The invention relates to the technical field of network security, discloses an SDN-based virtual honeynet dynamic deployment method, and solves the technical problems of difficulty in dynamic construction and active induction, inflexibility in configuration and maintenance, poor expandability and low decoy degree of a honeynet in the prior art. The method comprises the steps of A, scanning a honeynet to obtain a network entity, performing clustering analysis according to attributes of the network entity to obtain a clustering result set, and setting a shadow honeypot candidate set according tothe clustering result set; b, performing intrusion detection on the access traffic, and redirecting suspicious traffic according to a matching rule; and C, performing rewards and punishment operations on behaviors of deployed honeypots based on environmental feedback, updating the behavior probability of a set of deployed honeypots, obtaining the current honeynet deployment quality through calculation of the honeynet global threat degree, and then selecting the honeypots from the shadow honeypot candidate set according to the quality scores for dynamic deployment. In addition, the invention also discloses an SDN-based dynamic deployment system for the virtual honeynet, and the system is suitable for dynamic deployment of the virtual honeynet.