Aiming at the problem that large-scale traffic data lack labels and take too long for feature extraction in network intrusion detection, an unsupervised intrusion detection method ACOPOD based on Adam asymmetric autoencoder and COPOD (Copula-Based Outlier Detection) algorithm is proposed. This method uses the Adam asymmetric autoencoder with a reduced structure to extract features from the network data and reduce the data dimension. Then, based on the Copula function, the joint probability distribution of all features is represented by the edge probability of each feature, and then the outliers are detected. Experiments on the published NSL-KDD dataset with six other traditional unsupervised anomaly detection methods show that ACOPOD achieves higher precision and has obvious advantages in running speed. Experiments on the real civil aviation air traffic management network dataset further prove that the method can effectively detect intrusion behavior in the real network environment, and the results are interpretable and helpful for attack source tracing.