GATransformer: A Network Threat Detection Method Based on Graph-Sequence Enhanced Transformer

Abstract

Emerging complex multi-step attacks such as Advanced Persistent Threats (APTs) pose significant risks to national economic development, security, and social stability. Effectively detecting these sophisticated threats is a critical challenge. While deep learning methods show promise in identifying unknown malicious behaviors, they often struggle with fragmented modal information, limited feature representation, and generalization. To address these limitations, we propose GATransformer, a new dual-modal detection method that integrates topological structure analysis with temporal sequence modeling. Its core lies in a cross-attention semantic fusion mechanism, which deeply integrates heterogeneous features and effectively mitigates the constraints of unimodal representations. GATransformer reconstructs network behavior representation via a parallel processing framework in which graph attention captures intricate spatial dependencies, and self-attention focuses on modeling long-range temporal correlations. Experimental results on the CIDDS-001 and CIDDS-002 datasets demonstrate the superior performance of our method compared to baseline methods with detection accuracies of 99.74% (nodes) and 88.28% (edges) on CIDDS-001 and 99.99% and 99.98% on CIDDS-002, respectively.

1. Introduction

The ongoing digital transformation and expansion of network infrastructure have led to a dramatic rise in the frequency, scale, and sophistication of Complex Multi-step Attacks (CMAs) [1,2]. Consequently, network threat detection has become a paramount challenge in the information age [3]. These attacks result in immense global economic damage, with annual losses projected to reach USD 10.5 trillion by 2025 [4]. Sophisticated CMAs like Advanced Persistent Threats (APTs)—often fueled by zero-day exploits—threaten not only economic development but also national security and social stability [5,6]. Their targeted, stealthy, and highly professional nature makes them exceptionally difficult to detect.

Traditional network threat detection primarily relies on rule-based intrusion detection and signature matching techniques [7,8]. These conventional methods typically depend on known attack signatures or patterns, thus rendering them ineffective in identifying emerging threats such as Advanced Persistent Threats (APTs), which are dominated by zero-day attacks and characterized by high targeting, high concealment, and high professionalism. When confronted with complex attacks like Complex Multi-step Attacks (CMAs), traditional approaches, on one hand, struggle to detect unknown threats through rule-based intrusion detection methods; on the other hand, they fail to effectively correlate temporally and spatially sparse key attack steps, making it impossible to construct a complete attack chain view. Meanwhile, in recent years, deep learning models such as Convolutional Neural Networks (CNNs), Recurrent Neural Networks (RNNs), and Graph Neural Networks (GNNs) have demonstrated strong capabilities in network traffic analysis, malware detection, and abnormal behavior identification [9,10,11]. A large number of methods based on deep learning, data mining, and artificial intelligence have emerged in the field of network security detection [12,13], providing crucial technical support for building intelligent security defense systems. Recent advancements in data-driven attack detection have shown promising results across various critical infrastructure domains. Notably, Wang et al. proposed a data-driven framework for detecting false data injection attacks in DC microgrids using subspace identification methods, which directly constructs detection systems from process data without explicit system modeling [14]. While such approaches demonstrate effectiveness in power system security, they exhibit fundamental limitations when applied to general network threat detection scenarios, including reliance on well-defined physical dynamics, assumption of stable system behaviors, and focus on single-modal sensor data rather than multi-modal information integration.

However, existing deep learning methods still have significant limitations in network threat detection. The primary issue is fragmented modal information: mainstream approaches either simplify network behaviors into time-series modeling—completely ignoring the rich entity relationship information in network topology—or focus solely on graph structure analysis, lacking an in-depth understanding of the temporal evolution process of attacks. This unimodal modeling strategy leads to a substantial loss of critical semantic information and serves as a core bottleneck restricting detection accuracy [15]. Most existing data-driven approaches either employ purely sequential modeling that ignores network topology, utilize graph-based methods that overlook temporal dynamics, or apply AI-based detection techniques without theoretical foundations for multi-modal information fusion. Crucially, these approaches fail to address the fundamental challenge of semantic fragmentation across different information modalities, which is a critical requirement for detecting sophisticated multi-stage attacks. Unlike domain-specific data-driven methods that operate within controlled physical environments, network threat detection requires principled mechanisms for integrating heterogeneous information sources without assuming underlying physical constraints. The second issue is insufficient feature representation capability: feature extraction and selection are crucial, yet effectively identifying features useful for anomaly detection remains a challenging task. Inappropriate feature extraction and selection can degrade model performance. Network attacks often exhibit complex multi-stage and multi-entity collaborative patterns, which simple feature engineering and traditional machine learning methods struggle to capture due to their high-dimensional and nonlinear nature [16]. Existing multimodal fusion methods are primarily categorized into the following three types: early fusion integrates information from different modalities via feature-level concatenation but tends to cause the curse of dimensionality and semantic mismatch; late fusion adopts decision-level integration, preserving modality-specificity while ignoring inter-modal interactions; intermediate fusion uses attention mechanisms for feature weighting, yet existing methods mostly rely on simple attention weight allocation and lack in-depth understanding of the semantic gap in heterogeneous information [17,18]. The third issue is limited generalization capability: existing models are often optimized for specific types of attacks or datasets, and their performance tends to be poor when confronted with new attack variants or cross-domain deployments [3].

In response to the fundamental limitations of existing methodologies and the specific gaps identified in current data-driven approaches, this paper introduces GATransformer, which pioneers multi-modal semantic integration for network threat detection. Unlike existing data-driven methods that operate on single information modalities or require domain-specific physical constraints, our approach establishes a mathematically rigorous dual-pathway information processing framework that addresses semantic integration across heterogeneous information types without assuming underlying system dynamics. First, to address the semantic fragmentation inherent in traditional unimodal approaches, we establish a dual-pathway information processing framework that employs complementary computational channels for topological dependency extraction and temporal evolution modeling. This architecture transcends conventional processing limitations by implementing synergistic information synthesis, ensuring complete semantic preservation across multiple representational dimensions. Secondly, to overcome the representational inadequacies in capturing complex multi-stage attack semantics, we formulate an advanced attention-driven integration mechanism. Through cross-modal semantic bridging, this framework achieves deep-level feature synthesis that fully exploits structural relationship semantics while preserving temporal evolution integrity. Finally, to enhance cross-domain generalizability and adaptive resilience, we introduce a unified multi-objective optimization paradigm. Through joint optimization of hierarchical classification tasks and predictive modeling objectives, the architecture significantly improves adaptability and robustness via knowledge transfer dynamics and complementary learning mechanisms. This multi-dimensional theoretical integration fundamentally overcomes traditional methodological constraints, establishing a comprehensive solution framework for network threat detection.

The main technical contributions and innovations include the following:

(1)

Graph-Sequence Enhanced Transformer Architecture (GATransformer): On the CIDDS-001 dataset, the model achieved 99.74% accuracy in node attack detection and 88.28% accuracy in edge attack detection. On the CIDDS-002 dataset, the model achieved 99.99% accuracy in node attack detection and 99.98% accuracy in edge attack detection. Experiments show that compared to using GAT alone (edge classification accuracy of 86.77%) or Transformer alone (edge classification accuracy of 87.45%), our hybrid architecture improved edge classification accuracy to 88.28% on the CIDDS-001 dataset, verifying the complementarity of the two information carriers and the full utilization of original semantic information.

(2)

Cross-Attention Feature Fusion Mechanism: An innovative cross-attention fusion strategy was designed to deeply integrate graph features and sequence features, fundamentally resolving the problem of fragmented modal information in traditional methods.

(3)

Multi-Level Data Processing and Multi-Task Learning Framework: A preprocessing strategy combining adaptive traffic normalization and multi-dimensional feature fusion was constructed. A dynamic time window graph construction mechanism was adopted to support real-time threat detection, and a unified multi-task learning framework was designed to achieve anomaly detection at multiple levels.

