With the rapid development of information technology and the rapid popularization of the Internet, while people enjoy the convenience and efficiency brought about by new technologies, they are also suffering from the harm caused by cyber attacks. In addition to efficiently thwarting network assaults, a high volume of complicated security event data might unintentionally increase the strain of policy makers. At present, NS threats mainly include network viruses, trojans, DOS (Denial-Of-Service), etc. For the increasingly complex Network Security (NS) problems, the traditional rule-based network monitoring technology is difficult to predict the unknown attack behavior. Environment-based, dynamic and integrated data fusion can integrate data from a macro perspective. In recent years, Machine Learning (ML) technology has developed rapidly, which could easily train, test and predict existing third-party models. It uses ML algorithms to find out the association between data rather than manually sets rules. Support vector machine is a common ML method, which can predict the security of the network well after training and testing. In order to monitor the overall security status of the entire network, NS situation awareness refers to the real-time and accurate reproduction of network attacks using the reconstruction approach. Situation awareness technology is a powerful network monitoring and security technology, but there are many problems in the existing NS technology. For example, the state of the network cannot be accurately detected, and its change rule cannot be understood. In order to effectively predict network attacks, this paper adopted a technology based on ML and data analysis, and constructed a NS situational awareness model. The results showed that the detection efficiency of the model based on ML and data analysis was 7.18% higher than that of the traditional NS state awareness model.
Read full abstract