Multi-modal AI for Network Security: Combining Logs, Metrics, and Topology Graphs to Detect Complex Attacks

Amar Gurajapu, Anurag Agarwal, Rajdeep Arora; Vardhan Garimella; Amar Gurajapu, Anurag Agarwal, Rajdeep Arora; Vardhan Garimella

doi:10.15662/IJAESIT.2026.0901002

Articles

Multi-modal AI for Network Security: Combining Logs, Metrics, and Topology Graphs to Detect Complex Attacks

Amar Gurajapu, Anurag Agarwal, Rajdeep Arora

Network Systems, AT&T, United States

Vardhan Garimella

Intellibus, United States

Abstract

: Modern network attacks leverage stealthy tactics that span log anomalies, metric deviations, and subtle shifts in topology. Single-modality detectors (e.g., log-only or metric-only) struggle with these multi-vector campaigns. We present MultiSecAI, a framework that fuses three data modalities (system logs, performance metrics, and dynamic topology graphs) using graph neural embeddings and attention-based fusion to detect complex threats in real time. In experiments on a telecom-scale Kubernetes cluster under simulated APT scenarios, MultiSecAI achieved:

8 % detection accuracy (vs. 85.2 % log-only, 88.5 % metric-only)
1 % false-positive rate (vs. 8.7 %, 6.9 %)
8 ms mean inference latency per window.

We detail the end-to-end design, data-processing pipeline, model architectures, quantitative evaluation, and discuss deployment considerations

Article Information

Journal	International Journal of Advanced Engineering Science and Information Technology (IJAESIT)
Volume (Issue)	Vol. 9 No. 1 (2026): International Journal of Advanced Engineering Science and Information Technology (IJAESIT)
DOI	https://doi.org/10.15662/IJAESIT.2026.0901002
Pages	13-16
Published	January 20, 2026
Copyright	Creative Commons Attribution 4.0 International License
Open Access	This work is licensed under a Creative Commons Attribution 4.0 International License.
How to Cite	Amar Gurajapu, Anurag Agarwal, Rajdeep Arora, Vardhan Garimella (2026). Multi-modal AI for Network Security: Combining Logs, Metrics, and Topology Graphs to Detect Complex Attacks. International Journal of Advanced Engineering Science and Information Technology (IJAESIT) , Vol. 9 No. 1 (2026): International Journal of Advanced Engineering Science and Information Technology (IJAESIT) , pp. 13-16. https://doi.org/10.15662/IJAESIT.2026.0901002

References

1. Zhang, Y., Li, X., & Wang, H. (2024). Hybrid CNN-LSTM Model for Intrusion Detection in IoT Networks. IEEE Transactions on Information Forensics and Security, 19(1), 112–124.
2. Kim, S., & Park, J. (2024). Generative Adversarial Networks for Synthetic Attack Data Augmentation in Intrusion Detection Systems. Journal of Cybersecurity and Privacy, 3(2), 45–60.
3. Singh, A., & Gupta, R. (2024). Explainable AI in Intrusion Detection: Techniques and Applications. ACM Computing Surveys, 56(4), Article 89.
4. Chen, L., & Zhao, F. (2024). Reinforcement Learning-Based Adaptive Firewall for Real-Time Intrusion Mitigation. IEEE Access, 12, 67890–67902.
5. Wang, T., & Liu, Y. (2024). Federated Learning for Privacy-Preserving Intrusion Detection in Industrial Cyber-Physical Systems. Computers & Security, 118, 102796.
6. Patel, M., & Shah, P. (2024). Robust Intrusion Detection Against Adversarial Attacks: A Survey. Information Sciences, 612, 367–387