Abstract: Today's world, network information technology is changing with each passing day, which deeply promotes the economic development and technological innovation of enterprises, and also brings prominent network security problems to enterprises. In the past, the common method used by enterprises to face network security threats was to passively deploy security products and configure protection policies. It was impossible to detect and eliminate risks and threats in a timely and effective manner. In the "Cybersecurity Law" officially implemented by the state in 2017, it has been clear that enterprises need to establish an active defense mechanism. In order to make the defense of enterprise network security change from passive to active, it can accurately predict security risks. Taking e-mail system as an example, this paper proposes a risk forecasting method based on behavior analysis and establishes a behavior analysis model to provide a basis for the subsequent dynamic security protection strategy adjustment in recent years.

Key words: network security, e-mail system, Bayesian network, behavior analysis model, dynamic defense

摘要： 当今世界网络信息技术日新月异，深刻推动着企业经济发展、科技创新的同时，也给企业带来了十分突出的网络安全问题.以往企业面对网络安全威胁时的常用方法是被动的部署安全产品及配置防护策略，无法做到及时有效地发现并清除风险和威胁.在2017年国家正式实施的《中华人民共和国网络安全法》中，已明确了企业需建立主动防御机制.为使企业网络安全的防御从被动变主动，并能够较为精确地预判安全风险.以电子邮件系统为例，依据近年来我国学者基于贝叶斯网络进行相关研究所取得的成果，结合工作实际，提出一种针对行为分析的风险预判思路，并建立行为分析模型，为后续动态的安全防护策略调整提供依据.

关键词: 网络安全, 电子邮件系统, 贝叶斯网络, 行为分析模型, 动态防御