This paper addresses security vulnerabilities in connected automated vehicles (CAVs) arising from V2X and intra-vehicle communications. Methodologically, it proposes a hierarchical collaborative defense framework featuring: (i) a unified threat model and dynamic attack-path inference mechanism spanning both intra-vehicle and inter-vehicle domains; (ii) integration of lightweight HMAC-SHA3 authentication, graph neural network (GNN)-based topology-aware anomaly detection, rule-engine-driven intrusion detection systems (IDS), and SDN-programmable security gateways. Its key contribution is the first holistic, vehicle-internal-and-external threat modeling approach coupled with real-time response assessment. Experimental evaluation in a CARLA+SUMO co-simulation environment demonstrates 99.2% attack detection accuracy and sub-15 ms average latency. The framework has undergone preliminary compliance verification against ISO/SAE 21434 automotive cybersecurity standards.