Abstract: With the increasing development of big data technology, it is possible to identify various attacks and threats by correlating various network security events and related system information.