One class of network intrusion detection systems collects information about traffic and looks for anomalies in the collected data. This paper presents an evaluation of two existing detection methods applied to network data collected by a new tool. The relative performance of each method is discussed in correlation with the specific features of the data series resulting from specialized network traffic collection.
