Software-Defined Networks (SDNs) are increasingly gaining prominence in the networking domain, enabling programmable control and management of network infrastructure within data centers. This programmability offers the advantage of dynamically adjusting the routing paths depending upon on the network’s requirements and capabilities. Computer networks have been vulnerable to denial of service attacks, particularly link flooding attacks, which have gained notoriety for their ability to isolate network segments precisely without affecting the rest of the network and evading detection. In this work, we introduce a security framework designed to prevent and mitigate link flooding attacks in Software Defined Networks. Our approach involves limiting the network reconnaissance probes used by attackers to gather knowledge about network topology. We prevent the attackers from obtaining an accurate network topology, limiting their ability to launch an attack. Our framework utilizes alternate paths and hop count manipulation to hinder the reconnaissance process. To further strengthen our claims, we evaluate our framework on real world topologies from the Topology Zoo dataset. Our analysis demonstrates that the majority of real world topologies already exhibit network path diversity and along with TTL manipulation we can hinder the mapping process, causing the attacker to infer an incorrect network topology. •Introducing a novel security framework for Software-Defined Networks (SDNs) to counter link flooding attacks.•Leveraging the programmability of SDNs for dynamic routing path adjustments based on network requirements and capabilities.•Implementing a strategy to limit attackers’ network reconnaissance probes, preventing accurate knowledge acquisition of network topology.•Utilizing alternate paths and manipulation of hop counts to impede the reconnaissance process and enhance network security.•Highlighting the impact of Time-to-Live (TTL) manipulation in causing attackers to infer an incorrect network topology, adding an extra layer of defense.