Design And Implementation Of Network Security Situation Assessment System Based On Ensemble Learning

With the strengthening of information construction in power enterprises,the scale of power information system has been expanding,which includes a large number of services and a variety of types.Centralized monitoring of all services and timely detection of network risk faults are of great significance to the safe and stable operation of the system.However,in the face of complex structure and huge amount of data,it takes a lot of time and cost to analyze.The situation of each service directly reflects its safe operation status,and then the analysis of services with low situation can filter a lot of useless information and reduce a lot of operation and maintenance work.Existing researches mainly focus on a single system,ignoring that in the actual business scenario,it often contains a variety of services.Therefore,in this thesis a security situation assessment system based on ensemble learning is designed and implemented.Through the mining and analysis of index data and alarm data,it assesses the situation of power information system under multi-service scenarios,and effectively predicts the future operation status of the system,which provides technical support for operation and maintenance personnel to make timely and correct judgments.Experiments show that the system is more accurate than the existing security situation assessment methods,and can better reflect the overall actual situation of the system.The prediction effect of the overall operation state of the system is good.The key research contents of this thesis are as follows:1.The data preprocessing method based on the data related to network security of power information system is studied.In this thesis,the data collected from an electric power information system is divided into index data and alarm data,and the index data is processed by neighborhood mean value to fill missing values and reduce data dimensions;the alarm key information is extracted from the alarm data,and finally the index data and alarm data are fused.2.The model of security situation assessment based on ensemble learning is studied.In this thesis,Boosting algorithm is used to assess the security situation and improve the Boosting algorithm.And a network security situation assessment model based on the improved Boosting algorithm is proposed,which improves the accuracy of the network security situation assessment model.3.The hierarchical security situation quantification model is studied.In this thesis,we analyze the original hierarchical evaluation method,fully consider the rationality of the hierarchical structure division of the hierarchical model,and propose an improved hierarchical model of security situation quantification,which combines with AHP algorithm to calculate the security situation of each service and the whole.4.The situation prediction model is studied.In this thesis,LSTM is used to predict the future operation of the system,and the particle swarm optimization（PSO）is used to optimize the LSTM situation prediction model.5.The network security situation assessment system is studied.A situation assessment system suitable for multi-service scenarios is designed and implemented,and the visualization display is carried out,which improves the ability of decision makers or operation and maintenance personnel to perceive the network security situation of power information system.