随着计算机及网络的快速发展,层出不穷的黑客攻击和网络病毒事件使得网络安全问题突显出来。因此,网络安全已经成为当前计算机网络研究和开发的热点。目前的入侵检测系统通常局限于通过原始数据去发现局部或者是单独的攻击行为,而很少涉及对这些简单攻击事件之间的逻辑关系和攻击目标的分析。文中研究了分布式环境下的全局事件分析方法,提出了基于改进的关联分析算法和序列分析算法的全局事件分析技术。 With the rapid development of computers and networks, an endless stream of hacker attacks and network virus incidents have highlighted the problem of network security. Therefore, network security has become a hot spot in computer network research and development. Current intrusion detection systems are often limited to discovering local or isolated attacks through raw data, and seldom involve the analysis of the logical relationships between these simple attacks and the targets of attack. In this paper, the global event analysis method in distributed environment is researched, and the global event analysis technology based on improved association analysis algorithm and sequence analysis algorithm is proposed.