Software-defined network (SDN) is an emerging networking paradigm that segregates functionalities of control and data plane to reduce their complexity and provides more control, scalability, and centralized management. OpenFlow (OF) is a widely used protocol that builds a global and shared view of the network. Therefore, for SDN applications, the correctness of the topology view has a critical impact on the flow-based communication and provision of services. However, recently identified vulnerabilities in Open Flow Discovery Protocol (OFDP) reveal that malicious hosts or data plane switches can poison the global view of the network, and an intruder can launch man-in-the-middle or denial of service attacks. Existing passive approach-based solutions work well for known attacks. Some solutions use an active approach to identify the fake links or malicious hosts by sending Stealthy Probing Verification (SPV) packets. However, due to the use of probing mechanism, it faces scalability and bandwidth consumption issues in the case of large data centers networks and resource limited networks. The proposed technique is based on the SPV mechanism, however, to counter the scalability and bandwidth issues, the probing packets are only initiated when triggered updates of a new link or network node are received by the SDN controller. The probing traffic has been reduced by 40%. Hence consume less bandwidth and identifies a malicious host in less than 90 ms. The results indicate that the Enhance Stealthy Probing Verification (ESPV) is a more scalable and suitable solution to detect and identify fake links or malicious hosts in large data center networks and resource limited networks such as Wireless Sensor Networks (WSNs).