Detecting Distributed Denial of Service (DDoS) attacks in Software-Defined Internet of Things (SD-IoT) networks is challenging due to vulnerabilities in single-controller architectures, the limitations of the OpenFlow protocol, evolving DDoS strategies, and resource constraints. This research proposes a multi-layered security framework that integrates deception-based security, cloud-integrated machine learning (ML), a new hierarchically distributed multi-controller (HDMC) architecture, P4-enabled real-time traffic monitoring, and adaptive mitigation. The framework includes dynamic time-based windowing for enhanced detection, a decoy network to divert attackers, and a cloud-based multi-task ML model (MT-EDD) for attack classification. It also features a synchronized multi-control design for secure communication and coordinated actions among multiple controllers and a dynamic monitoring algorithm for real-time traffic analysis. P4 switches extract features from network traffic and send them to a cloud-based server for preprocessing and analysis by a pre-trained ensemble learning model (MT-EDD), which predicts attack states and communicates results to the central controller for mitigation. The controller then enforces appropriate mitigation actions on P4 switches. This approach offloads computationally intensive tasks to the cloud, improving scalability and detection accuracy. Evaluations show the framework achieves an average accuracy of 98.42%, precision of 96.17%, recall of 94.72%, F1-score of 95.39%, and specificity of 98.22%. The proposed P4-enabled solution consumes 30% less bandwidth and 25% less CPU, reduces detection times by 54.3%, and improves detection accuracy by 5.2% compared to the OpenFlow-enabled method. The HDMC architecture, evaluated against a single-controller setup, demonstrated 40% higher throughput and 32% lower latency, confirming its superior performance across multiple metrics.