The network topology is reconstructed in real-time according to business requirements, and the data sources exhibit heterogeneity, making it difficult to handle the spatiotemporal dynamic coupling of data features, which increases the difficulty of predicting the network security situation. Therefore, this study proposes a network security situation prediction method based on attack defense tree. Firstly, security situation data is collected from multiple sources of network security data, including traffic data, log data, threat intelligence, and asset data. Through preprocessing steps such as cleaning, organizing, and standardizing, the quality and credibility of the data are improved. Then, the Lasso feature selection method is used to extract meaningful features from the preprocessed data and establish a situational assessment dataset. In the attack recognition stage, deep neural networks (DNNs) are used to accurately identify attack behaviors in the network, and Dropout regularization technology is introduced to enhance the model’s generalization ability. Finally, combined with the attack defense tree model, based on the current network state and known attack information, the attack path is traversed and analyzed using reverse inference. Predict by calculating the overall vulnerability index of the system. The experimental results show that this method can effectively improve the accuracy, timeliness, and dynamism of predictions, providing strong support for network security management.
