Research On Key Technologies Of Network Security Situation Awareness In Big Data Environment

The rapid development of information network brings explosive growth of network data.Due to the huge amount,variety and rapid change of data in big data environment,how to quickly and accurately obtain network security information,extract effective features,evaluate and predict network security situation,and enhance network security active defense capability has attracted the attention of a large number of researchers.The research of network security situation awareness and timeliness has become a hot topic.In this paper,the key technologies of network security situation awareness in big data environment are deeply studied,focusing on the network attack feature extraction method,network attack detection method,network security situation assessment method,network security situation prediction method and so on.The main research work and innovation of this paper are as follows:1.Aiming at the problem that high-dimensional data has large scale,many attributes,nonlinear characteristics and a large number of noise data,which seriously affects the accuracy and efficiency of data analysis and may lead to the disaster of dimension,a feature extraction method based on combined kernel sparse auto-encoder is proposed.By constructing the combined kernel function,the sparse auto-encoder is used to reconstruct the data features,and the adaptive genetic algorithm is used to optimize the solution,so as to obtain the reduced dimension feature matrix.This method effectively solves the dimensionality reduction problem of network security data with nonlinear characteristics in big data environment,avoids the dimensionality disaster,and improves the processing effect and computational efficiency of high-dimensional network security data.The simulation results based on the Internet of things gafgyt botnet attack data set show that the recognition rate of this feature extraction method is significantly higher than that of the traditional feature extraction algorithm,and has good computational efficiency.2.In view of the large complexity and computational complexity of imbalanced big data classification,the high dependence on prior knowledge,and the problem that the classification performance needs to be improved,a convolutional neural network(CNN)classification and detection method based on transfer learning is proposed.By introducing transfer learning,the problem of knowledge acquisition and training efficiency of high-dimensional complex data feature extraction in big data environment is effectively solved.The performance of neural network is optimized by conjugate gradient descent algorithm.At the same time,the problem of low classification accuracy caused by unbalanced data categories is solved by improved KNN classification algorithm,and the classification calculation efficiency and classification detection accuracy are improved.Simulation results show that the performance of the proposed method is significantly higher than that of the traditional machine learning method and other deep learning methods.3.For the big data environment,it is difficult to quantify the network security situation evaluation index,and there are many uncertainties in the evaluation relying on expert knowledge,a network security situation assessment method based on evidence theory is proposed.In this method,a set of multi-level,multi-dimensional,quantifiable network security situation assessment index system is established,the expected deviation function of uncertain variables is introduced to construct the expert reliability allocation function and optimize the expert reliability.The credibility of each evidence is determined by improving the calculation of evidence source distance.The improved evidence synthesis formula based on local conflict allocation is used to solve the local conflict between evidences,and finally the comprehensive situation of network security is calculated.This research method reduces the problem of uncertainty and information conflict of evidence source in network security situation assessment under big data environment,weakens the influence of human factors on network security situation assessment,and improves the accuracy of network security situation assessment.The simulation experiment based on the data set of Internet network security situation shows that this research method has less error than the traditional network situation assessment method,and can more accurately reflect the network security situation in the big data environment.4.In the big data environment,the massive security data changes rapidly with time,and the historical data is incomplete,so it is impossible to realize the real-time and accurate prediction of the global network security situation,a network security situation prediction method of gated recurrent unit based on attention mechanism is proposed.In this method,the intuitionistic fuzzy historical time series data of network security situation are input into the gating cycle unit neural network model based on attention mechanism for prediction,and the hybrid algorithm of LM(Levenberg Marquardt)and particle swarm optimization is used in the dynamic optimization to improve the network performance.This method improves the real-time and effectiveness of network security situation prediction,improves the convergence speed and measurement accuracy of the algorithm,and avoids over fitting phenomenon.The simulation experiments based on the Internet network security situation data set show that this research method has smaller prediction error than the traditional machine learning method and other deep learning methods,has higher learning efficiency,and can more quickly,accurately and effectively predict the change trend of network security situation in the big data environment in the future.