The invention discloses a self-adaptively started ddos defense method based on a trust value in an SDN. The self-adaptively started ddos defense method comprises the following steps: a switch receives an unmatched packet, and sends a packet_in data packet to a controller; a counter is deployed in an SDN controller; the counter pre-sets a packet_in number value; when an arrival packet_in number is equal to a set value every time, the packet_in arrival rate in the time period is calculated; then, whether the packet_in arrival rate is abnormal or not is judged; the flow on the switch corresponding to packet_in is precisely detected by utilization of a reverse neural network classifier; a neural network, an intermediate layer of which is 50*50, is established; six characteristic values are calculated; training is carried out by taking the six characteristic values as input of the classifier; and, if the output value of the neural network is between 0.5 and 1, the fact that the flow is a ddos attack is determined. By means of the self-adaptively started ddos defense method and system based on the trust value in the SDN disclosed by the invention, the characteristics of the SDN, such as flow table information of a data layer and control of the controller in a control layer to the whole network, are sufficiently utilized; and thus, the ddos attack in the SDN can be effectively defensed.