As software-defined network (SDN) adoption increases, it becomes increasingly important to develop effective solutions to defend them against cyber attacks. A prominent cyberattack that can compromise SDNs is TCP-SYN floods, which can exhaust network resources by initiating too many fraudulent TCP connections. Previous efforts to detect SYN Flood attacks mainly rely on statistical methods to process mirrored traffic or flow statistics. Thus, they either incur high overhead (in the case of port mirroring) or lead to low accuracy (in the case of using flow statistics). In this paper, we propose a machine learning (ML)-enabled TCP-SYN flood detection framework using Openflow port statistics. We demonstrate that ML models such as Random Forest classifiers can differentiate normal traffic from SYN flood traffic with up to 98% accuracy. We also introduce a novel threat localization technique that can pinpoint where the attack traffic originates from in the network.