Intrusion Detection System (IDS) is one more arrow in the bow of computer network security. This can be part of the firewall of can be independently installed. The work of IDS is basically to worn the system against network activity that are not looking normal in the current setting. This can be done by two ways. One is to maintain database of security threat patterns, but as attacks are increasing day-by-day, it would be very difficult to maintain complete database of all attack types. Second is to employ some machine learning technique to classify network intrusion using their characteristic and deviation from normal traffic. Second approach is called anomaly detection.