As information technology security issues become more prominent, the network system security analysis is becoming increasingly important. The paper presents NEG-NSAM, a network security analysis method. Based on network parameters abstract and vulnerability correlation analysis, the network exploitation graph model was constructed, and the dynamic process of a gradual infiltration of the main threats to security objectives was characterized. For large-scale network environment, the simplified algorithm of network exploitation graph model was proposed. Finally, the NEG-NSAM was used to exemplify the network and verify the feasibility and effectiveness of the method.