Internet of Things (IoT) is transforming everyone's life by providing features, such as controlling and monitoring of the connected smart objects. IoT applications range over a broad spectrum of services including smart cities, homes, cars, manufacturing, e-healthcare, smart control system, transportation, wearables, farming, and much more. The adoption of these devices is growing exponentially, that has resulted in generation of a substantial amount of data for processing and analyzing. Thus, besides bringing ease to the human lives, these devices are susceptible to different threats and security challenges, which do not only worry the users for adopting it in sensitive environments, such as e-health, smart home, etc., but also pose hazards for the advancement of IoT in coming days. This article thoroughly reviews the threats, security requirements, challenges, and the attack vectors pertinent to IoT networks. Based on the gap analysis, a novel paradigm that combines a network-based deployment of IoT architecture through software-defined networking (SDN) is proposed. This article presents an overview of the SDN along with a thorough discussion on SDN-based IoT deployment models, i.e., centralized and decentralized. We further elaborated SDN-based IoT security solutions to present a comprehensive overview of the software-defined security (SDSec) technology. Furthermore, based on the literature, core issues are highlighted that are the main hurdles in unifying all IoT stakeholders on one platform and few findings that emphases on a network-based security solution for IoT paradigm. Finally, some future research directions of SDN-based IoT security technologies are discussed.