Software Defined Networking (SDN) is vulnerable to Distributed Denial of Service (DDoS) attacks due to its centralized architecture. These attacks involve injecting large numbers of fake packets with spoofed header field information into the controller, leading to network malfunctions. Existing solutions often block both malicious and benign traffic indiscriminately, resulting in a high False Positive Rate. In this paper, we present DDoSBlocker, a lightweight and protocol-independent DDoS defense system designed to identify and block the source points of DDoS attacks without disrupting legitimate traffic. DDoSBlocker combines a time-based address mapping method with a triggering-based machine learning method to accurately identify attack sources. It introduces four novel features: percentage of fake destination IPs, average bytes per packet, percentage of bidirectional flow rules, and percentage of fake flow rules. The system then installs blocking rules at the attack sources, providing immediate mitigation. The model outperforms existing mitigation solutions such as destination point blocking, clustering, and backtracking. Implemented in the Floodlight controller, DDoSBlocker was evaluated under four attack scenarios using different performance metrics. The proposed model, utilizing a random forest classifier, demonstrated 99.71% accuracy, an average detection time of 3 s, an average mitigation time of 0.5 s, and a False Positive Rate of 0.51%.