The invention relates to the technical field of cloud computing network security, particularly an identification method for communication counterfeit sources on virtual switches of a cloud platform. The method provided by the invention comprises the following steps of (1), obtaining feature information such as source mac addresses and source IP addresses of communication data packets on ports of the virtual switches; (2), storing the feature information to a database in sequence according to a time sequence relationship; and (3), analyzing a feature information record set within a period of time according to data and a detection method of a network controller, and identifying that communication behaviors of the counterfeit sources exist in the corresponding ports of the virtual switches ifrecords that the mac addresses or the IP addresses are counterfeited are obtained. Through application of the method, the communication behaviors of the counterfeit sources on the virtual switches ofthe cloud platform can be identified to a certain degree, and the network security monitoring capacity of the cloud platform can be improved.