HEAP-Guard: A hybrid energy-aware phishing detection framework based on risk and stability-aware reinforcement learning for IoT green clouds
摘要
The integration of Internet of Things (IoT) systems with green cloud infrastructures enhances scalability and energy efficiency but simultaneously increases exposure to adaptive phishing threats. Conventional signature-based and static supervised learning methods lack adaptability and fail to address the strict energy constraints of decentralized IoT deployments. To overcome these limitations, this paper proposes HEAP-Guard, a Hybrid Energy-Aware Phishing Detection framework built upon a Reinforcement Learning (RL) architecture augmented with Risk- and Energy-Aware optimization objectives. To enhance training stability, the proposed REA-TDX mechanism extends the RL backbone through twin critics, delayed policy updates, and conservative Bellman backups, ensuring robust and stable convergence. A hybrid execution–training architecture further enables lightweight deterministic inference at the network edge while preserving stability-enhanced policy learning within the cloud. Moreover, a FedAvg-driven collaborative training strategy allows distributed IoT nodes to jointly optimize shared policies without exchanging raw traffic data, thereby improving generalization capability and preserving privacy. Unlike static classifiers, HEAP-Guard produces continuous phishing confidence scores and jointly optimizes detection performance, operational risk, and energy consumption. Experimental results on the Bot-IoT dataset demonstrate that the proposed model achieves 99.32% ± 0.18 accuracy, with 97.9% precision, 97.3% recall, and 97.6% F1-score, outperforming classical Machine Learning, Deep Learning and baseline RL approaches. In addition, the framework reduces per-inference energy consumption by up to 38.7% compared to CNN baselines, operating at approximately 1.65 W in balanced edge mode, thereby confirming its suitability for energy-efficient IoT-enabled green cloud environments.