DLG–IDS: Dynamic Graph and LLM–Semantic Enhanced Spatiotemporal GNN for Lightweight Intrusion Detection in Industrial Control Systems
Abstract
1. Introduction
- A dynamic graph construction method that combines real–time communication patterns and logical control dependencies into a unified graph structure, overcoming the static nature of traditional graph models and capturing spatiotemporal dynamics in industrial networks.
- LLM–driven semantic enhancement that generates fine–grained semantic embeddings from protocol content and device logs, aligning these with network traffic statistical features through cross–modal attention to bridge the gap in protocol intent understanding.
- A lightweight STGNN optimized with sparse graph attention and local window Transformers, which reduces computational complexity from quadratic to linear while preserving the ability to model spatiotemporal dependencies, addressing the conflict between resource constraints and real–time requirements.
2. Related Work
2.1. Traditional Industrial Network Anomaly Detection Methods
2.2. Traffic Modeling Method Based on Graph Neural Networks
2.3. Advances in Spatio–Temporal Graph Neural Networks
2.4. Large Language Modeling (LLM) in Network Security
3. Design of Framework
3.1. Dynamic Graph Construction Module
3.2. Multi–Modal Feature Enhancement Module
- LLM Semantic Embedding GenerationTo enhance the semantic richness and interpretability of the initial node features, a two–stage feature enhancement strategy is designed by combining the reasoning capabilities of large language models (LLMs) with the efficient adaptability of lightweight language models.Raw protocol text and device logs from node features are input into the LLM, and prompt engineering is used to guide the LLM in generating two types of outputs: one is a prediction label, which infers whether the operation type is normal or anomalous based on the text content; the other is a natural language description, which outlines the operation intent and potential risks. An example of the input and output of the LLM is shown in Figure 2.The original text, prediction label, and explanation are merged to form enhanced text as Equations (12) and (13), and the lightweight language model (LM) is fine–tuned using the objective functions from Equation (14) to Equation (16).The mask tokens in the enhanced text are reconstructed to calculate the Masked Language Modeling (MLM) loss , and a prediction consistency loss is computed by constraining the LLM’s generated label to match the LM’s prediction. The total loss function is the weighted sum of the MLM loss and the prediction consistency loss.
- Multi–modal Feature ConcatenationThe fine–tuned language model is then used to encode the original text, generating enhanced semantic embeddings.These enhanced semantic embeddings are fused with the original node features, including dynamic traffic features and static control attributes, to create a comprehensive feature representation as follows:This operation initially merges numerical statistical features with semantic context but does not explicitly model the relationships between the modalities.
- Cross–Modal Attention AlignmentTo eliminate the spatial heterogeneity of multimodal features, a dual–stream cross–attention mechanism is designed as follows:A query vector is extracted from the traffic features , focusing on real–time communication patterns. Keys and values are extracted from the semantic embeddings E, encoding protocol semantic information. The generation of Q, K, and V are shown in Equations (19), (20), and (21), respectively.The attention weights are computed using a scaled dot–product attention mechanism to measure the correlation between traffic features and semantic features, as shown in Equation (22). Then weighted aggregated semantic information to the traffic feature space, as in Equation (23).To prevent information loss and improve training stability, the fused features are added to the original concatenated features, followed by layer normalization,where is the projection matrix used to align the dimensions of the concatenated features and the fused features.
3.3. Lightweight Spatio–Temporal Graph Neural Network
- Time Feature Extraction ProcessBi–GRU extracts temporal features from each node in the graph structure across sequential time steps,where h denotes the hidden layer dimension of the GRU, with bidirectional outputs concatenated into a –dimensional vector. The temporal feature matrix is subsequently generated by the Bi–GRU.A Sparse GAT operates by exclusively computing attention weights between each node and its Top–K neighbors, formally expressed aswhere denotes the learnable weight matrix, is the attention vector, and represents the Top–K neighbor set of node .The spatial feature matrix is obtained through feature aggregation governed by Equation (28).Therefore, at each time step t, the spatial relationships between nodes are modeled through the following formulation:where denotes the output dimension of SparseGAT Layer. Compared to the original GAT, the computational complexity of SparseGAT is reduced from to .The integration of graph Transformer layers enhances the model’s capacity to capture long–range temporal dependencies and complex spatial interactions, while the local window attention mechanism restricts each node’s temporal attention scope to a fixed interval at step t, as formalized by Equations (30) and (32).where denote learnable parameter matrices, and w specifies the local window size. The windowed temporal attention outputs features with dimension through Equation (33). This design reduces the computational complexity of the Transformer layer from to .
