ABSTRACT
The frame structure of network security situation awareness widely used is the mode based on the agent. Xu Biao[2] proposed the network security situation awareness model based on the agent which gave full play to the advantages of independence and extendibility of the agent. Lu Aiping[3]
1 INTRODUCTION
In order to ensure the safety of network information system, some policies have adopted to realize the effective isolation and data security interaction between internal and external network systems and new security questions have been brought out. The traditional defensive device with the independence of deployment mode and defense method made network structure complicated and made administrators have no enough time to analyze massive alert logs to adopt are overall defense method. A new technology has been investigated to realize message screening, assessment, prediction and monitoring network status. Moreover, network security situation awareness technologies have come at the proper moment.
