The invention discloses a key IP address safety alarm association analysis method based on a fuzzy scene. The method comprises the steps of: firstly, utilizing a statistic method to aggregate alarms, then utilizing a strategy to neglecting and filtering the alarms, finally utilizing an association analysis algorithm based on the fuzzy scene to calculate an event suspected degree corresponding to a source IP, and utilizing a big data analysis method to carry out statistic querying on alarm logs related to a suspected IP. According to the invention, the concept of fuzzy scene is innovatively provided, and a conventional analysis mode by constructing an attack scene is broken through, wherein the association analysis mode of the fuzzy scene is characterized in that deep excavation and association analysis are carried out on a large number of related safety alarm events with the IP address serving as the core. Related factors of the alarms, which may influence the IP safety, are analyzed, the factors are analyzed in an integrated manner, and a suspected degree value reflecting the safety condition of the IP is obtained by an event suspected degree calculation formula.