Network Security Situation Prediction Method via EVMD-Informer

Due to the strong non-stationarity and nonlinearity of network security situation data, traditional data-driven prediction models are easily influenced, leading to decreased accuracy. To address this issue, we introduce a network security situation prediction method based on an enhanced variational mode decomposition (EVMD) Informer. Firstly, we introduce the EVMD approach, which decomposes the original data into components, reducing non-stationary of data and improving prediction accuracy. Secondly, we apply the agglomerative hierarchical clustering algorithm to reconstruct these components, simplifying redundant elements and preparing them as inputs for the Informer model. Thirdly, we incorporate the Gaussian kernel function to enhance the accuracy of the Informer prediction model. Finally, we validate the proposed method using the NSL-KDD benchmark network security dataset. The results demonstrate that the proposed method achieves higher prediction accuracy than traditional methods, with a mean squared error of 0.005 13%.