2. Related Work

In the digital era, network detection based on network traffic has become a core indicator for assessing the health status of network operations, and the importance of anomaly detection is increasingly prominent. In the face of increasingly intelligent and complex cyberattack techniques, traditional detection methods based on rule matching and shallow machine learning are no longer sufficient to meet the needs of cybersecurity defense due to their limitations in feature extraction depth and generalization capability. Deep learning, with its powerful nonlinear modeling ability and automated feature learning mechanism, breaks through the technical bottlenecks of traditional methods and has become a research hotspot in the field of malicious traffic detection. Current research mainly focuses on innovative applications of deep learning models, including the use of recurrent neural networks (RNNs) in traffic feature extraction and anomaly pattern recognition, as well as the integration of new techniques such as graph attention mechanisms. To address the dependency of deep learning models on large amounts of labeled data, strategies such as adversarial sample generation and unsupervised learning are used to enhance generalization. In addition, to improve the accuracy and efficiency of anomaly detection models, methods such as ensemble learning and hybrid model construction are being continuously explored.

Deep learning-based traffic anomaly analysis and detection mainly rely on deep models to automatically learn complex features from traffic data and identify anomalous patterns. Convolutional Neural Networks (CNNs) can effectively capture potential attack patterns in serialized network traffic [12,13], and extract key features such as packet length and inter-packet intervals from traffic data. By constructing multi-layer convolution and pooling structures, CNNs obtain high-level feature representations. Yin Zinuo et al. proposed an anomaly traffic detection framework combining CNN and LSTM networks [19], which deeply mines the spatiotemporal features of traffic data by leveraging CNN’s feature extraction and LSTM’s time series analysis. The framework achieved accuracy as high as 98.8%, with recognition rates for most attack types exceeding 99.5%. Hooshmand et al. proposed a model based on a one-dimensional CNN architecture [20], which divides network traffic data into three categories: TCP, UDP, and other protocols, and processes each category independently. This model performed well in terms of recall and F1-score when handling separate categories but performed poorly in precision. RNNs can capture the temporal dependencies in sequence data. Yuan et al. designed a recursive Deep Neural Network (DNN) capable of effectively learning DDoS attack patterns from network traffic sequences [21], thus enabling tracking of cyberattack activities. The DNN showed significantly reduced error rates on larger-scale datasets, verifying its superiority and effectiveness in learning network traffic patterns and tracing attack behaviors. Li et al. proposed a Bidirectional Independently Recurrent Neural Network (BiIndRNN) with parallel computation and adjustable gradients [22]. This model extracts bidirectional structural features of network traffic through forward and backward inputs and captures spatial correlations in data flows. In addition, graph attention mechanisms have also been applied to network traffic analysis. By constructing graph structures to characterize relationships between nodes, detection accuracy can be improved [23].

Existing deep learning models typically rely on large amounts of labeled data for training, which reduces their flexibility in real-world applications. To address this issue, some researchers have proposed integrating adversarial sample generation techniques to enhance dataset diversity and thereby improve the generalization capability of models. This strategy not only increases detection accuracy but also enhances the model’s adaptability to unknown attacks. In traffic anomaly detection, autoencoders can learn the feature representation of normal traffic and identify anomalies by comparing the reconstruction error between anomalous and normal traffic. Qu et al. proposed a network data contrastive representation method called CRND, which is based on contrastive learning and can train high-performance models without label information [24]. Regarding the lack of interpretability in deep learning models for anomaly traffic detection, the IDEAL framework integrates an interpretability supervision mechanism to make the model decision process more transparent and trustworthy [25]. This method uses security rules from the Snort firewall to automatically generate annotation information, reducing the workload of manual labeling. Semi-supervised learning methods can efficiently identify malicious traffic even with only a small amount of labeled data by jointly modeling the multimodal characteristics of traffic [26].

To further improve the accuracy and efficiency of traffic anomaly detection, researchers have considered combining different deep learning models to form hybrid approaches. Yao et al. proposed an AMI intrusion detection model based on CNN and LSTM networks [27], which integrates the global feature extraction capability of CNN and the periodic feature memory function of LSTM. In addition, decision trees and their ensemble learning methods, by incorporating information entropy theory and the Proximal Policy Optimization (PPO) algorithm, can effectively enhance detection accuracy [28]. Furthermore, random forest and Extreme Gradient Boosting (XGBoost) have also been used to construct efficient malicious traffic detection frameworks, showing excellent performance, especially when dealing with concept drift problems [29].

In certain specific scenarios, such as the Internet of Things (IoT) environments or industrial control systems, lightweight design has become a hotspot due to resource constraints of devices. The LightGuard model significantly reduces computational overhead while maintaining detection performance by introducing lightweight residual block modules [30]. It simplifies the classifier structure using global average pooling and pointwise convolution [31]. For emerging threats like zero-day attacks, existing models often perform poorly. In response, a method named CDDA-MD, which integrates concept drift detection and adaptive mechanisms, has been proposed. It can update model parameters in real time to cope with the impact of concept drift [32].

Despite the significant progress achieved, there is still considerable room for improvement in the current accuracy of traffic monitoring. On the one hand, network traffic data is high-dimensional, dynamic, and noisy. Some complex attack features are easily overwhelmed by massive normal traffic, resulting in high false positive and false negative rates. On the other hand, new types of attack techniques—such as low-rate attacks—are constantly emerging. Existing models struggle to quickly learn their feature patterns, and their cross-scenario generalization capabilities are weak, making it difficult to achieve high-precision detection in real-world complex network environments. These problems urgently need to be addressed through more efficient feature engineering and multimodal data fusion technologies.

3. Proposed Methodology

Network threat detection has long faced the fundamental challenge of fragmented modal information. Existing methods simplify network behavior into time series modeling, completely ignoring the entity relationships embedded in network topology. Others analyze entity relationships only from the perspective of graph structure, lacking a deep understanding of the temporal evolution of attacks. This unimodal modeling leads to significant loss of important semantic information and is the core bottleneck preventing further improvement in threat detection accuracy.

This paper proposes a neural network architecture named GATransformer, as shown in Figure 1. The architecture adopts a dual-stream parallel processing strategy that fully leverages the complementary advantages of graph neural networks and sequence modeling. The system first performs user behavior encoding and temporal feature encoding on the CIDDS dataset through a multi-layer data preprocessing module and then inputs the results into the GAT branch and the Transformer branch for feature extraction, respectively. The GAT branch, through components such as high-dimensional projection, graph attention mechanism, layer normalization, and residual connections, effectively captures spatial dependencies in the network topology. The Transformer branch utilizes modules including positional encoding, masked multi-head attention, and feedforward networks to deeply mine long-term dependency patterns in the time series. The features extracted by the two branches are deeply fused through a cross-attention mechanism and are finally fed into a multi-task learning head to simultaneously perform multiple anomaly detection tasks such as node classification and edge classification. The core advantage of this architecture lies in its ability to handle both graph-structured and sequential data simultaneously, enabling the model to understand topological relationships between nodes while also capturing temporal dependencies in the sequence.

3.1. Multi-Level Data Preprocessing and Feature Engineering Strategy

3.1.1. Adaptive Traffic Normalization and Encoding Mechanism

Network security traffic data is characterized by diverse formats and noise interference. To address this issue, this study designed a hierarchical traffic standardization processing framework. First, through in-depth analysis of network behavior traffic characteristics, a semantic encoding strategy centered on user behavior patterns was constructed. This method extracts traffic features from multiple dimensions, including IP addresses, transport protocols, and port numbers, converting heterogeneous traffic data into structured vector representations. Original labels are numerically encoded, converting string labels such as “normal” “attacker” and “victim” into integer representations. Protocol types are also mapped to corresponding numerical values to ensure that subsequent machine learning models can effectively process classification information. To address the common issue of irregular numerical formats in network traffic data, an adaptive numerical parsing algorithm was designed. This algorithm intelligently identifies and converts numerical strings with units, such as “10K” and “1.5M”, using regular expression matching and a unit mapping dictionary to achieve accurate numerical restoration.

