To address the issue of internal network security, Software-Defined Network (SDN) technology has been introduced to large-scale cloud centers because it not only improves network performance but also deals with network attacks. To prevent man-in-the-middle and denial of service attacks caused by an address resolution protocol bug in an SDN-based cloud center, this study proposed a Bayes-based algorithm to calculate the probability of a host being an attacker and further presented a detection model based on the algorithm. Experiments were conducted to validate this method.