Abstract: To address the issues of outdated security technology, dispersed capability management, slow response speed, and differentiated manual judgment in railway network security protection, this paper proposed an AI based railway network security situational awareness platform to implement intelligent analysis, decision-making, and response of network security situations, improve the accuracy of threat perception and disposal efficiency. This platform integrated multi-source data collectors, knowledge bases, and model engines, with functions such as analysis management, operation management, model management, and response management. The paper used intelligent event correlation analysis technology, integrated multimodal data and AI algorithms, and implemented deep mining and closed-loop disposal of threats. Experimental deployment and application show that the platform can effectively detect and block multi-directional penetration attacks and abnormal behaviors, implement automated closed-loop disposal and model self-learning, and significantly improve the intelligence level of railway network security protection.