In terms of time feature encoding, statistical analysis of historical traffic data reveals that scanning-type attacks conducted by attackers usually have short durations and high operational intensity, whereas normal business activities have longer time spans and relatively even distribution. Based on this pattern, a multi-granularity time feature encoding scheme is designed. The time feature encoding function is defined as:

$$T_{\mathrm{encode}}(t)=\left\{\begin{array}{l}0,\hspace{1em}if\cdot t\le {\tau }_1,\hfill \\ 1,\hspace{1em}if\cdot {\tau }_1<t\le {\tau }_2,\hfill \\ 2,\hspace{1em}if\cdot {\tau }_2<t\le {\tau }_3,\hfill \\ 3,\hspace{1em}if\cdot t>{\tau }_3.\hfill \end{array}\right.$$

(1)

Among them ${\tau }_1$, ${\tau }_2$, ${\tau }_3$ and respectively represent the thresholds for short, medium, and longtime intervals. The continuous time intervals are discretized into four levels, effectively preserving the relative relationships of temporal information and facilitating the subsequent sequence modeling process.

3.1.2. Multi-Dimensional Feature Fusion and Anomaly Pattern Recognition

Operation status codes, as important indicators reflecting system execution results, contain rich security-related semantic information. Through statistical analysis of the distribution of status codes in many security events, it is observed that the success rate of normal user behavior is generally high, whereas attack behaviors—due to being blocked by security protection mechanisms—often result in a higher frequency of failure status codes. Based on this pattern, a status feature vector $S={[s_{success},s_{failure},s_{error}]}^T$ is constructed, each component of the vector represents the normalized frequency of successful execution states, operation failure states, and critical system error states. Differentiating by status codes enables effective capture of abnormal patterns in the operation execution process. Meanwhile, for the textual description fields of attack behaviors, a pattern-matching-based attack tool identification strategy is designed. By constructing an attack tool keyword dictionary, when the system detects that a specific tool identifier is present in the attack description, it further extracts detailed configuration information of the tool, providing important auxiliary information for threat identification.

3.2. Construction of Network Traffic Graph Structure and Topology Modeling

3.2.1. IP Entity Node Feature Extraction and Representation Learning

In this paper, IP address entities in the network environment are treated as nodes in a graph, with each IP node carrying the comprehensive network behavior features of the corresponding entity. The node feature extraction process is divided into two stages: IP address feature encoding and traffic statistical feature construction. The IP address feature encoding parses an IPv4 address into four octets and extracts features such as network type, subnet characteristics, and address pattern semantics—including identification of private networks, loopback address detection, multicast address recognition, and other semantic information. The IP address feature vector $f_{IP}$ is defined as:

$$f_{IP}=[o,n,s,p]$$

(2)

where $o=[o_1,o_2,o_3,o_4]$ represents the four octets, $n$ denotes the network type feature vector, $s$ denotes the subnet feature vector, and $p$ denotes the address pattern feature vector. Traffic statistical feature construction is based on the aggregation of all network traffic involving the IP, including multi-dimensional metrics such as total packet count, total byte count, number of flows, average duration, in-degree and out-degree statistics, and protocol distribution ratios.

For each IP node, the system separately counts its traffic characteristics as both source and destination addresses, including the number of outbound and inbound packets, byte statistics, and protocol distribution. To capture abnormal behavior patterns, the number of unique destination ports and source ports accessed by the IP is further extracted. These metrics help in identifying attack behaviors such as port scanning and service enumeration. The comprehensive node feature vector $h_{\nu }^{(0)}$ is constructed as follows:

$$h_{\nu }^{(0)}=\mathrm{Concat}[f_{IP}(v),f_{traffic}(v),f_{behavior}(v)]$$

(3)

where $f_{traffic}(v)$ represents the traffic statistical features of node $v$, and $f_{behavior}(v)$ denotes behavior anomaly indicators.

3.2.2. Edge Relationship Modeling and Spatiotemporal Feature Construction

Edges in the graph represent network traffic connections, where each network flow corresponds to a directed edge connecting the source IP node and the destination IP node. Edge feature extraction covers four dimensions: basic traffic features, protocol features, port features, and temporal features. Basic traffic features include core indicators such as flow duration, number of packets, number of bytes, number of flows, and service type. Protocol features are represented using one-hot encoding for different protocol types such as TCP, UDP, and ICMP. Port features are encoded separately for source and destination ports, including port type classification (well-known ports, registered ports, dynamic ports), identification of common service ports, and normalization of port values. Temporal features record the timestamp information of traffic occurrences, providing support for subsequent time series analysis. Through this multi-dimensional edge feature representation, the system can comprehensively characterize the patterns of network traffic and provide rich information for anomaly detection.

3.2.3. Dynamic Time Window Graph Construction Mechanism

To support real-time threat detection and large-scale data processing, an efficient dynamic graph construction mechanism is designed. This mechanism adopts a sliding window strategy to determine whether each time window contains an attack, while maintaining the timeliness of the graph through incremental updates. During the dynamic time graph construction process, start and end timestamps are set for each segment of network traffic. A fixed-size sliding window mechanism is used to construct a small graph from the flows within each window segment. This facilitates the dynamic modeling of attack behaviors as they evolve over time. The sliding window function is defined as:

$$W_t=\left\{f_i\right|t-\Delta T\le timestamp(f_i)<t\}$$

(4)

where $W_t$ represents the window at time $t$, $\Delta T$ is the window size, $f_i$ is the $i$-th network flow, and $timestamp(f_i)$ is the timestamp of the flow. Based on the previously extracted multi-dimensional features, further processing is conducted to construct a complete graph. Specifically, all IP addresses are used to build node features, each flow is traversed to construct edge features, and feature standardization is performed accordingly.

3.3. GATransformer Architecture Design

3.3.1. Parallel Dual-Channel Fusion Architecture Design

The GATransformer architecture adopts a parallel dual-channel design concept, consisting of three core components: the graph structure encoding channel, the sequence encoding channel, and the feature fusion module. The graph structure encoding channel focuses on extracting structural features from the network topology; the sequence encoding channel is dedicated to handling the temporal dependencies of activity sequences; and the feature fusion module integrates the outputs of the two channels to generate a comprehensive threat feature representation. In the sequence encoding channel, nodes are first sorted by degree to construct a node sequence, and a positional encoding mechanism is applied to preserve the sequential information. The design of positional encoding is particularly important in network security applications, as attack behaviors often exhibit distinct stages and order. With positional encoding, the model can learn the characteristic patterns of different stages in attack sequences—such as reconnaissance, infiltration, and persistence—thereby significantly improving threat detection accuracy. The sequence encoding channel adopts a multi-layer Transformer structure, modeling dependencies between any positions in the sequence through the self-attention mechanism. The positional encoding uses sine and cosine functions, defined as:

$$P{E}_{(pos,2i)}=sin\left({\displaystyle \frac{pos}{{10000}^{\frac{2i}{d_{model}}}}}\right)$$

(5)

$$P{E}_{(pos,2i+1)}=\cos \left({\displaystyle \frac{pos}{{10000}^{\frac{2i}{d_{model}}}}}\right)$$

(6)

where $pos$ represents the position, $i$ denotes the feature dimension, and $model$ is the model dimension. The multi-head attention mechanism enables the model to learn sequence dependencies from different representational subspaces.

