Intrusion Detection System (IDS) in computer technology is a little bit different than physical intrusion detection system, which detects any physical changes in the protected premises. In computer technology, IDS is used to examine all traffics and activities either in computer unit or network. These IDS could be old technology systems, which we refer in this paper as traditional Intrusion Detection System  (tIDS), or it could be an intelligent system based on AI, machine learning, data mining and other intelligent techniques. In tIDS, which based on errors detection, the system works according to its database. This database is usually predefined by security experts. IDS is used to classify suspicious behaviors as intrusion acts or regular activities. Experts update the database manually [1]. Thus, it is hard to keep track of every single update and hard to analyze an event as a suspicious act with acceptable efficiency and satisfaction. So the need for automated tools became immanent to support security experts. Such a support could be achieved using data mining techniques as one of the possible ways to automate the system. This may handle the problem with high degree of accuracy.

        This paper demonstrates the advantage of using data mining techniques in IDS. The system depends on users’ behaviors in order to extract features and then generate rules. The generated rules will be used as a pattern recognition tool. These rules enable the system to classify any irregular activity as an intrusion act.. In this research we hypothesize that, depending on time of a day and location of the activity in the database we could classify a suspicious behavior as an intrusion acts. The experimental results show high level of accuracy, efficiency, robustness where the system can handle errors, scalability where we can use the system in large number of users as well as reliability as the system shows 0% error rate of this technique