The rapid development of malicious code has seriously affected the network information security. The traditional malicious code detection methods do not clearly divide the network behavior characteristics, resulting in inaccurate malicious code detection results. Therefore, research on malicious attack code detection methods for communication networks based on PSO-KM clustering analysis. The specific content of malicious attack code in communication network is analyzed, and the network behavior is extracted from the flow trajectory of network layer, and the behavior characteristics are determined in the MFAB-NB framework. The initial processing center is selected by the normalization algorithm, and the behavior characteristics of the classified communication network are normalized to judge the attack speed and location. Follow up the whole process of communication network data transmission in real time and apply fitness function to seek the optimal solution of malicious code updating. The feature set of malicious code data was constructed based on the PSO-KM clustering analysis technology, and the weight of the feature cluster was allocated using the small batch calculation method. The weighted average value was used as the distribution basis to detect the malicious attack code, and the detection method was designed. The experimental results show that the correct recognition rate of malicious attack code detection can reach more than 99% and the false positive rate can be controlled within 0.5% under the application of this method, which has application value.