- Spatial Feature Extraction ProcessThe spatial feature extraction branch directly models spatial dependencies through the combined adjacency matrix while employing local windowed attention along the spatial dimension as formalized in Equations (34) and (35). The network structure of its layers is designed in the same way as in the temporal feature extraction in the previous item.
- Graph–Level Feature Generation and Anomaly DetectionThis module generates anomaly probabilities for network traffic by globally aggregating and mapping multi–modal spatiotemporal features, thereby providing direct evidential support for security decision–making in industrial control systems.Extend the temporal features along the spatial dimension to and the spatial features along the temporal dimension to , ensuring dimensional consistency before concatenating them into .This design enables the model to adaptively adjust spatio–temporal weights based on the characteristics of the attack. For example, for slow infiltration attacks that depend on long–term temporal patterns, the model may assign higher weight to the temporal path, whereas for lateral movement attacks that rely on abnormal topological propagation, the spatial path weight is increased.
4. Evaluation
4.1. Experimental Settings
4.2. Datasets for Evaluation
4.3. Performance Metrics
4.4. Ablation Experiment
4.5. Comparative Experiment
5. Security Analysis
5.1. Different Attack Scenario Simulation Experiment
5.2. Scalability Experiment
5.3. Case Study Analysis
6. Conclusions and Further Work
Author Contributions
Funding
Institutional Review Board Statement
Informed Consent Statement
Data Availability Statement
Conflicts of Interest
References
- Ioulianou, P.; Vasilakis, V.; Moscholios, I.; Logothetis, M. A Signature–Based Intrusion Detection System for the Internet of Things. Inf. Commun. Technol. Form 2018. Available online: https://eprints.whiterose.ac.uk/id/eprint/133312/ (accessed on 2 October 2025).
- Moustafa, N.; Turnbull, B.; Choo, K.K.R. An ensemble intrusion detection technique based on proposed statistical flow features for protecting network traffic of internet of things. IEEE Internet Things J. 2018, 6, 4815–4830. [Google Scholar] [CrossRef]
- Bilot, T.; El Madhoun, N.; Al Agha, K.; Zouaoui, A. Graph neural networks for intrusion detection: A survey. IEEE Access 2023, 11, 49114–49139. [Google Scholar] [CrossRef]
- Altaf, T.; Wang, X.; Ni, W.; Yu, G.; Liu, R.P.; Braun, R. GNN–based network traffic analysis for the detection of sequential attacks in IoT. Electronics 2024, 13, 2274. [Google Scholar] [CrossRef]
- Hou, J.; Xia, H.; Lu, H.; Nayak, A. A graph neural network approach for caching performance optimization in ndn networks. IEEE Access 2022, 10, 112657–112668. [Google Scholar] [CrossRef]
