The Information System Security Situational Awareness Based On Cloud Computing

With the increasing amount of data in the information network, various network threats are growing. Designing efficient and reliable security situational awareness methods becomes one of the main tasks of information security. By using the Apriori algorithm based on MapReduce in the cloud computing environment to knowledge discovery in the network security situational awareness, we can realize rapid security modeling and security situational generation of huge amounts of data. Firstly, the system uses D-S evidence theory to model security situation, streaming, filtering and integrating various types of security events. Secondly, we introduce MP-Apriori algorithm to knowledge discovery, from which association rules of security alarm events generate. Lastly, network security situation generates based on security situation generation algorithm. Then, we use KDD Cup 99 data sets to simulate experiment. We input equal amount of security warning events, verify the accuracy of the CC-SSA and compare the time of using four different computing nodes. The experiment shows that CC-SSA method for a network security situational awareness of huge amounts of data is superior in speed.