前言
💖💖作者:计算机程序员小杨 💙💙个人简介:我是一名计算机相关专业的从业者,擅长Java、微信小程序、Python、Golang、安卓Android等多个IT方向。会做一些项目定制化开发、代码讲解、答辩教学、文档编写、也懂一些降重方面的技巧。热爱技术,喜欢钻研新工具和框架,也乐于通过代码解决实际问题,大家有技术代码这一块的问题可以问我! 💛💛想说的话:感谢大家的关注与支持! 💕💕文末获取源码联系 计算机程序员小杨 💜💜 网站实战项目 安卓/小程序实战项目 大数据实战项目 深度学习实战项目 计算机毕业设计选题 💜💜
一.开发工具简介
大数据框架:Hadoop+Spark(本次没用Hive,支持定制) 开发语言:Python+Java(两个版本都支持) 后端框架:Django+Spring Boot(Spring+SpringMVC+Mybatis)(两个版本都支持) 前端:Vue+ElementUI+Echarts+HTML+CSS+JavaScript+jQuery 详细技术点:Hadoop、HDFS、Spark、Spark SQL、Pandas、NumPy 数据库:MySQL
二.系统内容简介
《全球网络安全威胁数据可视化分析系统》是一个基于大数据技术的网络安全威胁分析平台,采用Hadoop+Spark分布式计算框架构建数据处理引擎,运用Python语言开发核心算法模块。系统后端基于Django框架搭建,前端采用Vue+ElementUI+Echarts技术栈实现交互界面和数据可视化展示。通过集成Hadoop分布式文件系统HDFS进行海量威胁数据存储,利用Spark SQL和Pandas、NumPy等数据分析工具对全球范围内的网络安全事件进行多维度统计分析。系统核心功能涵盖时空维度分析、攻击特征分析、影响后果分析、防御响应分析等模块,能够对网络攻击的地理分布、时间趋势、攻击手段、损失评估等关键指标进行深度挖掘和可视化呈现,为网络安全管理人员提供直观的威胁态势感知和决策支持工具。
三.系统功能演示
四.系统界面展示
五.系统源码展示
from pyspark.sql import SparkSession
from pyspark.sql.functions import col, count, sum as spark_sum, avg, max as spark_max, date_format, window
from pyspark.sql.types import StructType, StructField, StringType, IntegerType, TimestampType, DoubleType
import pandas as pd
import numpy as np
from django.http import JsonResponse
from django.views import View
import json
from datetime import datetime, timedelta
spark = SparkSession.builder.appName("GlobalCyberThreatAnalysis").config("spark.sql.adaptive.enabled", "true").config("spark.sql.adaptive.coalescePartitions.enabled", "true").getOrCreate()
def time_space_threat_analysis(request):
threat_data = spark.read.format("json").load("hdfs://namenode:9000/cyber_threats/")
threat_data.createOrReplaceTempView("threats")
geographic_stats = spark.sql("""
SELECT country, region, city,
COUNT(*) as attack_count,
COUNT(DISTINCT attack_type) as attack_types,
AVG(severity_score) as avg_severity,
SUM(CASE WHEN status = 'active' THEN 1 ELSE 0 END) as active_threats
FROM threats
WHERE timestamp >= date_sub(current_date(), 30)
GROUP BY country, region, city
ORDER BY attack_count DESC
""").collect()
temporal_analysis = spark.sql("""
SELECT date_format(timestamp, 'yyyy-MM-dd') as date,
date_format(timestamp, 'HH') as hour,
COUNT(*) as hourly_attacks,
AVG(severity_score) as hourly_severity,
COUNT(DISTINCT source_ip) as unique_sources
FROM threats
WHERE timestamp >= date_sub(current_date(), 7)
GROUP BY date_format(timestamp, 'yyyy-MM-dd'), date_format(timestamp, 'HH')
ORDER BY date, hour
""").collect()
threat_correlation = threat_data.groupBy("country", "attack_type").agg(
count("*").alias("frequency"),
avg("severity_score").alias("avg_severity"),
spark_max("timestamp").alias("latest_attack")
).orderBy(col("frequency").desc()).collect()
hotspot_regions = spark.sql("""
SELECT region,
COUNT(*) as total_attacks,
COUNT(DISTINCT attack_type) as attack_diversity,
AVG(duration_minutes) as avg_duration,
SUM(estimated_damage) as total_damage,
RANK() OVER (ORDER BY COUNT(*) DESC) as threat_rank
FROM threats
WHERE timestamp >= date_sub(current_date(), 30)
GROUP BY region
HAVING COUNT(*) > 100
""").collect()
result_data = {
'geographic_distribution': [{'country': row.country, 'region': row.region, 'city': row.city,
'attack_count': row.attack_count, 'attack_types': row.attack_types,
'avg_severity': float(row.avg_severity), 'active_threats': row.active_threats}
for row in geographic_stats],
'temporal_patterns': [{'date': row.date, 'hour': row.hour, 'attacks': row.hourly_attacks,
'severity': float(row.hourly_severity), 'sources': row.unique_sources}
for row in temporal_analysis],
'threat_correlation': [{'country': row.country, 'attack_type': row.attack_type,
'frequency': row.frequency, 'severity': float(row.avg_severity)}
for row in threat_correlation],
'hotspot_analysis': [{'region': row.region, 'attacks': row.total_attacks,
'diversity': row.attack_diversity, 'damage': float(row.total_damage)}
for row in hotspot_regions]
}
return JsonResponse(result_data)
def attack_characteristic_analysis(request):
attack_data = spark.read.format("parquet").load("hdfs://namenode:9000/attack_logs/")
attack_data.createOrReplaceTempView("attacks")
attack_pattern_analysis = spark.sql("""
