Analysis On Network Security Situation Based On Data Mining

Along with the development of Internet technology and applications,network security is a growing problem, while the type of network securitythreats are increasingly diverse. For example, Distributed Denial of Serviceattack, which was based on the network Trojans and botnets, now maycombines with P2P technology, making it more difficult for people toprevent and combat it. On the other hand, huge numbers of networksecurity monitoring technology, tools, products and equipment aregenerating a even more huge number of network security incidents, andnetwork traffic data. The traditional means of manual processing, or simplestatistical methods have been unable to meet the need to deal with thesedata. So, it’s urgent use of efficient analysis processing means, in order toobtain valuable information from the data mining.In this article, combined with the analysis of the principles andcharacteristics of various network security threats and a variety of knownmethods of data analysis and technical, a number of new methods and newtechnologies are formed, such as the events diffusion model, the hot spotsvalidation model, and the triples model, which are used to analyze networksecurity situation based on data mining. They can provide effective analysis and processing for various data, including communication data ofknown certain network security threats and the Shanghai metropolitan areanetwork traffic communications data, such as getting the type of hotsecurity incidents and trends in the development of network securityincidents. Through the construction of a practical platform, these analyticalmethods and techniques are well validated in practice.This article follows the research process which includes backgroundinvestigation, theoretical analysis, technology innovation and practicalapplication. Through research, the knowledge of network security threatsand data mining techniques is finished, while forming innovation innetwork security events and trend analysis methods and technologies. Onthe other hand, rose from theory to the actual, ultimately a practicalapplication is deployed, relying on existing data sources and projectconstruction.Process and conclusions of this article can provide a referencefor the development of the theory and other actual business, such asnetwork security events monitoring, early warning and trend analysis.