To attenuate Phony positives, IPS systems differentiate between genuine threats and benign data. Intrusion prevention methods accomplish this employing many procedures together with signature based detection, which relies on recognized patterns of exploits; anomaly based detection, which compares network activity against established baselines; and