Network security situation prediction based on the MCN-BiMinLSTM-Attention fusion model

To address the problem of insufficient feature extraction of threat data in traditional network security situation prediction, a new prediction model integrating a multi-scale convolutional neural network (MCN), a minimal bidirectional long-short term memory network (BiMinLSTM), and an attention mechanism (Attention) is proposed. Firstly, local feature extraction is performed through the MCN. Different-sized convolution kernels extract short-term abnormal features, medium-term behavior patterns, and long-term potential risk features in parallel to realize the fusion and representation of multi-scale features. Secondly, the BiMinLSTM is used for bidirectional time-series modeling, and the causal association, evolution path, and potential rules of attack events are analyzed through the gating mechanism. Finally, the threat data at key time nodes is adaptively weighted through the attention mechanism, and combined with the Softmax normalized weight, it focuses on high-risk alarm signals and completes the accurate prediction of the situation quantization value. Ablation experiments further verify the effectiveness of the MCN multi-scale fusion module and the minimal design of BiMinLSTM. The experimental results demonstrate that the former can enhance the attack detection accuracy by an average of 2.7\%. In contrast, the latter can reduce the parameter count by an average of 0.39MB while maintaining the effective model's performance. Simulation experiments indicate that compared to existing fusion models, the proposed model performs better in capturing and predicting rapid changes and high-amplitude trends in attack traffic mutation-related situation awareness.