网络安全态势建模与可视化

s the network attack and defense situation enters a new stage, the grasp and prediction of the overall network status becomes more important. Network security situation awareness can meet the security defense requirement under the new situation and is the core of the new generation network intrusion detection system. Based on the conception of situation awareness, this paper designs and implements a small network security situation awareness system after comprehensive research on domestic and foreign literature. The feature vector and data aggregation algorithm are used to reduce the number of alarms, and the situation model in the LAN is modeleModeling and Visualization of Network Security Situationd based on the algorithm based on hidden Markov model. Web crawling technology and selenium tools are used to obtain public vulnerability information. And visualization technologies are used to display the data and perform statistical analysis. The system implements the basic idea of situation awareness and realizes the functions of situation extraction and situation understanding.