3.3.2. Graph Attention Network Enhancement Mechanism

The graph structure encoding channel adopts the Graph Attention Network (GAT) mechanism, which can adaptively learn the importance weights between nodes in the graph. GAT calculates node importance through attention coefficients:

$$h_i^{(l+1)}=\sigma \left({\displaystyle \sum _{j\in \mathcal{N}(i)}{\alpha }_{ij}^{(l)}}{W}^{(l)}{h}_j^{(l)}\right)$$

(7)

where $h_i^{(l)}$ represents the feature of node $i$ at layer $l$, ${\alpha }_{ij}^{(l)}$ is the attention weight, $\mathcal{N}(i)$ denotes the neighborhood of node $i$, and $W^{(l)}$ is the learnable weight matrix. The attention coefficients are computed based on the correlation between node features:

$${\alpha }_{ij}^{(l)}={\displaystyle \frac{exp\left(\mathrm{LeakyReLU}\left(a^T[W^{(l)}{h}_i^{(l)}\Vert W^{(l)}{h}_j^{(l)}]\right)\right)}{{\Sigma }_{k\in \mathcal{N}(i)\cup \left\{i\right\}}^{\Sigma \left(\mathrm{LeakyReLU}\left(a^T[W^{(l)}{h}_i^{(l)}\Vert W^{(l)}{h}_k^{(l)}]\right)\right)}exp}}$$

(8)

where $a$ is a learnable attention parameter vector, and $\left|\right|$ denotes the feature concatenation operation. Compared with traditional Graph Convolutional Networks (GCNs), the attention mechanism enables the model to dynamically focus on the most relevant neighboring nodes, enhancing its representation capacity and generalization performance.

The original 32-dimensional node features are projected into a unified 256-dimensional hidden space through feature projection, and the original 20-dimensional edge features are also projected into the same 256-dimensional hidden space. Subsequently, a layer GAT is applied. Each layer includes information from all paths between a node and its neighbors, allowing the model to perceive increasingly distant neighboring nodes and thus model more complex structural dependencies within the graph. This enables the detection of more sophisticated propagation patterns, attack paths, and behavioral contexts. Each layer’s output is stabilized with LayerNorm, and residual connections are used to alleviate gradient vanishing and degradation problems in deep models.

3.3.3. Cross-Attention Feature Fusion Strategy

The effective fusion of sequence features and graph features is a key technical challenge in the graph-sequence enhanced architecture. This paper designs a cross-attention feature fusion strategy to deeply integrate sequence and graph features. The cross-attention mechanism is defined as:

$$\mathrm{CrossAttention}(Q,K,V)=\mathrm{softmax}\left({\displaystyle \frac{Q{K}^T}{\sqrt{d_k}}}\right)V$$

(9)

where $Q$ comes from the graph structure features output by GAT, and $K$ and $V$ come from the sequence features encoded by the Transformer. Through this mechanism, GAT and Transformer process the same set of node features in parallel, extracting structural information and temporal sequence information, respectively. To address the problem that GAT may overlook structural information from distant nodes, and to better attend to node information in the Transformer, the cross-attention mechanism integrates features through the interaction of the query and key-value matrices. The Transformer features obtained through cross-attention are concatenated with the structural features extracted by GAT to form a fused high-dimensional feature vector. This fused vector simultaneously captures neighborhood structural information and global semantic sequence behavior of the node. To avoid the high computational cost associated with high-dimensional feature vectors, a two-layer MLP is used for feature transformation and compression. A nonlinear activation function (ReLU) is applied to achieve nonlinear fusion, learning complex nonlinear combinations among features, and finally mapping them into the predictive representation space.

The proposed cross-attention mechanism facilitates heterogeneous feature integration through a multi-head attention architecture, wherein graph-structured representations serve as queries and sequential embeddings function as both keys and values. The node sequence construction employs a topology-aware ranking strategy based on degree centrality metrics, ensuring that nodes with higher connectivity degrees maintain precedence in the sequential ordering. The feature integration pipeline executes concatenation-based fusion of graph embeddings with cross-modal attention outputs, subsequently processed through a dual-stage multilayer perceptron transformation:

$$H_{fused}=MLP([H_{graph};\mathrm{CrossAttn}(H_{graph},H_{seq},H_{seq})])$$

(10)

where the MLP architecture implements a bottleneck design with intermediate dimensionality reduction: $\mathrm{Linear}(2d\to d)\to \mathrm{ReLU}\to \mathrm{Dropout}(0.1)\to \mathrm{Linear}(d\to d)$, with $d$ denoting the latent feature dimensionality. This architectural design enables the extraction of complementary structural dependencies from the GAT component while preserving temporal sequential patterns from the Transformer encoder.

Algorithm 1 implements our new cross-attention fusion mechanism that systematically integrates heterogeneous graph structural information with temporal sequence patterns. Unlike traditional concatenation-based fusion approaches, our cross-attention mechanism allows the model to selectively focus on the most relevant structural features when processing temporal dependencies, thereby preserving both local topological relationships and global behavioral patterns.

Algorithm 1 Cross-Attention Feature Fusion

Require: Graph features $H_G\in {ℝ}^{N\times d}$, Sequence features $H_T\in {ℝ}^{N\times d}$ Require: Multi-head attention parameters $W_Q,W_K,W_V$ Require: Fusion projection layers $ML{P}_{fusion}$ Ensure: Fused node representations $H_{fused}\in {ℝ}^{N\times d}$

1: procedure CROSS_ATTENTION_FUSION($H_G,H_T$) 2: //Prepare queries, keys, values for cross-attention 3: $Q_{graph}\leftarrow H_G\times W_Q$ {Graph features as queries} 4: $K_{seq}\leftarrow H_T\times W_K${Sequence features as keys} 5: $V_{seq}\leftarrow H_T\times W_V$ {Sequence features as values} 6: //Multi-head attention computation 7: for h = 1 to num_heads do 8:          $Q_h\leftarrow Q_{graph}[:,(h-1)\times d_h:h\times d_h]$ 9:          $K_h\leftarrow K_{seq}[:,(h-1)\times d_h:h\times d_h]$ 10:        $V_h\leftarrow V_{seq}[:,(h-1)\times d_h:h\times d_h]$ 11:       //Attention scores computation 12:        $A_h\leftarrow softmax\left({\displaystyle \frac{Q_h\times K_h^T}{\sqrt{d_h}}}\right)$ 13:       //Weighted value aggregation 14:       $O_h\leftarrow A_h\times V_h$ 15: end for 16: //Concatenate multi-head outputs 17: $H_{cross}\leftarrow concat(O_1,O_2,\dots ,O_H)\times W_O$ 18: //Feature fusion through MLP 19: $H_{concat}\leftarrow concat(H_G,H_{cross})\{[N\times 2d]\}$ 20: $H_{fused}\leftarrow ML{P}_{fusion}(H_{concat})\left\{\right|N\times d\left|\right\}$ 21: return $H_{fused}$ 22: end procedure

Algorithm 2 presents our dynamic time window graph construction strategy, which enables real-time threat detection while maintaining computational efficiency. The sliding window approach ensures temporal locality preservation, allowing the system to capture evolving attack patterns across different time scales. The multi-level feature extraction process (lines 23–27 and 30–36) creates comprehensive node and edge representations that incorporate both network topology characteristics and traffic statistical properties, providing rich semantic information for subsequent anomaly detection tasks.

Algorithm 2 Dynamic Time Window Graph Construction

Require: Network flows $\mathcal{F}=\{f_1,f_2,\dots ,f_M\}$, Time window size $W$ Require: Feature extractors ${\varphi }_{node}$,${\varphi }_{edge}$ Ensure: Temporal graph sequence $\mathcal{G}=\{G_1,G_2,\dots ,G_T\}$

