Network Security Situation Fusion Analysis Technology Based On XFlow

With the development of modern network technology, network forming style becomediverse. As the fusion of sensor networks, AD Hoc and space-based new network, the networktopology becomes much more complex. At the same time, because the structure of thenetwork equipment is different, the node number of the network is huge, the frequentinteraction information between the network causes more traffic in the network and load ofthe network equipment increases, it is in the threat of failure, attacks, disaster and abnormalincidents. The availability and reliability of the network is in severe challenges.As a hot spot of the network research all around the world, NSSA can do abnormalnetwork behavior identification, prevention, response and early warning and givecorresponding solving strategy in order to solve the severe situation of the network security.This paper proposes the network security situation fusion analysis technology based on xFlow.As a new way of fusion analysis method in security situation area, this technology is able torespond effectively the problem of the single data source. It provides accurate and neccesaryinformation which can determine the network status and can predict the future trend of thenetwrok.First of all, this paper introduces the current research status of NSSA all over the world.And combined with the Netflow，SNMP and other information access method of situationalawareness,it shows the characteristics of sFlow and application advantages in situationalawareness area.Second, the paper focuses on the statistics sample access method and interface sampleaccess method, and do deep research on the formats of sFlow data and Netflow data to guidethe reseearch of the network data decode and data fusion method effectively. Based on theinformation characteristics of the two data, the information access function of the networkdata is implemented.Third, start with characteristics of normal network security situational events, the paperimproves Bayesian random variables, introduces fusion probability factor,proposes fusionmethod based on Bayesian and fuzzy clustering, and use fusion data to do network securitysituational analysis to implement the data fusion analysis function based on sFlow.At last, the experiment verifies the advantages and imporance of the network securitysituational fusion analysis technology based on xFlow in the research of NSSA and point outthe way of the future research.