The rapid development of network technology has made hackers' attack methods mature and diversified. The traditional network architecture has been unable to respond to diversified sources of attacks. The emergence of Software Defined Network (SDN) and Network Functions Virtualization (NFV) technology has brought about innovative changes for network operators. The future architecture of network security will be developed towards programmable and virtualization. It not only has the advantages of flexible management and low cost of hardware construction, but also helps to develop network security measures to protect against the threat of malicious attacks. This paper uses OpenStack cloud computing platform to practice NFV development environment, and combines SDN technology to set up SDN/NFV network security technology experimental environment. It achieves real-time network traffic monitoring and attack detection through the establishment of distributed denial-of-service attack (DDoS) simulation and attack monitoring technology.