Adaptive Graph-LLM Fusion for Context-Aware Risk Assessment in Smart Industrial Networks

The convergence of industrial operations with Internet of Things (IoT) paradigms has engendered smart industrial networks characterized by heightened interconnectivity and data volume. While this integration augments operational efficiency, it simultaneously expands the attack surface, rendering traditional, signature-based risk assessment methods inadequate for identifying sophisticated, context-dependent threats. This paper posits a novel framework, Adaptive Graph-Large Language Model (LLM) Fusion, designed to achieve nuanced, context-aware risk assessment. By synergistically combining the structural relational analysis capabilities of Graph Neural Networks (GNNs) with the profound semantic understanding of LLMs, the proposed model dynamically interprets multi-modal network data. The GNN component explicitly models the complex interdependencies among network entities as a graph, capturing topological vulnerabilities. Concurrently, the LLM component processes unstructured data streams, such as system logs and threat intelligence reports, to extract semantic context and infer adversarial intent. An adaptive fusion mechanism dynamically weighs the contributions of both graph-based and semantic insights, enabling a holistic evaluation of risk that is sensitive to the evolving network context. Preliminary evaluations on a simulated industrial control system dataset demonstrate the framework's superior performance in detecting stealthy, multi-stage cyber-physical attacks compared to state-of-the-art monolithic approaches, highlighting its potential as a cornerstone for next-generation industrial cybersecurity.