中圖分類號： TP311
文獻(xiàn)標(biāo)識碼： A
DOI： 10.19358/j.issn.2096-5133.2020.07.006
引用格式： 江佳希，謝穎華. 安全態(tài)勢感知系統(tǒng)中K-Means算法的并行化研究[J].信息技術(shù)與網(wǎng)絡(luò)安全，2020，
39(7)：36-40，51.

Research on parallelization of K-Means algorithm in security situation awareness system

Abstract： With the emergence of network security events in a big data environment, the application of security situation awareness systems is imperative. By digging log data and performing security analysis, we can achieve accountability and traceability to abnormal events, and effectively reduce the occurrence of network security incidents. Aiming at the problems of large time overhead and low execution efficiency of the traditional K-Means algorithm, the security situation awareness system in this paper improves the K-Means algorithm to achieve parallelization on the big data computing framework Hadoop，and to meet the needs of log security analysis under big data. Experimental results show that the improved algorithm is superior to traditional algorithms in terms of effectiveness and time complexity.

Key words : Hadoop；security situation；K-Means；data mining