- Wang, Y.; Li, J.; Zhao, W.; Han, Z.; Zhao, H.; Wang, L.; He, X. N–STGAT: Spatio–temporal graph neural network based network intrusion detection for near–earth remote sensing. Remote Sens. 2023, 15, 3611. [Google Scholar] [CrossRef]
- Gong, H.; Yan, C.; Xue, Y.; Guo, Y. Network Protocol Security Evaluation via LLM–Enhanced Fuzzing in Extended ProFuzzBench. In Proceedings of the International Conference on Intelligent Computing, Ningbo, China, 26–29 July 2025; Springer: Singapore, 2025; pp. 522–533. [Google Scholar]
- Cheung, S.; Dutertre, B.; Fong, M.; Lindqvist, U.; Skinner, K.; Valdes, A. Using model–based intrusion detection for SCADA networks. In Proceedings of the SCADA Security Scientific Symposium, Miami Beach, FL, USA, 24–25 January 2007; SRI International: Menlo Park, CA, USA, 2007; Volume 46, pp. 1–12. [Google Scholar]
- Hadžiosmanović, D.; Sommer, R.; Zambon, E.; Hartel, P.H. Through the eye of the PLC: Semantic security monitoring for industrial processes. In Proceedings of the 30th Annual Computer Security Applications Conference, Orleans, LA, USA, 8–12 December 2014; pp. 126–135. [Google Scholar]
- Yingxu, L.; Jiao, J.; Jing, L. Analysis of industrial control systems traffic based on time series. In Proceedings of the 2015 IEEE Twelfth International Symposium on Autonomous Decentralized Systems, Taichung, Taiwan, 25–27 March 2015; pp. 123–129. [Google Scholar]
- Ujjan, R.M.A.; Pervez, Z.; Dahal, K.; Khan, W.A.; Khattak, A.M.; Hayat, B. Entropy based features distribution for anti–DDoS model in SDN. Sustainability 2021, 13, 1522. [Google Scholar] [CrossRef]
- Wang, J. Industrial Internet of Things ARP Virus Attack Detection Method Based on Improved CNN BiLSTM. J. Cyber Secur. Mobil. 2024, 13, 1173–1206. [Google Scholar] [CrossRef]
- Dakheel, A.H.; Dakheel, A.H.; Abbas, H.H. Intrusion detection system in gas–pipeline industry using machine learning. Period. Eng. Nat. Sci. 2019, 7, 1030–1040. [Google Scholar] [CrossRef]
- Ridi, A.; Gisler, C.; Hennebert, J. Appliance and state recognition using Hidden Markov Models. In Proceedings of the 2014 International Conference on Data Science and Advanced Analytics (DSAA), Shanghai, China, 30 October–1 November 2014; pp. 270–276. [Google Scholar]
- Zhang, Y.; Yang, C.; Huang, K.; Li, Y. Intrusion detection of industrial internet–of–things based on reconstructed graph neural networks. IEEE Trans. Netw. Sci. Eng. 2022, 10, 2894–2905. [Google Scholar] [CrossRef]
- Athmane, M.M.B.; Soaïd, M.F.K.; Hamida, M.S.; Mohamed, M.M.; Karima, M.A. Building a Novel Graph Neural Networks–Based Model for Efficient Detection of Advanced Persistent Threats. 2023. Available online: https://www.researchgate.net/profile/Kamel-Ferrahi/publication/384225639_Building_a_novel_Graph_Neural_Networks-based_model_for_efficient_detection_of_Advanced_Persistent_Threats/links/67ab35108311ce680c5d44e7/Building-a-novel-Graph-Neural-Networks-based-model-for-efficient-detection-of-Advanced-Persistent-Threats.pdf (accessed on 2 October 2025).
