Software-Defined Networking (SDN) is widely considered as one of the next generation network architecture. However, SDN faces with a series of issues which restraint its development and application, where the security is one of the serious issues. The Distributed Denial of Service (DDoS) is such a devastating security problem. In this work, a comprehensive review of the DDoS detection mechanisms utilized in SDN is presented. DDoS attacks in SDN are classified into two types and five subtypes based on the features of DDoS and SDN. For each kind of DDoS, how the attackers can exploit the vulnerabilities of SDN to launch DDoS attacks is discussed. Subsequently, the DDoS detection mechanisms used in SDN are reviewed and categorized into five types and forty-six subtypes. These kinds of DDoS detection mechanisms are compared and analyzed, where we draw a conclusion that the machine learning-based DDoS detection mechanisms and threshold-based DDoS detection mechanisms are the two most popular technologies utilized to detect DDoS attacks in SDN. More importantly, for each kind of DDoS detection mechanism, the generational process, advantages, and disadvantages are discussed. Additionally, the open problems and future directions of DDoS detection in SDN are discussed. By presenting these review, discussion and analysis, we hope it can facilitate the understanding of DDoS detection in SDN.

软件定义网络（SDN）被广泛认为是下一代网络架构之一。然而，SDN面临着一系列制约其发展和应用的问题，其中安全性是一个严重的问题。分布式拒绝服务 (DDoS) 是一个破坏性的安全问题。在这项工作中，全面回顾了 SDN 中使用的 DDoS 检测机制。SDN 中的 DDoS 攻击根据 DDoS 和 SDN 的特点分为两大类和五个子类。针对每一种DDoS，讨论了攻击者如何利用SDN的漏洞发动DDoS攻击。随后，回顾了SDN中使用的DDoS检测机制，并将其分为五种类型和四十六种子类型。对这些类型的 DDoS 检测机制进行了比较和分析，我们得出的结论是，基于机器学习的 DDoS 检测机制和基于阈值的 DDoS 检测机制是用于检测 SDN 中 DDoS 攻击的两种最流行的技术。更重要的是，针对每种 DDoS 检测机制，讨论了生成过程、优缺点。此外，还讨论了 SDN 中 DDoS 检测的开放问题和未来方向。通过呈现这些回顾、讨论和分析，我们希望它能促进对 SDN 中 DDoS 检测的理解。和缺点进行了讨论。此外，还讨论了 SDN 中 DDoS 检测的开放问题和未来方向。通过呈现这些回顾、讨论和分析，我们希望它能促进对 SDN 中 DDoS 检测的理解。和缺点进行了讨论。此外，还讨论了 SDN 中 DDoS 检测的开放问题和未来方向。通过呈现这些回顾、讨论和分析，我们希望它能促进对 SDN 中 DDoS 检测的理解。