Software Defined Networking (SDN) is a revolutionary networking paradigm towards the future network, experiencing rapid development nowadays. However, its main characteristic, the separation of control plane and data plane, also brings about new security challenges, i.e., Denial-of-Service (DoS) attacks specific to OpenFlow SDN networks to exhaust the control plane bandwidth and overload the buffer memory of OpenFlow switch. To mitigate the DoS attacks in the OpenFlow networks, we design and implement SGuard, a security application on top of the NOX controller that mainly contains two modules: Access control module and Classification module. We employ novel six-tuple as feature vector to classify traffic flows, meanwhile optimizing classification by feature ranking and selecting algorithms. All the modules will cooperate with each other to complete a series of tasks such as authorization, classification and so on. At the end of this paper, we experimentally use Mininet to evaluate SGuard in a software environment. The results show that SGuard works efficiently and accurately without adding more overhead to the SDN networks.