A Hybrid Deep Learning Architecture for Network Security Situation Awareness and Pre-Alarm in Large-Scale Data Environments Using LSTM, Autoencoder, and GNN

Abstract

In the large-scale data environment, network security situational awareness (NSSA) often faces the problems of poor real-time performance and low early warning accuracy. Therefore, this article proposes an intelligent early warning model that integrates multi-source heterogeneous data. This model constructs a distributed processing architecture based on Spark+Flink, which integrates a hybrid analysis mechanism of long-term memory network (LSTM), self-encoder and graph neural network (GNN) to efficiently detect abnormal behaviors and infer attack paths. At the same time, a situation scoring mechanism with dynamic weight adjustment is designed, and a time decay suppression strategy is introduced to optimize the alarm output and reduce the false alarm rate. The experiment was conducted on CICIDS2017 public data set and a real log of a provincial government cloud, and evaluated by F1-score, AUC, response delay and effective alarm compression ratio. The results show that the F1-score of this model is 0.93 on CICIDS2017, which is significantly better than the traditional method. In the real government cloud environment, the system throughput is up to 183,000 pieces/second, the average response delay is controlled within 300ms, and the number of effective alarms is reduced by over 65%. This study verifies the feasibility and superiority of the proposed model in high concurrency scenarios, and provides a practical basis for building an intelligent and extensible network security defense system.

Author Biography

Xiaoxia Wang, School of Information and Network Security, Inner Mongolia Police College, Hohhot 010051, China

School of Information and Network Security

References

Boulkroune A, Hamel S, Zouari F, et al. Output‐Feedback Controller Based Projective Lag-Synchronization of Uncertain Chaotic Systems in the Presence of Input Nonlinearities. Mathematical Problems in Engineering, 2017, 2017(1): 8045803. https://doi.org/10.1155/2017/8045803

Boulkroune A, Zouari F, Boubellouta A. Adaptive fuzzy control for practical fixed-time synchronization of fractional-order chaotic systems. Journal of Vibration and Control, 2025: 10775463251320258. https://doi.org/10.1177/10775463251320258

Cai, X., Wu, C., & Sheng, J. (2021). Spectrum situation awareness based on time-series depth networks for LTE-R communication system. IEEE Transactions on Intelligent Transportation Systems, 23(7), 8629-8640.

Chen, J., & Miao, Y. (2021). Study on network security intrusion target detection method in big data environment. International Journal of Internet Protocol Technology, 14(4), 240-247.

DeValk, K., & Elmqvist, N. (2024). Riverside: A design study on visualization for situation awareness in cybersecurity. Information Visualization, 23(1), 40-66.

Huang, B., Yao, H., & Wu, Q. B. (2025). Prediction and evaluation of wireless network data transmission security risk based on machine learning. Wireless Networks, 31(1), 405-416.

Lan, X. (2021). Big data network security index correlation measure based on the fusion of modified two order cone programming model. International Journal of Internet Protocol Technology, 14(1), 16-22.

Li, G., Hong, B., & Hu, H. (2022). Risk management of island petrochemical park: Accident early warning model based on artificial neural network. Energies, 15(9), 3278.

Liu, D. (2020). Prediction of network security based on DS evidence theory. ETRI Journal, 42(5), 799-804.

Luo, X., Ma, Y., & Dang, X. (2024). Abnormal state warning system of network security management based on KD tree and KNN. Procedia Computer Science, 247, 1005-1011.

Ma, X. (2025). Research on network security situation awareness based on neural network. Procedia Computer Science, 261, 1165-1171.

