Digital Twin-Enabled Security Situation Awareness for Cloud-Edge Computing: A Dynamic Mapping and Predictive Analysis Approach
Abstract
Security situation awareness (SSA) is a critical prerequisite for proactive defense in cloud-edge computing ecosystems, yet traditional SSA methods face challenges in dynamic mapping of heterogeneous entities, real-time fusion of multi-source security data, and accurate prediction of emerging threats. Digital Twin (DT), as a cutting-edge technology that realizes bidirectional mapping and real-time synchronization between physical and virtual spaces, provides a new technical path to break through these bottlenecks. This study proposes a Digital Twin-Enabled Security Situation Awareness framework (DT-SSA) for cloud-edge computing, which constructs a high-fidelity virtual mirror of the cloud-edge physical system and realizes full-cycle SSA including dynamic mapping, real-time perception, fusion analysis, and predictive early warning. The framework consists of four core modules: cloud-edge DT modeling module, multi-source security data synchronization module, hybrid intelligence situation analysis module, and dynamic early warning response module. A multi-scale dynamic mapping algorithm based on adaptive feature alignment is designed to realize accurate matching between physical entities and virtual models. A hybrid intelligence fusion model combining graph neural networks (GNN) and long short-term memory (LSTM) is proposed to realize real-time analysis of security situations and prediction of threat trends. Experimental evaluations based on a real-world cloud-edge testbed (integrating 3 cloud nodes, 60 edge devices, and 200 terminal sensors) show that the DT-SSA framework achieves a situation assessment accuracy of 97.1% and a threat prediction accuracy of 93.5% for future 5-10 minutes, with a data synchronization latency of only 8.3ms. Compared with traditional SSA methods based on static modeling, the proposed framework improves the threat prediction lead time by 42.8% and reduces the false warning rate by 19.6%. The research results demonstrate that the integration of digital twin technology can significantly enhance the timeliness, accuracy, and comprehensiveness of cloud-edge security situation awareness, providing a new technical solution for the security governance of cloud-edge integrated systems.
Keywords
Cloud-edge computing; Digital twin; Security situation awareness; Dynamic mapping; Hybrid intelligence; Threat prediction