Network security situation awareness enables networks to actively and effectively defend against network attacks, relying on the extraction of network situation elements as an initial and decisive step. In existing studies, the stacked sparse autoencoder (SSAE) has been employed to extract features from unlabeled network flows. However, obtaining the optimal hyperparameter combination is challenging due to its numerous hyperparameters. To address this issue, we propose a novel approach named DBO-SSAE that leverages dung beetle optimization (DBO) to select the optimal hyperparameters for SSAE automatically. Applied to the well-known UNSW-NB15 dataset, our model yields an optimal feature subset, which is evaluated across various binary classifiers with different metrics. Experimental results demonstrate that our approach improves accuracy and $\textit{F}_{1}$ -measure by 0.2% to 1.5% while reducing the false negative rate (FNR) and false positive rate (FPR) by 0.06% to 7%, surpassing other feature extraction methods on the same classifier for the UNSW-NB15 dataset. Particularly, in conjunction with a lightweight bidirectional long short-term memory (BiLSTM), our model achieves metrics of 98.84% accuracy, 98.96% $\textit{F}_{1}$ -measure, 1.86% FNR, and 0.6% FPR. This study could provide novel insights into the effective representation of network situation elements and lay the groundwork for a high-efficiency intrusion detection system.