SELECT attack_type, attack_vector, target_system,
COUNT(*) as occurrence_count,
AVG(attack_duration) as avg_duration,
AVG(success_rate) as avg_success_rate,
COUNT(DISTINCT source_ip) as unique_attackers,
AVG(payload_size) as avg_payload_size,
MAX(complexity_score) as max_complexity
FROM attacks
WHERE timestamp >= date_sub(current_date(), 60)
GROUP BY attack_type, attack_vector, target_system
ORDER BY occurrence_count DESC
""").collect()
technique_evolution = spark.sql("""
SELECT attack_technique,
date_format(timestamp, 'yyyy-MM') as month,
COUNT(*) as monthly_usage,
AVG(detection_difficulty) as avg_difficulty,
COUNT(DISTINCT target_organization) as affected_orgs,
SUM(CASE WHEN detected = true THEN 1 ELSE 0 END) as detected_count,
SUM(CASE WHEN detected = false THEN 1 ELSE 0 END) as undetected_count
FROM attacks
WHERE timestamp >= date_sub(current_date(), 365)
GROUP BY attack_technique, date_format(timestamp, 'yyyy-MM')
ORDER BY month DESC, monthly_usage DESC
""").collect()
vulnerability_exploitation = attack_data.filter(col("exploit_used").isNotNull()).groupBy("cve_id", "exploit_type").agg(
count("*").alias("exploit_frequency"),
avg("time_to_exploit").alias("avg_exploit_time"),
spark_sum("systems_compromised").alias("total_compromised"),
avg("patch_availability_days").alias("avg_patch_delay")
).orderBy(col("exploit_frequency").desc()).collect()
attack_signature_analysis = spark.sql("""
SELECT signature_hash, attack_family,
COUNT(*) as signature_matches,
AVG(confidence_score) as avg_confidence,
COUNT(DISTINCT file_hash) as unique_samples,
MAX(first_seen) as first_detection,
MAX(last_seen) as latest_detection,
AVG(evasion_attempts) as avg_evasion_score
FROM attacks
WHERE signature_hash IS NOT NULL
GROUP BY signature_hash, attack_family
HAVING COUNT(*) >= 10
ORDER BY signature_matches DESC
""").collect()
characteristic_data = {
'attack_patterns': [{'type': row.attack_type, 'vector': row.attack_vector, 'target': row.target_system,
'count': row.occurrence_count, 'duration': float(row.avg_duration),
'success_rate': float(row.avg_success_rate), 'attackers': row.unique_attackers,
'payload_size': float(row.avg_payload_size), 'complexity': row.max_complexity}
for row in attack_pattern_analysis],
'technique_trends': [{'technique': row.attack_technique, 'month': row.month, 'usage': row.monthly_usage,
'difficulty': float(row.avg_difficulty), 'orgs_affected': row.affected_orgs,
'detected': row.detected_count, 'undetected': row.undetected_count}
for row in technique_evolution],
'vulnerability_data': [{'cve_id': row.cve_id, 'exploit_type': row.exploit_type,
'frequency': row.exploit_frequency, 'exploit_time': float(row.avg_exploit_time),
'compromised': row.total_compromised, 'patch_delay': float(row.avg_patch_delay)}
for row in vulnerability_exploitation],
'signature_analysis': [{'hash': row.signature_hash, 'family': row.attack_family,
'matches': row.signature_matches, 'confidence': float(row.avg_confidence),
'samples': row.unique_samples, 'evasion_score': float(row.avg_evasion_score)}
for row in attack_signature_analysis]
}
return JsonResponse(characteristic_data)
def impact_consequence_analysis(request):
impact_data = spark.read.format("delta").load("hdfs://namenode:9000/impact_assessment/")
impact_data.createOrReplaceTempView("impacts")
financial_damage_analysis = spark.sql("""
SELECT industry_sector, organization_size,
COUNT(*) as incident_count,
AVG(direct_financial_loss) as avg_direct_loss,
AVG(indirect_financial_loss) as avg_indirect_loss,
AVG(recovery_cost) as avg_recovery_cost,
AVG(legal_penalty) as avg_legal_cost,
SUM(total_financial_impact) as sector_total_damage,
AVG(recovery_time_days) as avg_recovery_time
FROM impacts
WHERE incident_date >= date_sub(current_date(), 180)
GROUP BY industry_sector, organization_size
ORDER BY sector_total_damage DESC
""").collect()
operational_impact_metrics = spark.sql("""
SELECT impact_category, severity_level,
COUNT(*) as case_count,
AVG(downtime_hours) as avg_downtime,
AVG(affected_users) as avg_affected_users,
AVG(data_loss_gb) as avg_data_loss,
AVG(system_unavailability_percent) as avg_unavailability,
