Abstract The detection of novel intrusion types is the target of cyber security, therefore best secured network is become very necessary. The Network Intrusion Detection Systems (NIDS) must address the real-time data, since security attacks are expected to be increased substantially in the future with the Internet of Things (IoT). Intrusion detection approaches in this time, which depends on matching patterns of packet header information have decreased their effectiveness. This paper is focused on anomaly-based intrusion detection system, where NIDS detects normal and malicious behavior by analyzing network traffic, this analysis has the potential to detect novel attacks. Robust factors are used for evaluating these attacks by covering previous researches, these factors are: "high accuracy rate", "high detection rate"(DR) and "low false alarm report"(FAR), these factors influence on NIDS performance.