Abstract: In response to the vulnerability issue arising from the distributed architecture and resource-constrained nature of internet of things (IoT) terminals, and the defects of the core bottlenecks of intrusion detection of IoT terminals in the resource-constrained scenarios that have not been systematically analyzed in the existing reviews. Firstly, the IoT three-tier architecture is analyzed to elucidate the causes of terminal resource constraints, explicitly identifying core challenges such as the scarcity of labeled data and class imbalance, insufficient terminal computing power, and limited storage resources. Secondly, this paper systematically reviews technical advancements over the past five years. It summarizes how class balancing and semi-supervised/unsupervised learning mitigate the scarcity of labeled samples, the breakthroughs of lightweight model design and training optimization algorithms in reducing computational demands, and the effectiveness of data dimensionality reduction and redundant feature removal technologies in memory optimization, while comparing the advantages and disadvantages of various methods. Future research directions, such as constructing realistic IoT-specific datasets and addressing class overlap issues are proposed, providing a reference for technological deepening and engineering implementation in this field.