Fuente: Wipo "BigData" The invention provides a multi-mode anomaly detection method and system for big data network traffic, and the method comprises the steps: obtaining traffic data generated by an intranet, and carrying out the flow analysis of the traffic data, and obtaining a deep packet detection feature; performing abnormal behavior detection on the traffic data based on the deep packet detection features through a machine learning model to obtain multiple pieces of suspected abnormal behavior traffic; inputting the suspected abnormal behavior traffic into a deep learning model to obtain a representation vector of the suspected abnormal behavior traffic; detecting and classifying the suspected abnormal behavior traffic based on the representation vector to obtain an abnormal behavior classification result; in order to further improve the detection accuracy, the deep learning model is utilized to detect the suspected abnormal behavior traffic obtained by the machine learning model, detection is carried out again based on the multi-modal features, and the abnormal behavior traffic in the network traffic can be identified more accurately; and on the basis of multi-modal feature detection, the feature quantity is increased, and the anomaly detection of mass flow can be realized without obtaining a large number of anomaly samples.