Network security situation awareness has become a hot research topic in the next generation security technology, and it is expected to solve the network security and management issues. In view of the current security situation anomaly detection with high space-time complexity and difficult operating problems, presents a feasible quantitative method through introducing a group of samples and using the hypothesis test for the abnormal detection of network security situation. The method can predict the trend of system security situation and provides a reliable basis for the network administrator's decision making and defensive measures, do nip in the bud. Finally, the proposed anomaly detection technique and algorithm of the network security situation are verified by using the simulation data. The results show that the method is correct and has the advantages of simple and feasible.