With the increasing complexity and scale of networks, the computer attacks increase year by year and becomes more complicated. The defenders not only need to detect malicious activity through a large number of alerts generated by intrusion detection system, but also need to use these alerts to assess security state and predict attack, so as to take proactive response to reduce the damage of cyber-attacks. In this process, it is necessary to preprocess the huge amounts of raw alerts to get the appropriate granularity, so as to improve the accuracy of the subsequent assessment and prediction model. At the same time, the security evaluation model needs to have a good explainability and comprehensive attack prediction ability, including attack event and attack step prediction, in order to provide a better decision reference for proactive response. In addition, the model should be able to adapt to zero-day attacks. To address these issues, in this paper, we propose NSAPs, a novel scheme for network security state assessment and attack prediction. First, we extract attack steps based on quantitative alert quality to reduce the amount of data. Second, we extract attack events with medium granularity from attack steps based on Semi-Markov Conditional Random Fields (semi-CRFs). The semi-CRFs can use as much alert information as possible to correlate alerts and can also take advantage of the contextual information between the attack events. Therefore, the NSAPs can provide a comprehensive attack prediction with a good explainability. Third, the extracted attack events are used as the input of the Hidden Markov Model (HMM) to assess security state. At the same time, we propose a HMM matching method based on the longest common subsequence of the attack events which makes the model adapt to the unknown alters well. Finally, we combine probability values from semi-CRFs and HMM to predict attacks. Our evaluation results indicate that the assessment and prediction of proposed scheme are more accurate and comprehensive compared with existing approaches.