A hierarchical peer-to-peer(P2P) model and a data fusion method for network security situation awareness system are proposed to improve the efficiency of distributed security behavior monitoring network. The single point failure of data analysis nodes is avoided by this P2P model, in which a greedy data forwarding method based on node priority and link delay is devised to promote the efficiency of data analysis nodes. And the data fusion method based on repulsive theory-Dumpster/Shafer(PSORT-DS) is used to deal with the challenge of multi-source alarm information. This data fusion method debases the false alarm rate. Compared with improved Dumpster/Shafer(DS) theoretical method based on particle swarm optimization(PSO) and classical DS evidence theoretical method, the proposed model reduces false alarm rate by 3% and 7%,respectively, whereas their detection rate increases by 4% and 16%, respectively. A hierarchical peer-to-peer (P2P) model and a data fusion method for network security situation awareness system are proposed to improve the efficiency of distributed security behavior monitoring network. The single point failure of data analysis nodes is avoided by this P2P model, And which data fusion method based on repulsive theory-Dumpster / Shafer (PSORT-DS) is used to deal with the challenge Compared with improved Dumpster / Shafer (DS) theoretical method based on particle swarm optimization (PSO) and classical DS evidence theoretical method, the proposed model reduces false alarm rate by 3% and 7%, respectively, while their detection rate increases by 4% and 16%, respectively.