Policy enforcement and intelligent routing are two of the most compelling use cases for Software Defined Networks (SDNs). While SDN can easily provide L2/L3/L4 based policy enforcement and/or routing by itself, a lot can be gained by incorporating higher layer information. Modern networks allow the gathering of data that can be used to classify traffic using Machine Learning (ML). Performing this task online in the controller provides a way to perform application aware policy enforcement and/or routing in SDNs. However, there are several difficulties to overcome: The increasing prevalence of encrypted traffic and the scalability costs of sending packets to the controller imply that we should only use simple to get data features such as flow meta-data information and payload statistics; learning online implies the use of only a small number of initial packets; and finally obtaining application layer labelled data to train and validate classifiers is difficult. In this work we explore how these can be overcome based in two design choices: using a data collection mechanism to gather traffic data using the OpenFlow protocol extending a hybrid SDN architecture with a distributed control plane that we proposed in a previous work, and using a semi-supervised approach in the classifiers. We present the proposed architecture extensions and the obtained data-set features that include flow meta-data information and the sizes and inter-arrival times of the initial packets. We then show that a semi-supervised approach improves traffic classifiers when a small number of labelled data entries are available in the training data-sets; and that valid traffic classification can be achieved with as few as 20% of labeled data entries in the training data-sets.