The traditional network anomaly detection is limited by data storage and processing capabilities,which has the problems of low accuracy rate,high false alarm rate and unable to detect unknown attacks.To resolve this,combined with the improved Support Vector Machine and Random Forest algorithm in Spark, a network abnormal behavior detection model based on big data technology is proposed.The method is verified by NSL-KDD data set,which shows that the method is superior to the traditional detection algorithm in accuracy and false positive rate.The accuracy and false positive rate of the overall detection are 96.61% and 2.92%,The accuracy rates of DOS, Probe, R2L and U2R respectively were 98.01%, 88.29%, 94.03% and 66.67%,which verified the effectiveness of the method.