In recent years, Software Defined Networking (SDN) has enabled total control over the network's data flow. SDN acts as a centralised point of administration for data and traffic management. Due to the fact that SDN is an open source software, it is more vulnerable to security concerns. Security policies must also be adhered to, since this would expose the controller to the greatest attacks. DDOS and DOS assaults are more prevalent in SDN controllers. DDOS is a damaging assault that disrupts the usual flow of communication and initiates an overflow of flooded packets, thereby shutting down the system. Machine Learning approaches assist in identifying the network's hidden and unexpected patterns, hence aiding in the analysis of the network's flow. All classified and unclassified approaches can assist in detecting hostile flows depending on specific factors such as packet flow, time length, precision, and accuracy rate. To identify DDOS assaults, researchers employed Bayesian Networks, Wavelets, Support Vector Machines, and KNN. According to the review, KNN offers superior results due to its increased accuracy and reduced false positive rate for detection. We explore the various strategies used in DDoS detection and examine new improvements in intrusion detection in software defined networks in this article.