The invention relates to a method and system for preventing blind DDoS attacks on SDN controllers. The system comprises an SDN controller resource pool monitor, a controller list dynamic switching module deployed on an SDN switch and an attack detection application module, and the attack detection application module and the controllers carry out data interaction through data interfaces. The SDN controller resource pool monitor is used for maintaining the establishment of a plurality of physical machine and/or virtual machine controllers, data synchronism, IP address distribution and state lists to be issued to the switch. The attack detection application module detects the communication data streams of the controllers and the switch in an SDN network, and when blind DDoS attack streams on the controllers are detected, the SDN controller resource pool monitor dynamically adjusts the number of the controllers according to attack flow generated when the blind DDoS attacks occur. The method can dynamically adjust the number of the controllers, the blind DDoS attacks on the controllers can be effectively prevented, and the usability of the SDN network is guaranteed.