The model of network security situation assessment based on random forest

Abstract

Before, people focused on how to judge the network security situation by expert experience. In order to accurately assess the security posture of networks in real time, we proposed a network security situation assessment model based on random forest (RF). This model is based on the idea of multiple classifiers combination, constituted by the decision tree, each tree relies on independent samples, and all trees in a forest with the same values of the distribution of the random vector. When classifying, each tree to vote and return the class with the most votes, which makes network security situation assessment is more objective and accurate. Experiments show that this model can be quicker and more accurate to assess your current network security situation compared with Bayesian network.