The types and forms of abnormal traffic in train communication networks are diverse, and feature extraction is difficult. The effectiveness of abnormal intrusion detection is poor. Therefore, a train communication network abnormal intrusion detection system based on bidirectional AC algorithm is designed. The collection layer utilizes a network data collector to collect train communication network information within the train communication network; The storage layer stores the collected information through distributed storage, columnar storage, and structured storage methods; The analysis layer utilizes a protocol parsing module to parse information and obtain information that meets the specifications. Among them, the deep packet filtering module utilizes whitelist technology to filter compliant information and extract key information; The intrusion feature pattern extraction module can extract abnormal intrusion feature patterns from key information; The feature pattern matching module utilizes a bidirectional AC algorithm to automatically match the extracted feature patterns with the feature patterns in the intrusion feature pattern library; The intrusion response module completes abnormal intrusion detection in the train communication network by analyzing the automatic matching results. The visualization layer presents anomaly intrusion detection results in the form of visual reports. The experimental results show that the system can effectively collect train communication network information and extract abnormal intrusion feature patterns. The system can quickly and automatically match abnormal intrusion feature patterns, and the accuracy of abnormal intrusion detection is high.