There are a number of threats that violate the security policies and breaches all over network. This has happened when malicious node present on the network; it may be present on one or more node that detect the pattern of the packet or frame and the misuse the information. In this paper we detect the network based attack and our proposed methodology detect suspicious activity, it respond when any wrong information enter in the log or any even occurred. Depending on conditions we fix the threshold value that alarms it when any suspicious activity occurred. If the value goes higher at certain level then our system disconnect the suspicious node and send reply to all the authenticate nodes. The proposed approach has been working in Mobile Ad Hoc networks (MANETs) and detecting bidirectional traffic; the bidirectional traffic can be configuring in access point out of this we used an infrastructure approach to identify the intrusion.