AVG(productivity_loss_percent) as avg_productivity_loss,
COUNT(DISTINCT organization_id) as affected_organizations
FROM impacts
WHERE incident_date >= date_sub(current_date(), 90)
GROUP BY impact_category, severity_level
ORDER BY case_count DESC
""").collect()
reputation_brand_impact = impact_data.filter(col("reputation_score_before").isNotNull()).groupBy("industry_sector").agg(
count("*").alias("reputation_incidents"),
avg(col("reputation_score_before") - col("reputation_score_after")).alias("avg_reputation_drop"),
avg("customer_churn_rate").alias("avg_churn_rate"),
avg("media_coverage_sentiment").alias("avg_media_sentiment"),
spark_sum("lost_customers").alias("total_customer_loss"),
avg("brand_recovery_months").alias("avg_recovery_months")
).orderBy(col("avg_reputation_drop").desc()).collect()
regulatory_compliance_impact = spark.sql("""
SELECT compliance_framework, violation_type,
COUNT(*) as violation_count,
AVG(fine_amount) as avg_fine,
AVG(audit_cost) as avg_audit_cost,
AVG(remediation_cost) as avg_remediation_cost,
COUNT(DISTINCT regulator_id) as involved_regulators,
AVG(compliance_restoration_days) as avg_restoration_time,
SUM(CASE WHEN license_suspended = true THEN 1 ELSE 0 END) as license_suspensions
FROM impacts
WHERE compliance_violation = true
GROUP BY compliance_framework, violation_type
ORDER BY violation_count DESC
""").collect()
long_term_consequence_tracking = spark.sql("""
SELECT consequence_type,
COUNT(*) as consequence_instances,
AVG(duration_months) as avg_duration,
AVG(ongoing_cost_monthly) as avg_monthly_cost,
AVG(market_share_loss_percent) as avg_market_loss,
AVG(employee_turnover_increase) as avg_turnover_increase,
COUNT(DISTINCT follow_up_incidents) as secondary_incidents,
AVG(insurance_premium_increase) as avg_premium_increase
FROM impacts
WHERE long_term_tracking = true
GROUP BY consequence_type
ORDER BY consequence_instances DESC
""").collect()
impact_assessment_data = {
'financial_analysis': [{'sector': row.industry_sector, 'org_size': row.organization_size,
'incidents': row.incident_count, 'direct_loss': float(row.avg_direct_loss),
'indirect_loss': float(row.avg_indirect_loss), 'recovery_cost': float(row.avg_recovery_cost),
'legal_cost': float(row.avg_legal_cost), 'total_damage': float(row.sector_total_damage),
'recovery_time': float(row.avg_recovery_time)} for row in financial_damage_analysis],
'operational_metrics': [{'category': row.impact_category, 'severity': row.severity_level,
'cases': row.case_count, 'downtime': float(row.avg_downtime),
'affected_users': float(row.avg_affected_users), 'data_loss': float(row.avg_data_loss),
'unavailability': float(row.avg_unavailability), 'productivity_loss': float(row.avg_productivity_loss),
'organizations': row.affected_organizations} for row in operational_impact_metrics],
'reputation_impact': [{'sector': row.industry_sector, 'incidents': row.reputation_incidents,
'reputation_drop': float(row.avg_reputation_drop), 'churn_rate': float(row.avg_churn_rate),
'media_sentiment': float(row.avg_media_sentiment), 'customer_loss': row.total_customer_loss,
'recovery_months': float(row.avg_recovery_months)} for row in reputation_brand_impact],
'compliance_violations': [{'framework': row.compliance_framework, 'violation_type': row.violation_type,
'violations': row.violation_count, 'avg_fine': float(row.avg_fine),
'audit_cost': float(row.avg_audit_cost), 'remediation_cost': float(row.avg_remediation_cost),
'regulators': row.involved_regulators, 'restoration_time': float(row.avg_restoration_time),
'suspensions': row.license_suspensions} for row in regulatory_compliance_impact],
'long_term_effects': [{'consequence': row.consequence_type, 'instances': row.consequence_instances,
'duration': float(row.avg_duration), 'monthly_cost': float(row.avg_monthly_cost),
'market_loss': float(row.avg_market_loss), 'turnover_increase': float(row.avg_turnover_increase),
'secondary_incidents': row.secondary_incidents, 'premium_increase': float(row.avg_premium_increase)}
for row in long_term_consequence_tracking]
}
return JsonResponse(impact_assessment_data)
六.系统文档展示
结束
💕💕文末获取源码联系 计算机程序员小杨
