The invention relates to a dynamic monitoring method for network attacks based on a Gaussian distribution model. The method includes the following steps: firstly, monitoring network data and acquiringnetwork message feature values; secondly, analyzing data messages with suspected attack behaviors according to the extracted data messages to obtain an attack data sequence; thirdly, establishing a probability distribution model of effective attack data by using a Gaussian distribution model according to the attack data sequence; and finally, establishing a network attack distribution map according to the attack data sequence. According to the method disclosed by the invention, when suspected network attack behaviors are monitored, whether attack features exist and whether key monitoring andprotection is needed can be analyzed through data message modeling; and then the attack sequence is confirmed, and the monitored attack behaviors can be rapidly positioned from a large amount of powermobile network data; and the distribution probability of the network attacks can be calculated through the Gaussian distribution model, the distribution of the network attacks can be subjected to statistical analysis through the distribution probability, and thus the judgment and early warning of the network attack behaviors can be further generated.