In today NIDS the number of alerts may be huge and the delay in between an alert is generated and the system administrator analyzes it, can be too long and the situation can be changed, e.g. with dual boot Unix-Windows machines. Therefore we would like to give a low priority or to filter out not...