- Cao, Y.; Jiang, H.; Deng, Y.; Wu, J.; Zhou, P.; Luo, W. Detecting and mitigating DDoS attacks in SDN using spatial–temporal graph convolutional network. IEEE Trans. Dependable Secur. Comput. 2021, 19, 3855–3872. [Google Scholar] [CrossRef]
- Wu, Y.; Dai, H.N.; Tang, H. Graph neural networks for anomaly detection in industrial Internet of Things. IEEE Internet Things J. 2021, 9, 9214–9231. [Google Scholar] [CrossRef]
- Ruan, W.; Chen, W.; Dang, X.; Zhou, J.; Li, W.; Liu, X.; Liang, Y. Low–rank adaptation for spatio–temporal forecasting. arXiv 2024, arXiv:2404.07919. [Google Scholar]
- Seyyar, Y.E.; Yavuz, A.G.; Ünver, H.M. An attack detection framework based on BERT and deep learning. IEEE Access 2022, 10, 68633–68644. [Google Scholar] [CrossRef]
- Abshari, D.; Fu, C.; Sridhar, M. LLM–assisted Physical Invariant Extraction for Cyber–Physical Systems Anomaly Detection. arXiv 2024, arXiv:2411.10918. [Google Scholar]
- Branescu, I.; Grigorescu, O.; Dascalu, M. Automated mapping of common vulnerabilities and exposures to mitre att&ck tactics. Information 2024, 15, 214. [Google Scholar] [CrossRef]
- Jonkhout, B. Evaluating Large Language Models for Automated Cyber Security Analysis Processes. Bachelor’s Thesis, University of Twente, Enschede, The Netherlands, 2024. [Google Scholar]
- Kotenko, I.; Abramenko, G. Detecting and Analysing Cyber Attacks Based on Graph Neural Networks, Ontologies and Large Language Models. In Proceedings of the 2025 IEEE 26th International Conference of Young Professionals in Electron Devices and Materials (EDM), Altai, Russian Federation, 27 June–1 July 2025; pp. 1460–1464. [Google Scholar]
- Mathur, A.P.; Tippenhauer, N.O. SWaT: A water treatment testbed for research and training on ICS security. In Proceedings of the 2016 International Workshop on Cyber–Physical Systems for Smart Water Networks (CySWater), Vienna, Austria, 11 April 2016; pp. 31–36. [Google Scholar]
- Dehlaghi–Ghadim, A.; Balador, A.; Moghadam, M.H.; Hansson, H.; Conti, M. ICSSIM—A framework for building industrial control systems security testbeds. Comput. Ind. 2023, 148, 103906. [Google Scholar] [CrossRef]
- Liu, H.; Feng, J.; Kong, L.; Liang, N.; Tao, D.; Chen, Y.; Zhang, M. One for all: Towards training one graph model for all classification tasks. arXiv 2023, arXiv:2310.00149. [Google Scholar] [CrossRef]















| Dataset | Attacks | Train | Test | Anomalies (%) |
|---|---|---|---|---|
| SWaT | 41 | 716,320 | 179,080 | 11.9733 |
| SBFF | 4 | 36,145 | 9036 | 22.3235 |
| Node | Mac Address | IP Address |
|---|---|---|
| PLC1 | 02:42:c0:a8:00:0b | 192.168.0.11 |
| PLC2 | 02:42:c0:a8:00:0c | 192.168.0.12 |
| HMI1 | 02:42:c0:a8:00:15 | 192.168.0.21 |
| HMI2 | 02:42:c0:a8:00:16 | 192.168.0.22 |
| HMI3 | 02:42:c0:a8:00:17 | 192.168.0.23 |
| Attacker | 02:42:c0:a8:00:29 | 192.168.0.41 |
| Attack Type | Number of Flow |
|---|---|
| Normal | 35,095 |
| Reconnaissance | 3122 |
| Replay | 2749 |
| DDoS | 1840 |
| MitM | 2375 |
| Total | 45,181 |
| LLM | LM | Local Window Transformer | Sparse GAT | Base Model | F1–Score | FPR | Detection Latency (ms) |