1: procedure BUILD_TEMPORAL_GRAPHS($\mathcal{F}$,$W$) 2: $\mathcal{G}\leftarrow \varnothing$ {Initialize graph sequence} 3: $t_{min}\leftarrow min\{timestamp(f_i)\mid f_i\in \mathcal{F}\}$ 4: $t_{max}\leftarrow max\{timestamp(f_i)\mid f_i\in \mathcal{F}\}$ 5: $t_{current}\leftarrow t_{min}$ 6: window id$\leftarrow$1 7: while $t_{current}<t_{max}$ do/ 8:       $t_{end}\leftarrow t_{current}+W$ 9:       ${\mathcal{F}}_{window}\leftarrow \{f_i\in \mathcal{F}\mid t_{current}\le timestamp(f_i)<t_{end}\}$ 10:            if ${\mathcal{F}}_{window}\ne \varnothing$ then 11:                 $\mathcal{V}\leftarrow U\{src\_ip(f),dst\_ip(f)\mid f\in {\mathcal{F}}_{\mathrm{window}}\}$ 12:                 $ip\_to\_id\leftarrow CREATE\_MAPPING(\mathcal{V})$ 13:                  $X\leftarrow []$ 14:                 for each $ip\in \mathcal{V}$ do 15:                      $flows\_ip\leftarrow \{f\in {\mathcal{F}}_{window}\mid src\_ip(f)=ip\vee dst\_ip(f)=ip\}$ 16:                      $x_{ip}\leftarrow {\varphi }_{node}(ip,flows\_ip)$ {Extract IP and traffic features} 17:                      $X\leftarrow XU\left\{x_{ip}\right\}$ 18:                  end for 19:                  $\mathcal{E}\leftarrow [],A\leftarrow []$ 20:                  for each $f\in {\mathcal{F}}_{window}$ do 21:                      $src\_id\leftarrow ip\_to\_id[src\_ip(f)]$ 22:                      $dst\_id\leftarrow ip\_to\_id[dst\_ip(f)]$ 23:                      $\mathcal{E}\leftarrow \mathcal{E}U\{(src\_id,dst\_id)\}$ 24:                      $a_f\leftarrow {\varphi }_{\mathrm{edge}}(f)$ {Extract flow features} 25:                      $A\leftarrow AU\left\{a_f\right\}$ 26:                  end for 27:                  $Y_{nodes}\leftarrow COMPUTE\_NODE\_LABELS(V,F_{window})$ 28:                  $Y_{edges}\leftarrow COMPUTE\_NODE\_LABELS(F_{window})$ 29:                  $y_{graph}\leftarrow any(Y_{edges})$ {Graph-level anomaly} 30:                  $G_t\leftarrow (X,\mathcal{E},A,Y_{nodes},Y_{edges},y_{graph},window\_id)$ 31:                  $\mathcal{G}\leftarrow \mathcal{G}U\left\{G_t\right\}$ 32:              end if 33:              $t_{current}\leftarrow t_{end}$ 34:              $window\_id\leftarrow window\_id+1$ 35:     end while 36:     return $\mathcal{G}$ 37:     end procedure

The algorithmic complexity analysis reveals that our approach scales efficiently: Algorithm 1 has O(N²d) complexity for the cross-attention computation, while Algorithm 2 operates in O(MW) time where M is the number of flows and W is the window size. This computational efficiency, combined with the incremental graph construction mechanism, makes our approach suitable for real-time network monitoring scenarios.

3.4. Multi-Task Learning Framework and Loss Function Optimization

The fused features in the GATransformer architecture simultaneously support these prediction tasks: node classification, edge classification and sequence prediction, achieving unified multi-level anomaly detection. Node classification identifies abnormal hosts and devices in the network. Edge classification detects abnormal network traffic. Sequence prediction forecasts the network behavior pattern at the next step. Each task is equipped with a dedicated prediction head, and they share the underlying feature representations to enable knowledge transfer and complementary learning. The objective function for multi-task learning is defined as:

$${\mathcal{L}}_{total}={\displaystyle \sum _{i=1}^3{\lambda }_i}{\mathcal{L}}_i$$

(11)

where ${\mathcal{L}}_i$ represents the loss function of the $i$-th task, and ${\lambda }_i$ is the corresponding weight coefficient. For classification tasks, cross-entropy loss is used:

$${\mathcal{L}}_{cls}=-{\displaystyle \frac{1}{N}}{\displaystyle \sum _{i=1}^N{\displaystyle \sum _{j=1}^C{y}_{ij}}}\log (p_{ij})$$

(12)

where $N$ is the number of samples, $C$ is the number of classes, $y_{ij}$ is the true label, and $p_{ij}$ is the predicted probability. For sequence prediction tasks, the mean squared error loss is used:

$${\mathcal{L}}_{seq}={\displaystyle \frac{1}{N}}{\displaystyle \sum _{i=1}^N\Vert y_i-{\widehat{y}}_i{\Vert }^2}$$

(13)

Additionally, the weight allocation strategy implements hierarchical task prioritization with primary classification objectives receiving unit weights (1.0) and sequence prediction assigned reduced weighting (0.01) for regularization. The sequence loss incorporates stabilization mechanisms show as Formula (14), resulting in the composite objective Formula (15).

The multi-task learning paradigm employs a hierarchical task prioritization framework predicated on domain-specific importance weighting and gradient stabilization constraints. Primary classification objectives (node-level and edge-level anomaly detection) receive unit weighting coefficients (1.0), reflecting their direct correspondence to threat detection efficacy. Graph-level classification maintains equivalent weighting to enforce global topological constraints. The auxiliary sequence prediction task operates under substantially reduced weighting (0.01) to provide regularization while mitigating gradient instability phenomena. The sequence prediction loss incorporates dual-stage numerical stabilization through hyperbolic tangent activation bounds and clipping operations:

$${\mathcal{L}}_{seq}=\mathrm{MSE}(\tanh ({\widehat{y}}_{seq}),\mathrm{clamp}(y_{seq},-1,1))\times 0.1$$

(14)

The composite objective function integrates all task-specific losses through weighted summation:

$${\mathcal{L}}_{total}=1.0\cdot {\mathcal{L}}_{node}+1.0\cdot {\mathcal{L}}_{edge}+0.01\cdot {\mathcal{L}}_{seq}$$

(15)

This formulation ensures optimal convergence toward primary detection objectives while maintaining numerical stability throughout the training process via auxiliary task regularization.

3.5. Vulnerable Asset Correlation and Threat Attribution Mechanism

Building upon abnormal traffic detection, this paper further establishes a correlation mechanism between active/passive traffic and vulnerable assets. By analyzing the source and destination addresses of abnormal traffic, port scanning patterns, and attack payload characteristics, combined with network topology information and an asset fingerprint database, the system can accurately locate network assets with security vulnerabilities. Active traffic analysis focuses on abnormal outbound behavior originating from the internal network, which often indicates that a compromised host is engaged in data exfiltration or command-and-control communication. Passive traffic analysis targets scanning and penetration attempts from external attackers. By examining the target ports, service versions, and vulnerability exploitation characteristics in the attack payload, the system can identify vulnerable assets in the network that match the exploited weaknesses. This correlation mechanism not only establishes a complete analytical chain from network traffic anomaly detection to precise vulnerable asset localization but also provides accurate guidance for subsequent vulnerability remediation and security reinforcement, significantly enhancing the relevance and effectiveness of cybersecurity defense.

4. Experiment and Evaluation

4.1. Experiment Setup

We implement the GATransformer model using PyTorch 2.6+, PyTorch Geometric 2.6.1 and Python 3.9.23.

Experiments are carried out on two versions of the CIDDS benchmark dataset: CIDDS-001 and CIDDS-002, which synthetically generate realistic NetFlow traffic including advanced threats like APTs within an emulated enterprise environment [33]. The dataset contains 14 core features including temporal information, network identifiers, traffic statistics, and protocol specifications. Moreover, our experiment utilized the UNSW-NB15 dataset. This dataset, created by the University of New South Wales, is widely used for network intrusion detection research, containing both normal network activities and various types of simulated attack behaviors The dataset comprises 2,540,044 records, integrating real normal traffic with synthetic attack behaviors to cover complex network scenarios and emerging threat patterns. The dataset is divided into normal traffic (87%) and attack traffic (13%). Normal traffic simulates routine activities like web browsing and file transfers, while attack traffic encompasses nine attack families: Fuzzers, Analysis, Backdoors, DoS, Exploits, Generic, Reconnaissance, Shellcode, and Worms. These correspond to threat behaviors such as fuzz testing, port scanning, backdoor access, resource exhaustion, and vulnerability exploitation [34,35,36,37,38].

We compare GATransformer against baseline models including Graph Attention Network, Transformer, and traditional machine learning methods. Performance is evaluated using accuracy, precision metrics for classification tasks, with data split into 70% training, 20% validation, and 10% testing sets.

