With the omnipresence of the Internet of Things and poorly secured devices with it in combination with high bandwidth networks, Distributed Denial of Service (DDoS) attacks have become one of the biggest threats for network security. With high bandwidth attacks flooding network infrastructure, the pressure to secure the attack targets shifts more and more to the network operators. Often without direct access to the target, the operators are asked to secure their clients. We propose a framework based on Software-Defined Networking (SDN) and the Bro Security Monitor that can mitigate attacks purely within the network infrastructure. In our evaluation, we show that our framework can reliably mitigate several different attack scenarios, including SYN flooding and HTTP flooding.