Data fusion technology is one of the key supporting technologies for network security situational awareness.This paper focuses on the research of multi-source alarm information fusion processing method,analyzes the level of network security situation perception data processing,and gives the process of processing data using data fusion technology.It takes the alarm information of network security equipment as the data source,and puts forward the theory of attribute similarity clustering and weighted D-S evidence theory.Source data fusion and vulnerability information association analysis are three ways to integrate multi-source alarm information fusion for network attack situation.This method takes a comprehensive consideration of the alarm information with a number of devices,and filters and fuses the alarm.It can reduce the number of alarm and make the final warning results better reflect the attack situation in the network.
展开▼