Article: Power information network attack chain identification and disaster recovery early warning mechanism based on graph neural network Journal: International Journal of Intelligent Information and Database Systems (IJIIDS) 2026 Vol.18 No.6 pp.1 - 38 Abstract: Advanced multi-stage cyberattacks increasingly threaten power information networks and can disrupt both communication and physical control systems. This study proposes a graph neural network (GNN)-based architecture to detect multi-stage attack paths and provide early warnings for disaster recovery. The framework models the spatio-temporal behaviour of network devices to improve resilience and support proactive cyber defence in critical power infrastructures. Traditional intrusion detection systems often fail to capture complex spatial and temporal relationships and sequential attack patterns, leading to slow detection and limited recovery capability. To address this limitation, a spatio-temporal graph neural network (ST-GNN) framework is developed using the Kitsune network attack and HAI security datasets for comprehensive cyber-physical threat analysis. Experimental results demonstrate excellent performance with 99.98% accuracy, 99.90% precision, 99.97% recall, and an F1-score of 99.98%, with very low false positive and false negative rates. The proposed system effectively predicts multiple attack stages and significantly improves detection capability, enabling faster response and stronger protection for modern power information networks. Inderscience Publishers - linking academia, business and industry through research

Title: Power information network attack chain identification and disaster recovery early warning mechanism based on graph neural network

Authors: Yangrui Zhang; Shihui Chen; Chao Zhang; Junpeng Zhao; Kaichen Zhang; Zixun Lu

Addresses: Marketing Service Centre of State Grid Hebei Electric Power Co., Ltd., South Wing, Central Office Building, Zhuang Sheng Plaza, No. 10 Xuanwumenwai Street, Xicheng District, Beijing, Shijiazhuang City, Hebei Province, 050000, China ' Marketing Business Department, State Grid Siji Cybersecurity Technology (Beijing) Co., Ltd., Beijing City, 100052, China ' Marketing Service Centre of State Grid Hebei Electric Power Co., Ltd., South Wing, Central Office Building, Zhuang Sheng Plaza, No. 10 Xuanwumenwai Street, Xicheng District, Beijing, Shijiazhuang City, Hebei Province, 050000, China ' Marketing Service Centre of State Grid Hebei Electric Power Co., Ltd., South Wing, Central Office Building, Zhuang Sheng Plaza, No. 10 Xuanwumenwai Street, Xicheng District, Beijing, Shijiazhuang City, Hebei Province, 050000, China ' Marketing Business Department, State Grid Siji Cybersecurity Technology (Beijing) Co., Ltd., Beijing City, 100052, China ' Marketing Business Department, State Grid Siji Cybersecurity Technology (Beijing) Co., Ltd., Beijing City, 100052, China

Abstract: Advanced multi-stage cyberattacks increasingly threaten power information networks and can disrupt both communication and physical control systems. This study proposes a graph neural network (GNN)-based architecture to detect multi-stage attack paths and provide early warnings for disaster recovery. The framework models the spatio-temporal behaviour of network devices to improve resilience and support proactive cyber defence in critical power infrastructures. Traditional intrusion detection systems often fail to capture complex spatial and temporal relationships and sequential attack patterns, leading to slow detection and limited recovery capability. To address this limitation, a spatio-temporal graph neural network (ST-GNN) framework is developed using the Kitsune network attack and HAI security datasets for comprehensive cyber-physical threat analysis. Experimental results demonstrate excellent performance with 99.98% accuracy, 99.90% precision, 99.97% recall, and an F1-score of 99.98%, with very low false positive and false negative rates. The proposed system effectively predicts multiple attack stages and significantly improves detection capability, enabling faster response and stronger protection for modern power information networks.

Keywords: spatio-temporal graph neural network; ST-GNN; power information network security; cyberattack detection; early warning system; disaster recovery planning.

DOI: 10.1504/IJIIDS.2026.153373

International Journal of Intelligent Information and Database Systems, 2026 Vol.18 No.6, pp.1 - 38

Received: 16 Sep 2025
Accepted: 03 Dec 2025
Published online: 06 May 2026 *

Title: Power information network attack chain identification and disaster recovery early warning mechanism based on graph neural network

Keep up-to-date