Application of Network Security Event Correlation Analysis and Situation Evaluation Technology

Abstract

Network security situational awareness can integrate all aspects of network security elements. Through correlation analysis, information fusion, situation prediction and other technologies to realize the intelligent analysis and comprehensive decision-making of complex information systems, network security situation awareness can improve the management efficiency and effect of complex networks. In order to solve the problem of parameter optimization of existing situation assessment methods, the parameters of SVM model are optimized based on Particle Swarm Optimization PSO algorithm. This paper presents a network security situation assessment method based on PSO and SVM. Using this algorithm can get a better balance between time-consuming and improving accuracy. At the same time, the index weight is determined according to grey correlation analysis, and the training samples are input to support vector machine for training. In this paper, the improved particle swarm optimization algorithm is used to optimize the parameters of support vector machine to improve the effect of situation assessment. Simulation test results show that the evaluation method improves the effectiveness and accuracy of situation assessment.