4.2. Experiment Results

Table 1. Description of network dataset features.

Feature Name	Data Type	Description	Example Value
Date first seen	String	First observation time	00:00.4
Duration	Float	Flow duration	1.245
Proto	String	Protocol type	TCP
Src IP Addr	String	Source IP address	192.168.1.100
Src Pt	Integer	Source port number	443
Dst IP Addr	String	Destination IP address	172.16.0.5
Dst Pt	Integer	Destination port number	22
Packets	Integer	Number of packets	10
Bytes	Integer	Total number of bytes	1500
Flows	Integer	Number of flows	2
Flags	String	TCP flag bits	.AP…
Tos	Integer	Type of service	7
label	String	Traffic label	normal attacker victim
attackType	String	Attack type	scan

presents the feature descriptions of the CIDDS dataset. This dataset encompasses 14 core features, which are detailed as follows in terms of feature names, data types, descriptions, and illustrative example values. These features collectively characterize network traffic data, including temporal information. Date first seen, traffic duration Duration, protocol specifications Proto, source and destination network identifiers Src IP Addr, Dst IP Addr and port numbers Src Pt, Dst Pt, packet—related metrics Packets, Bytes, flow—level statistics Flows, TCP- specific flag information Flags, service type classification Tos, and labels for traffic nature label and attack categorization attackType, providing a comprehensive basis for network traffic analysis and security research.

Hyperparameter selection is based on extensive grid search and empirical validation. As shown in

Table 2. Hyperparameter Configuration.

Parameter	Description	Value
time_window	Time window size(s)	30
hidden_dim	Hidden layer dimension	256
num_gat_layers	Number of GAT layers	1
num_transformer_layers	Number of Transformer layers	6
num_heads	Number of attention heads	8
learning_rate	Learning rate	$1\times {10}^{-4}$
batch_size	Batch size	4
epochs	Number of training cycles	100
node_weight	Node classification weight	1.0
edge_weight	Edge classification weight	1.0
sequence_weight	Sequence prediction weights	0.01
optimizer	Optimizer type	Adam

, we detail several key hyperparameters.

To validate the effectiveness of different models, we separately evaluated the performance of the Graph Attention Network (GAT), Transformer, and GATransformer models on the network traffic anomaly detection task. As shown in

Table 3. Performance comparison of different dataset and models.

Dataset	Model	Node Accuracy	Edge Accuracy
CIDDS-001	GAT	0.99463	0.86773
	Transformer	0.99556	0.87454
	GATransformer(our)	0.99745	0.88283
CIDDS-002	GAT	0.99864	0.99092
	Transformer	0.99711	0.99159
	GATransformer(our)	0.99990	0.99989
UNSW-NB15	GAT	0.99735	0.96012
	Transformer	0.99735	0.96009
	GATransformer(our)	0.99743	0.97414
	CNN + LSTM, LuNet, RNN	99.36
	DT, LR, NB, ANN, EM CLUSTRING	85.56
	Extra Trees ensemble classifier	98.19

, on the CIDDS-002 dataset, the Transformer model achieved 99.7% accuracy on the node classification task and 99.1% accuracy on the edge classification task, demonstrating well sequential modeling capabilities. The GAT model achieved 99.8% accuracy on node classification but had relatively lower accuracy 99.0% on edge classification, indicating limitations in handling complex network traffic relationships through pure graph structure modeling. The GATransformer model achieved 99.9% accuracy on both node and edge classification tasks, comparable to the Transformer model, verifying the effectiveness of fusing graph structure information with sequential information. On the CIDDS-001 dataset, which features more diverse and complex attack types, the GAT model achieved an accuracy rate of 99.4% in the node classification task but only reached 86.7% in the edge classification task, still indicating its limitations in handling complex network topological relationships. The Transformer model achieved a node accuracy of 99.5% and an edge accuracy of 87.4% on this dataset, demonstrating its strong sequence modeling capabilities. The GATransformer hybrid model achieved a node accuracy of 99.7% and an edge accuracy of 88.2% on CIDDS-001, showing significant improvements over single models, further validating the effectiveness of integrating graph structural information with sequence information. For the UNSW-NB15 dataset, CNN+LSTM achieved a node accuracy of 99.36, while the Extra Trees ensemble classifier reached 98.19, and DT, LR, NB, ANN, EM CLUSTRING reached 85.56 [39]. Additionally, the GAT model achieved a node accuracy of 0.99735 and an edge accuracy of 0.96012. The Transformer model had a node accuracy of 0.99735 and an edge accuracy of 0.96009, and the GATransformer (our) model obtained a node accuracy of 0.99743 and an edge accuracy of 0.97414, indicating that integrating graph and sequence information can enhance performance even on this dataset with diverse attack types. Experiments confirmed the rationality of the hybrid model design. The Transformer component plays a key role in capturing temporal dependencies, while the GAT component helps model the topological structure features of the network.

As shown in Figure 2, the confusion matrix results of GATransformer on the CIDDS-001 dataset demonstrate that the model achieves 99.74% accuracy in node classification tasks and 88.28% accuracy in edge classification tasks, showcasing outstanding multi-level anomaly detection capabilities. In contrast, Figure 3 highlights the performance limitations of unimodal approaches: the pure GAT model achieves only 86.77% accuracy in edge classification, while the pure Transformer model attains 87.45% accuracy for edge classification.

4.3. Discussion

To optimize the performance of the GATransformer model, we conducted sensitivity analysis on key hyperparameters on the CIDDS-002, including the number of GAT layers, number of Transformer layers, and learning rate. As shown in

Table 4. Hyperparameter sensitivity analysis for GATransformer hybrid model.

Model	Node Accuracy	Edge Accuracy
GAT_layers 1	0.99991	0.99559
GAT_layers 3	0.99133	0.99249
GAT_layers 4	0.98420	0.99177
Transformer_layers1	0.98573	0.98979
Transformer_layers4	0.98817	0.98632
Transformer_layers6	0.99711	0.99106
learning_rate $5\times {10}^{-4}$	0.99043	0.98659
learning_rate $1\times {10}^{-4}$	0.99837	0.99403
learning_rate $5\times {10}^{-5}$	0.98961	0.98137

, we systematically evaluated how these parameters influence the model’s performance. We employed a systematic hyperparameter optimization methodology incorporating grid search, random search, and Bayesian optimization techniques. The hyperparameter search space was designed based on domain-specific characteristics of network threat detection tasks and empirical findings from related research. Key parameters included: GAT layers [1,3,4], Transformer layers [1,4,6], learning rates [$5\times {10}^{-5}$, $1\times {10}^{-4}$, $5\times {10}^{-4}$]. The optimization process consisted of three sequential stages: (1) coarse-grained grid search for initial parameter space exploration using 20-epoch rapid evaluation with validation accuracy as the primary metric; (2) fine-grained random sampling with 200 iterations within promising regions, employing early stopping over 50 epochs, where patience = 10; and (3) Bayesian optimization using Tree-structured Parzen Estimator (TPE) algorithm for 50 iterations with complete 100-epoch training cycles. Experimental results show: First, increasing the number of GAT layers exhibits a diminishing return. The single-layer GAT configuration achieved the highest detection accuracy of 99.9% and 99.5% on node and edge classification tasks respectively, while performance significantly dropped with a deeper 4-layer GAT, decreasing to 98.9% and 99.5%, respectively. This phenomenon is attributed to the over-smoothing problem in deep graph neural networks. Second, increasing the number of Transformer layers significantly improved the model’s sequential modeling ability. A 6-layer Transformer configuration achieved the best performance, validating the effectiveness of deeper attention mechanisms in capturing complex temporal dependencies. Lastly, the learning rate was stable within the range of $1\times {10}^{-4}$ to $5\times {10}^{-4}$, while a too-small learning rate led to under-convergence and noticeable performance degradation. Based on the above analysis, this paper identifies the optimal hyperparameter configuration as one GAT layer, six Transformer layers, and a learning rate of $1\times {10}^{-4}$. This setup ensures the best performance on network anomaly detection tasks while keeping model complexity under control.

