Research Of Data Fusion And Analysis In Multiple Data Sources Based On Flow Matrix

Network situation refers to the network status and current trends of the entire networkwhich is composed of the status of multiple network devices, network behaviors, and userbehaviors and so on. Network Security Situational Awareness technology is a method tomonitor the network in real time and make early warnings and evaluates the security statustreads of the network in future. Network system in China is in the historical stage oftransformation. To improve our emergency response capacity, reduce the harm caused bynetwork attacks and improve the system’s ability to fight back. It has important significance todo research on Network Security Situational Awareness technology. Therefore, how toimprove network situational awareness, make data more intuitive, more objective of thecurrent network status becomes a hot topic in researchers. Network data fusion analysistechniques born out in such demands.In this paper, we make research on the related technologies involved in SNMP data andNetFlow data integration. Firstly, by analyzing the two different data, the theory of trafficmatrix data fusion is proposed. The advantages and the reasons why the theory been chosenare described in details too. Secondly, taking into account of the impact of a number offactors to traffic matrix estimation, including the coverage of NetFlow data collecting devicesand the changes of routing, an improved traffic matrix data fusion method is proposed.Thirdly, multi-source data fusion analysis system prototype is proposed. And every module ofthe system is analyzed in details. Finally, the improved traffic matrix data fusion method isverified feasibility and effectiveness in our experiments. Experiments show that the improvedalgorithm based on traffic matrix, can locate network anomalies and network congestion, andfind the key links of the network quickly and effectively.Additionally, based on the previous study, technologies such as socket programming areused in implementing data fusion. By monitoring data flow in the view of traffic matrix, wecould get comprehensive perspective of the network status, which is very useful for dataanalysis.