ICMP(Internet Control Message Protocol) provides a good way to observe the status of network in real time. When the network is in fault or is attacked, the percent of ICMP traffic and the percent of packet type in ICMP characteristics will change. Since the control plane in Software-Defined Networking(SDN) can observe ICMP traffic, and the value of ICMP traffic is also small, this paper proposes a lightweight anomaly detection system based on SVM classification method to improve the accuracy and real-time performance of anomaly detection system. We name it as AD-ICMP-SDN(Anomaly Detection Method based on ICMP Traffic for SDN). The experiment results have shown that AD-ICMP-SDN can effectively improve the accuracy rate and false rate.