Aiming at the problem that it is difficult to accurately detect network malicious activities and unable to effectively analyze the network condition with single-point network data, this paper introduces the improved DS evidence theory, constructs a network security multi-source heterogeneous data fusion model, and applies the model to assess the network security posture on the basis of ensuring the model’s effectiveness and finally realizes the design of network security expert system. The experimental results show that compared with the recognition technology based on PSO-TSA model and the recognition method of network security posture elements based on clustering algorithm, the DS recognition framework in the data fusion model of this paper is able to recognize the network information security posture elements more accurately, and it can effectively safeguard the network information security to adapt to the increasingly complex network environment. Network security expert system managers should pay attention to assessing the network security posture from the service, host, network and other levels, and take targeted measures. The system in this paper is able to understand complex network security issues and provide targeted solutions and recommendations, which can greatly improve the response speed and processing quality of network security incidents.
