摘要： 大数据环境下的网络安全事件层出不穷，安全态势感知系统的应用势在必行。通过挖掘日志数据并进行安全分析，可以实现对异常事件的追责与溯源，有效地减少网络安全事故的发生。针对传统K-Means算法时间开销大、执行效率低的问题，将改进K-Means算法在大数据计算框架Hadoop上实现并行化，来满足大数据下安全态势感知系统日志安全分析的需求。实验表明，改进后的算法在有效性和时间复杂度方面都优于传统算法。

中图分类号： TP311
文献标识码： A
DOI： 10.19358/j.issn.2096-5133.2020.07.006
引用格式： 江佳希，谢颖华. 安全态势感知系统中K-Means算法的并行化研究[J].信息技术与网络安全，2020，
39(7)：36-40，51.

Research on parallelization of K-Means algorithm in security situation awareness system

Abstract： With the emergence of network security events in a big data environment, the application of security situation awareness systems is imperative. By digging log data and performing security analysis, we can achieve accountability and traceability to abnormal events, and effectively reduce the occurrence of network security incidents. Aiming at the problems of large time overhead and low execution efficiency of the traditional K-Means algorithm, the security situation awareness system in this paper improves the K-Means algorithm to achieve parallelization on the big data computing framework Hadoop，and to meet the needs of log security analysis under big data. Experimental results show that the improved algorithm is superior to traditional algorithms in terms of effectiveness and time complexity.

Key words : Hadoop；security situation；K-Means；data mining