Distributed denial of service attack detection method and associated device

Disclosed in embodiments of the present invention are a distributed denial of service (DDoS) attack detection method and associated device, applied to a software defined network (SDN), wherein the SDN comprises a controller and at least one edge switch. The method comprises: monitoring first request information in a preset first window, and calculating a current request processing rate of a target device in an SDN with respect to the first request information, wherein the first request information is a request data flow needed to be processed by a controller and transmitted to the controller by an edge switch corresponding to the target device; determining, according to the current request processing rate, whether the target device is in an abnormal state; if so, querying flow table match information corresponding to the target device; and determining, according to the flow table match information, whether the target device is under a DDoS attack. The present invention can improve detection accuracy of a DDoS attack on an SDN.