|---|---|---|---|---|---|---|---|
| ✓ | 0.770 | 0.220 | 189 | ||||
| ✓ | ✓ | 0.809 | 0.201 | 210 | |||
| ✓ | ✓ | ✓ | 0.852 | 0.060 | 212 | ||
| ✓ | ✓ | 0.796 | 0.235 | 92 | |||
| ✓ | ✓ | ✓ | 0.791 | 0.083 | 68 | ||
| ✓ | ✓ | ✓ | ✓ | ✓ | 0.943 | 0.046 | 71 |
| LSTM | 0.604 | 0.410 | 155 | ||||
| LLM | LM | Local Window Transformer | Sparse GAT | Base Model | F1–Score | FPR | Detection Latency (ms) |
|---|---|---|---|---|---|---|---|
| ✓ | 0.630 | 0.142 | 109 | ||||
| ✓ | ✓ | 0.672 | 0.133 | 190 | |||
| ✓ | ✓ | ✓ | 0.766 | 0.087 | 198 | ||
| ✓ | ✓ | 0.656 | 0.136 | 55 | |||
| ✓ | ✓ | ✓ | 0.625 | 0.058 | 46 | ||
| ✓ | ✓ | ✓ | ✓ | ✓ | 0.890 | 0.025 | 51 |
| LSTM | 0.575 | 0.433 | 88 | ||||
| Method | Accuracy | Precision | Recall | F1–Score |
|---|---|---|---|---|
| RF | 0.872 | 0.870 | 0.902 | 0.769 |
| GCN | 0.881 | 0.875 | 0.915 | 0.773 |
| OFA | 0.948 | 0.896 | 0.912 | 0.760 |
| DLG–IDS | 0.975 | 0.906 | 0.920 | 0.943 |
| Method | Accuracy | Precision | Recall | F1–Score |
|---|---|---|---|---|
| RF | 0.891 | 0.875 | 0.901 | 0.766 |
| GCN | 0.898 | 0.895 | 0.923 | 0.807 |
| OFA | 0.944 | 0.917 | 0.920 | 0.813 |
| DLG–IDS | 0.986 | 0.955 | 0.940 | 0.852 |
| Extended Dataset | Number of Flow | Method | Accuracy | Precision | Recall | F1–Score |
|---|---|---|---|---|---|---|
| SBFF–12 nodes | 89,314 | RF | 0.848 | 0.825 | 0.854 | 0.757 |
| GCN | 0.873 | 0.875 | 0.856 | 0.815 | ||
| OFA | 0.927 | 0.866 | 0.919 | 0.808 | ||
| DLG–IDS | 0.981 | 0.960 | 0.955 | 0.913 | ||
| SBFF–18 nodes | 13,625 | RF | 0.855 | 0.817 | 0.848 | 0.746 |
| GCN | 0.882 | 0.882 | 0.860 | 0.812 | ||
| OFA | 0.915 | 0.837 | 0.904 | 0.803 | ||
| DLG–IDS | 0.976 | 0.962 | 0.952 | 0.919 | ||
| SBFF–24 nodes | 17,608 | RF | 0.808 | 0.813 | 0.850 | 0.740 |
| GCN | 0.870 | 0.884 | 0.859 | 0.809 | ||
| OFA | 0.909 | 0.859 | 0.901 | 0.793 | ||
| DLG–IDS | 0.980 | 0.965 | 0.938 | 0.906 |
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |
© 2025 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Liu, J.; Wang, J.; Yan, T.; Qi, F.; Chen, G. DLG–IDS: Dynamic Graph and LLM–Semantic Enhanced Spatiotemporal GNN for Lightweight Intrusion Detection in Industrial Control Systems. Electronics 2025, 14, 3952. https://doi.org/10.3390/electronics14193952
Liu J, Wang J, Yan T, Qi F, Chen G. DLG–IDS: Dynamic Graph and LLM–Semantic Enhanced Spatiotemporal GNN for Lightweight Intrusion Detection in Industrial Control Systems. Electronics. 2025; 14(19):3952. https://doi.org/10.3390/electronics14193952
Chicago/Turabian StyleLiu, Junyi, Jiarong Wang, Tian Yan, Fazhi Qi, and Gang Chen. 2025. "DLG–IDS: Dynamic Graph and LLM–Semantic Enhanced Spatiotemporal GNN for Lightweight Intrusion Detection in Industrial Control Systems" Electronics 14, no. 19: 3952. https://doi.org/10.3390/electronics14193952
APA StyleLiu, J., Wang, J., Yan, T., Qi, F., & Chen, G. (2025). DLG–IDS: Dynamic Graph and LLM–Semantic Enhanced Spatiotemporal GNN for Lightweight Intrusion Detection in Industrial Control Systems. Electronics, 14(19), 3952. https://doi.org/10.3390/electronics14193952

