ABSTRACT With the rapid expansion of smart city infrastructure, its highly interconnected IoT devices, sensor networks and key information systems constitute a huge and complex digital ecosystem that is extremely vulnerable to various cyber threats. The forms of network attacks are becoming increasingly intelligent and concealed. It is challenging to address unknown threats effectively and rapidly evolving attack patterns within massive, multi‐source, heterogeneous data streams. Traditional methods are difficult to deal with threats, which in turn pose a threat to the stability of urban operations and other aspects. This study proposes an innovative predictive deep learning framework, which aims to achieve early detection and accurate prediction of potential threats in smart city environments. The model integrates a spatio‐temporal graph neural network and a self‐attention mechanism. This combination deeply mines the complex correlation patterns hidden among multidimensional data, such as massive network equipment logs, traffic control system operating status, and public Wi‐Fi access traffic, and infers possible future attack trends in real time. Rigorously tested in a high‐fidelity simulation environment containing 1200,000 real smart city network equipment logs and 20 typical threat activities, the model demonstrated excellent performance. It achieved a threat detection accuracy rate of 96.7% and an F1 score of 97.2%, which is significantly better than the current mainstream detection methods. What is particularly outstanding is its prediction ability. The model's prediction accuracy rate for new attack samples that are unknown reaches 91.5%. In terms of real‐time response, the average detection delay is controlled within 0.12 s, verifying the feasibility and efficiency of its deployment in large‐scale, dynamic, and complex network environments. It provides core support technology for active security protection in smart cities.
Chen et al. (Tue,) studied this question.