As shown in Figure 4, the performance of the GATransformer model on node and edge classification tasks for network traffic data is demonstrated. On the CIDDS-002, the confusion matrix results indicate that the proposed GATransformer hybrid model exhibits outstanding performance in network anomaly detection tasks. In the node classification task, the model achieved an overall accuracy of 99.99%. Specifically, the precision for detecting attack nodes reached 100%, and the recall was 99.13%, with only one attack node misclassified as a normal node, indicating the model’s strong capability for node-level anomaly identification. In the edge classification task, the model also achieved 99.99% accuracy, with a precision of 99.985% for detecting attack traffic and a recall of 100%, completely avoiding false negatives in attack traffic detection. Only 82 normal traffic samples were falsely identified as attacks, demonstrating traffic-level anomaly detection performance. This experimental result fully validates the effectiveness of the hybrid architecture in integrating graph structure information and sequential features. The GAT module successfully captured anomalous patterns in the network topology, while the Transformer component effectively modeled the temporal dependencies of traffic. Their synergy enabled precise identification of complex network attack behaviors.

Figure 5 illustrates the total loss trend of the GATransformer model over 50 training epochs. From the training curve, it can be observed that the model demonstrates good convergence characteristics: the training loss rapidly decreases from an initial value of 1.8, while the validation loss simultaneously decreases from 0.9. Both curves experience a steep decline within the first 10 epochs, then gradually stabilize and converge to values close to zero. Moreover, the training and validation loss curves almost completely overlap and exhibits consistent trends, indicating that the model does not suffer from overfitting during training and possesses strong generalization capability. After the 10th epoch, the loss values remain stable below 0.05, suggesting that the model has sufficiently learned the underlying patterns in the data and achieved effective multi-task joint optimization. This fast and stable convergence confirms the rationality of the proposed hybrid architecture design and the effectiveness of the training strategy.

4.4. Model Architecture Evaluation

Considering the performance constraints and real-time requirements faced by network threat detection systems in practical deployment environments, this study conducted an in-depth theoretical analysis and experimental validation of the computational complexity of the GATransformer. The GATransformer model contains 5,815,334 trainable parameters and has a model size of 22.18 MB. We use the NVIDIA GeForce RTX 4060 Laptop GPU to conduct experiments about model performance evaluation.

From an algorithmic complexity perspective, the overall time complexity of GATransformer is primarily determined by three core components: spatial dependency modeling in the graph attention network, sequence dependency capture in the Transformer, and the feature fusion mechanism in cross-attention. For an input graph with N nodes and E edges, and a hidden layer dimension of d, the time complexity of the GAT component is O (E·d + N·d²). The E·d term stems from the linear transformation computation of edge features, while the N·d² term arises from the quadratic computational complexity of calculating attention weights between nodes. The Transformer sequence encoding component employs an L-layer encoder structure with a time complexity of O(L·N²·d), where the primary computational overhead stems from the fully connected computations within the self-attention mechanism. The complexity of the feature fusion and multi-task prediction components is O(N·d²), encompassing the computational costs of cross-attention fusion and classification prediction. Synthesizing the above analysis, the overall time complexity of GATransformer can be expressed as T(N, E) = O (E·d + L·N²·d + N·d²).

From the perspective of spatial complexity, the model’s memory usage primarily consists of parameter storage and intermediate activations. The spatial complexity of parameter storage is O(d²), mainly stemming from the parameter scale of the linear transformation matrices in each layer. The memory complexity of intermediate activations is O (N·d + N²·h), where h denotes the number of attention heads. The N² term corresponds to the storage requirements of the attention score matrix, which is also a key factor limiting the model’s scalability.

As shown in

Table 5. Inference performance test results at different batch sizes.

Batch Size	Average Inference Time (ms)	Throughput (Graphs/s)
1	12.61	79.3
4	26.63	150.2
8	74.23	107.8

, several key characteristics of GATransformer’s inference performance emerge. First, the batch size 4 configuration achieves the optimal latency-throughput tradeoff, boosting throughput to 150.2 graphs/s while maintaining reasonable inference latency—representing a 1.89× performance improvement over single-sample inference mode. This phenomenon is primarily attributed to more efficient utilization of GPU parallel computing units and the optimizing effect of batch processing on memory access patterns. Second, as the batch size increases further, the marginal gain in throughput diminishes. The performance improvement at a batch size of 8 significantly decreases, indicating the existence of a saturation point in hardware resource utilization.

Real-time performance is a critical quality metric for network threat detection systems in production environments, directly impacting threat response capabilities and user experience. To comprehensively evaluate the stability and reliability of GATransformer under continuous operation, this study conducted a 30-s high-frequency continuous inference test. During the test, the system executed 2829 inference operations with a 100% success rate, demonstrating the model’s robustness and stability under high-load conditions. As shown in

Table 6. Real-time performance under continuous operation.

Performance Metrics	Average Delay	P90 Latency	P99 Latency
Value (ms)	7.74	11.28	36.06

, latency distribution analysis reveals that GATransformer exhibits outstanding real-time performance characteristics. The average latency was 7.74 ms, with P90 latency controlled below 11.28 ms. Even under the extreme P99 scenario, latency reached only 36.06 ms—significantly below the response time threshold for real-time threat detection systems. This favorable latency distribution indicates minimal performance jitter, enabling stable and predictable service quality.

Scalability analysis reveals a nonlinear relationship between detection time and network size: detection time for small-scale networks (7 nodes, 5 edges) is 58.48 ms. However, when network size scales to medium (14 nodes, 51 edges) and large (25 nodes, 106 edges) scales, detection time significantly decreases and stabilizes around 9 ms (8.99 ms and 8.89 ms, respectively). This phenomenon indicates that the GATransformer fully leverages GPU parallel computing capabilities, demonstrating well time complexity control when processing large-scale networks. Detection time does not increase linearly with network size; instead, higher computational efficiency is achieved on medium-to-large networks. In real-time detection scenarios, the model maintains a high throughput of 94.3 inferences per second. This “scale-friendly” detection time characteristic makes the GATransformer particularly well-suited for practical large-scale network anomaly detection applications.

4.5. Case Study

This case study constructs a simulated environment with real-world enterprise network characteristics. The environment adopts a four-layer network topology architecture, including a DMZ area (192.168.100.0/24), an office network (192.168.1.0/24), a server segment (192.168.10.0/24), and a database network (172.16.1.0/24). The dataset consists of 1000 network traffic records, with attack samples accounting for 20%, covering five typical APT attack patterns: port_scan, web_attack, lateral_movement, data_exfiltration, and malware_communication. Through the feature engineering module, the system converts the raw network traffic into a semantic representation of 32-dimensional node features and 20-dimensional edge features. A Graph Attention Network (GAT) encoder is used to capture spatial dependencies in the network topology, while a 4-layer Transformer encoder models the long-range temporal features of attack behaviors, achieving deep fusion of spatio-temporal features.

In this experiment, the left subfigure of Figure 6 shows the propagation stage of attack activities based on real traffic. It can be clearly seen that malicious traffic (represented by red arrows) originates from the external attacker (203.0.113.100) and penetrates the internal server segment (192.168.10.0/24) and office segment (192.168.1.0/24) via the DMZ area, with several key nodes already compromised (marked in red). The right subfigure presents the detection results based on GATransformer. Through real-time monitoring by the model, the system successfully identifies and blocks most attack paths, effectively curbing the further spread of attacks, with only one attack (marked with ×) not correctly identified. The comparison results show that the proposed detection system can accurately identify abnormal behavior patterns in the network, promptly detect compromised host nodes, and achieve effective protection against complex network attacks through multi-level anomaly detection mechanisms, significantly enhancing network security defense capabilities.