Merazka L, Zouari F, Boulkroune A. High-gain observer-based adaptive fuzzy control for a class of multivariable nonlinear systems. 2017 6th International Conference on Systems and Control (ICSC). IEEE, 2017: 96-102. DOI: 10.1109/ICoSC.2017.7958728

Rigatos G, Abbaszadeh M, Sari B, et al. Nonlinear optimal control for a gas compressor driven by an induction motor. Results in Control and Optimization, 2023, 11: 100226. https://doi.org/10.1016/j.rico.2023.100226

Ullah, F., Turab, A., & Ullah, S. (2024). Enhanced network intrusion detection system for internet of things security using multimodal big data representation with transfer learning and game theory. Sensors, 24(13), 4152.

Wang, H. (2021). Big data security management countermeasures in the prevention and control of computer network crime. Journal of Global Information Management (JGIM), 30(7), 1-16.

Wang, L., & Jones, R. (2021). Big data analytics in cyber security: network traffic and attacks. Journal of Computer Information Systems, 61(5), 410-417.

Wang, Q., & Bu, S. (2020). Deep learning enhanced situation awareness for high renewable‐penetrated power systems with multiple data corruptions. IET Renewable Power Generation, 14(7), 1134-1142.

Wei, H., Zhao, X., & Shi, B. (2024). Research on neural networks in computer network security evaluation and prediction methods. International Journal of Knowledge-Based and Intelligent Engineering Systems, 28(3), 497-516.

Xie, B., Zhao, G., & Chao, M. (2020). A prediction model of cloud security situation based on evolutionary functional network. Peer-to-Peer Networking and Applications, 13(5), 1312-1326.

Yang, Y., & Zhao, P. (2024). Research on dung beetle optimization based stacked sparse autoencoder for network situation element extraction. IEEE Access, 12, 24014-24026.

Yu, Q., Ren, J., & Zhang, J. (2020). An immunology-inspired network security architecture. IEEE Wireless Communications, 27(5), 168-173.

Yu, Q. (2024). Network data privacy security aggregation method based on big data pattern decomposition. International Journal of Computer Applications in Technology, 74(1-2), 26-33.

Zhang, H., Kang, C., & Xiao, Y. (2021). Research on network security situation awareness based on the LSTM-DT model. Sensors, 21(14), 4788.

Zhang, J., Feng, H., & Liu, B. (2023). Survey of technology in network security situation awareness. Sensors, 23(5), 2608.

Zhang, R., Liu, M., & Yin, Y. (2020). Prediction algorithm for network security situation based on bp neural network optimized by sa-soa. International Journal of Performability Engineering, 16(8), 1171.

Zhang, Z., Ning, H., & Shi, F. (2022). Artificial intelligence in cyber security: research advances, challenges, and opportunities. Artificial Intelligence Review, 55(2), 1029-1053.

Zouari F, Saad K B, Benrejeb M. Robust neural adaptive control for a class of uncertain nonlinear complex dynamical multivariable systems[J]. International Review on Modelling and Simulations, 2012, 5(5): 2075-2103. https://www.scopus.com/pages/publications/84873265173

Authors

  • Xiaoxia Wang School of Information and Network Security, Inner Mongolia Police College, Hohhot 010051, China

DOI:

https://doi.org/10.31449/inf.v50i10.12390

Downloads

Published

03/18/2026

How to Cite

Wang, X. (2026). A Hybrid Deep Learning Architecture for Network Security Situation Awareness and Pre-Alarm in Large-Scale Data Environments Using LSTM, Autoencoder, and GNN. Informatica, 50(10). https://doi.org/10.31449/inf.v50i10.12390

Issue

Vol. 50 No. 10 (2026): Online-only issue

Section

Online-only

License

Authors retain copyright in their work. By submitting to and publishing with Informatica, authors grant the publisher (Slovene Society Informatika) the non-exclusive right to publish, reproduce, and distribute the article and to identify itself as the original publisher.

All articles are published under the Creative Commons Attribution license CC BY 3.0. Under this license, others may share and adapt the work for any purpose, provided appropriate credit is given and changes (if any) are indicated.

Authors may deposit and share the submitted version, accepted manuscript, and published version, provided the original publication in Informatica is properly cited.