The invention discloses a computer network defensive strategy conversion-oriented semantic similarity detection system, which comprises a defensive strategy configuration module, a strategy statement processing module, a node-link configuration module, a lexical and syntax analyzing module, a measure statement processing module, a structural similarity calculating module, a key concept pair matching module, a concept similarity calculating module, a CND strategy and measure body module and a similarity accumulation calculating module. A traditional symbol description-based strategy conversion system can only detect lexical and syntax errors before and after conversion, and hardly detects semantic inconsistency before and after strategy conversion comprehensively and automatically. By employing the semantic similarity processing method, the semantic similarity detection system automatically and effectively measures semantic difference before and after the computer network defensive strategy conversion, provides a basis for accurately deploying network defensive measures for semantics, is mainly applied to a computer network defensive system, deploys defensive measures according to a certain condition based on large-scale network attack, and rapidly and effectively fulfills the aim of large-scale defensive measure deployment.