous model interpretability.

The exponential growth of the Internet of Things (IoT) has led to the emergence of substantial security concerns, with IoT networks becoming the primary target for cyberattacks. This study examines the potential of Kolmogorov-Arnold Networks (KANs) as an alternative to conventional machine learning models for intrusion detection in IoT networks. The study demonstrates that KANs, which employ learnable activation functions, outperform traditional MLPs and achieve competitive accuracy compared to state-of-the-art models such as Random Forest and XGBoost, while offering superior interpretability for intrusion detection in IoT networks.