ADVANCED PERSISTENT THREATS IN IOT AND SMART INFRASTRUCTURE: A SURVEY OF DETECTION FRAMEWORKS AND CHALLENGES

Advanced Persistent Threats (APTs) represent a sophisticated and prolonged cyberattack strategy that poses a critical risk to the increasingly pervasive Internet of Things (IoT) and smart infrastructure systems. These environments, characterized by high interconnectivity, heterogeneous device configurations, and limited security capabilities, offer fertile ground for APT actors to infiltrate, persist, and exfiltrate sensitive data with minimal detection. This paper surveys the APT lifecycle within IoT and smart environments, highlighting phases that include data exfiltration, lateral movement, compromise, and reconnaissance, and investigates cutting-edge detection frameworks like hybrid, AI-driven, anomaly-based, and signature-based techniques. In addition, it provides an in-depth analysis of the core challenges impeding effective APT detection in IoT systems, such as device heterogeneity, resource constraints, encryption, lack of labeled datasets, privacy concerns, and legacy infrastructure integration. The study emphasizes the urgent need for lightweight, adaptive, and privacy-preserving detection systems designed to meet the particular limitations of IoT networks.