Given the scale expansion of the Internet of Things, the design of an Intrusion Detection System (IDS) is critical to protect the future network infrastructure from intrusions. Traditional IDS base their operations on Machine Learning (ML) models trained centrally in the cloud and then distributed across multiple end devices. However, this centralised approach often suffers from network overhead and high latency, thereby resulting in slow detection of malicious traffic and unresponsiveness to attacks in the worst case. The specific characteristics of large-scale IoT systems bring new design challenges that need to be carefully considered. This paper provides a comprehensive review of current IDS for IoT systems to shed light on these issues, focusing on the types of deployment architecture. We show how traditional practices are unsuitable for large-scale IoT systems due to their inherent characteristics. The current research for IoT intrusion detection will need to move in a different direction to develop an optimised solution for these types of networks.