Security threats in the Internet have been ever increasing, in number, type and means used for attacks. In the face of large-scale attacks, such as DDoS attacks, networks take unacceptable time to respond and mitigate the attacks, resulting in disruption to connections and the losses due to it. In this work, we look into the problem of dynamically mitigating attacks from the perspective of an ISP. An ISP also needs to adapt its network while mitigating attacks. We exploit the software defined networking (SDN) paradigm, and propose to provide mitigation as a service to ISP's customers. Towards this goal, we formulate the problem of dynamically providing multiple mitigation services as an optimization problem. We carry out simulation studies to evaluate the solution, in terms of service delivered and the number of path disruptions caused to legitimate traffic due to mitigation services.