I. Introduction
With the rapid progress in Technology and Network based applications, Intrusion detection has become one of the most vital things for security infrastructure, in order to detect, identify and track the attackers or intruders. Performance of an Intrusion Detection system (IDS) has become a concern as the researchers continue searching for an Intrusion Detection technology with high detection accuracy [1]. IDS systems are classified in two models: anomaly and misuse detection. Misuse based IDSs have an attack signature database which collects patterns of known attack. So the IDS can detect any attack which matches the signature in the database. On the other hand, Anomaly based IDS detect intrusions by monitoring system activity classifying to normal activity and any others to abnormal. The classification is based on rules rather than signatures. The big advantage of Anomaly based IDS is the ability to detect more type of unknown attacks [2].