Abstract: Abtract: The rapid expansion of network information has led to increasingly complex network structures and data flows, posing significant challenges in identifying abnormal behaviors within massive data volumes is a key issue in cybersecurity. While current deep learning-based behavior anomaly detection methods predominantly focus on static network detection and rely heavily on labeled data, they overlook the potential value of abundant unlabeled data. Consequently, this study proposes a network anomaly behavior detection method based on Dynamic Graph embedding and Contrastive Learning (DGCL). The method integrates global spatial features, local structural features, and temporal dynamic features, using a Transformer as the encoder to generate high-quality node representations. An anomaly detector then calculates anomaly scores for each node. Subsequently, deviation scores are computed based on the historical statistical distribution of normal nodes, allowing the generation of pseudo-labels for unlabeled data and enabling mixed training with both labeled and pseudo-labeled data. Finally, by constructing positive and negative sample pairs, contrastive learning is applied to further optimize node feature representations, thereby enhancing detection performance. Experimental validation on the Wikipedia, Reddit, and Mooc datasets shows that DGCL achieves AUC values of 87.89%, 70.38%, and 70.11%, respectively, outperforming other similar methods in dynamic network anomaly detection.