Study on data mining method of network security situation perception based on cloud computing

In recent years, the network has become more complex, and the attacker's ability to attack is gradually increasing. How to properly understand the network security situation and improve network security has become a very important issue. In order to study the method of extracting information about the security situation of the network based on cloud computing, we recommend the technology of knowledge of the network security situation based on the data extraction technology. It converts each received cyber security event into a standard format that can be defined as multiple brochures, creating a general framework for the cyber security situation. According to the large nature of network security situation data, the Hadoop platform is used to extract aggregation rules, and perform model extraction, pattern analysis, and learning on a network security event dataset to complete network security situation rule mining, and establish a framework for assessing the state of network security. According to the results of the federal rule extraction, the level of network node security risk is obtained in combination with signal reliability, signal severity, resource impact, node protection level, and signal recovery factor. A simulation test is performed to obtain the intrusion index according to the source address of the network security alarm. Through the relevant experiments and analysis of the results, the attack characteristics obtained in this study were obtained after manually reducing the network security event in the 295 h window. The results show that after the security event is canceled, the corresponding window attack index decreases to 0, indicating that this method can effectively implement a network security situation awareness. The proposed technique allows you to accurately sense changes in network security conditions.

Automated summary

In recent years, with the increasing complexity of networks and the growing capabilities of attackers, it has become crucial to properly understand and improve network security. This study proposes a method based on cloud computing for extracting information about the security situation of the network. By converting security events into a standard format and creating a general framework, the study aims to analyze and evaluate the network security situation. By utilizing the Hadoop platform for data extraction, model analysis, and learning, the study mines rules and features to assess the security risks of network nodes. Experimental results demonstrate that this method effectively enhances network security awareness and response capabilities.