Experimental results demonstrate that GATransformer performs good across multiple key metrics. The system’s overall detection accuracy reaches 91%, with a precision of 89%, a recall of 93%, and an F1 score of 91% in the network analysis module. From the right subfigure’s detection results, it is evident that compared with the propagation stage of real attack activities shown in the left subfigure, GATransformer achieves a lower false positive rate while maintaining a high recall rate. This reflects two major advantages of GATransformer: first, high detection accuracy—91% overall accuracy meets practical needs in production environments; second, good balance—89% precision and 93% recall provide a strong trade-off between accuracy and completeness in detection.

The core innovation of this study lies in the integration of the structure-aware capability of graph neural networks with the sequence modeling power of Transformers and the achievement of a technological breakthrough in spatio-temporal anomaly detection in the field of cybersecurity through a multi-task learning paradigm and enhanced visual analysis functionality.

5. Conclusions

This paper addresses key challenges in cybersecurity threat detection by proposing GATransformer, a new detection method that combines graph neural networks with Transformer architecture. Our main theoretical contributions include a cross-attention fusion mechanism that develops a mathematical framework for integrating graph structural features with temporal sequence features, thereby preserving both spatial topology relationships and temporal dependencies through learnable attention weights and solving the modal information fragmentation problem. Furthermore, we establish a multi-task optimization theory with a unified loss function that jointly optimizes node classification, edge classification, and sequence prediction tasks, where the hierarchical weighting strategy ensures stable convergence while preventing gradient conflicts between different objectives. Additionally, our parallel dual-channel architecture theoretically guarantees that GAT and Transformer branches extract complementary information without redundancy, as the GAT branch captures spatial dependencies in network topology, while the Transformer branch models long-term temporal patterns.

Experimental validation demonstrates the effectiveness of our theoretical framework, where GATransformer achieves 99.74% node accuracy and 88.28% edge accuracy on CIDDS-001, and 99.99% and 99.98% respectively on CIDDS-002, thus verifying our mathematical predictions about optimal feature fusion. Moreover, the cross-attention mechanism shows measurable improvements compared to single-modal approaches: whereas GAT alone achieves 86.77% and Transformer alone achieves 87.45%, our hybrid approach reaches 88.28% edge classification accuracy, consequently confirming the theoretical benefits of eliminating modal fragmentation. Therefore, our work provides both practical detection capabilities and theoretical foundations for multi-modal network analysis, ultimately establishing mathematical principles for integrating structural and temporal information in cybersecurity applications.

6. Limitations and Future Work

6.1. Current Limitations

Firstly, the proposed GATransformer model relies primarily on synthetic datasets CIDDS-001 and CIDDS-002 for evaluation. While these datasets enable high detection accuracies under controlled conditions, they introduce critical limitations: synthetic data, constructed from known attack patterns, fails to fully capture the complexity, diversity, and uncertainty of real-world networks; real-world traffic noise, anomalies, and atypical patterns are often simplified or omitted; and zero-day attacks/new threats, with patterns distinct from training data, may degrade detection performance. Secondly, notable performance discrepancies across datasets highlight strong sensitivity to data distribution, stemming from differences in network topology, traffic patterns, and attack type distributions. This necessitates extensive adaptation when migrating to target networks with distinct characteristics. Furthermore, the datasets used in the case studies are relatively small. Such limited sample sizes may fail to adequately reflect the complexity of real-world network scenarios, thereby potentially undermining the generalizability of the conclusions drawn.

6.2. Future Research

Future research should systematically conduct comparative evaluations between GATransformer and current state-of-the-art hybrid architectures, including GraphFormer that embeds graph structural information directly into Transformer attention bias matrices, Heterogeneous Graph Transformer (HGT) designed for multi-type nodes and edges, Temporal Graph Networks (TGN) with memory modules for continuous-time dynamic modeling, and Graph-BERT employing large-scale unsupervised pre-training strategies. Evaluation metrics should encompass detection accuracy, computational efficiency, memory consumption, training overhead, and generalization performance.

Moreover, existing GATransformer implementations utilize discrete time windows for temporal information processing, which imposes modeling precision limitations. To address this, future work should incorporate continuous-time point processes such as Hawkes processes or neural point processes to model irregularly-spaced network events, thereby accurately capturing temporal dependencies in attack sequences. Specialized attention mechanisms should be developed to explicitly model attack kill chain stages, while causal inference methods including structural causal models should be integrated to distinguish correlation from causation in network events.

Furthermore, practical deployment optimization requires systematic strategies to facilitate GATransformer implementation in production environments. This encompasses developing incremental and online learning mechanisms for continuous adaptation to emerging attack patterns without complete retraining, exploring federated learning frameworks for collaborative training across organizations while preserving data privacy, and employing knowledge distillation techniques to create lightweight model versions suitable for resource-constrained edge devices. Additionally, adaptive inference mechanisms should dynamically adjust model complexity based on real-time network traffic characteristics.

Concurrently, current case studies utilize relatively limited datasets that may inadequately reflect real-world network complexity, potentially affecting research conclusion generalizability. Future investigations should construct large-scale, diverse cybersecurity datasets encompassing various network topologies, traffic patterns, and attack types, while establishing standardized preprocessing pipelines and feature engineering methodologies to ensure data quality and consistency.

Finally, existing research demonstrates insufficient reliance on Advanced Persistent Threat (APT) attack datasets, limiting effectiveness evaluation against sophisticated threats characterized by high stealth, persistence, and evolution. Future work should develop specialized APT detection algorithms incorporating long-term behavior modeling, anomaly pattern recognition, and attack intent inference, while establishing professional evaluation frameworks with corresponding performance metrics and assessment standards specifically tailored for APT detection scenarios.

7. Broader Implications

7.1. Positive Technological Impacts

The deployment of GATransformer significantly enhances organizational defense capabilities against advanced persistent threats by combining graph structure analysis with temporal pattern recognition to identify complex multi-stage attacks that traditional methods cannot detect. Experimental results demonstrate high detection accuracy, suggesting substantial potential for reducing false negative rates and minimizing risks of data breaches and system intrusions, particularly for critical infrastructure and national security systems. Furthermore, given that cybercrime-related economic losses are projected to reach USD 10.5 trillion by 2025, widespread deployment of GATransformer could substantially mitigate these damages through early detection and rapid response capabilities. This technology not only helps organizations avoid costly data breach expenses, business disruption losses, and reputational damage but also provides broad societal benefits by protecting personal privacy data, financial assets, and intellectual property.

7.2. Privacy and Surveillance Risks

Network traffic analysis inherently requires examination and monitoring of communication patterns, inevitably involving user activity surveillance. While GATransformer’s deep learning capabilities can identify subtle traffic patterns that aid threat detection, they may also infer user behavioral habits, preferences, and social relationships, potentially compromising personal privacy. Consequently, organizations must strictly comply with data protection regulations such as GDPR and CCPA, implementing privacy-preserving technologies like differential privacy and homomorphic encryption to minimize privacy impact while maintaining detection effectiveness. Moreover, this technology poses risks of abuse by authoritarian governments or malicious actors for mass surveillance purposes, potentially enabling identification of dissidents, tracking of specific groups, or monitoring of citizens’ online activities. Such misuse not only violates fundamental human rights but may also suppress freedom of speech and democratic participation, necessitating strict legal frameworks and technical safeguards to limit the technology’s scope and purpose.

7.3. Security and Adversarial Risks

High accuracy rates may lead defenders to over-rely on GATransformer while overlooking its vulnerability to adversarial sample attacks, where attackers can deceive the model through carefully crafted input perturbations to misclassify malicious traffic as benign. This vulnerability is particularly concerning in security-critical applications where attackers may exploit such weaknesses to bypass detection systems. Additionally, during the training phase, adversaries may inject malicious training data to implant backdoors, causing model failure or incorrect predictions under specific trigger conditions. Since GATransformer requires periodic updates to adapt to emerging threats, this continuous learning process creates opportunities for poisoning attacks, highlighting the need for robust training procedures and data validation mechanisms to prevent such vulnerabilities.