With the growing dependence on the use of networks and Internet-based technologies; Network security has become an essential aspect to protect the confidentiality and integrity of online information against malicious attacks. Due to the continuous emergence of new attacks, the Intrusion Detection System (IDS) is an effective mechanism for detecting and responding to existing and unknown attacks. As a result, a certain number of machine learning-based approaches have been developed, including KNN (k-nearest neighbors), SVM (supporting vector machines), ANN (artificial neural network) and CNN (convolutional neural network). In this thesis, a new framework for classifying normal / abnormal network traffic is proposed. More precisely, we aim to design a method of classifier adaptation where the preference of using one classifier over others, to predict the label of a given test sample, depends on the distance of that sample to the decision boundary separating between the two classes. However, the main question that can arise here is what is the optimal decision boundary to use? For the sake of simplicity, we have opted for a linear decision boundary because it offers low complexity. Unfortunately, this comes at the expense of performance. Another question is which classifier to train to get the linear decision to use? Since SVM offers the possibility of calculating the distances of samples to the optimized hyperplane (decision border), we use it to obtain the linear decision boundary in question. The experimental results show that the suitable classifier to predict the category of too close samples is KNN with k equal to 9, while SVM classifier to predict the categories of close and far samples. This combination of classifiers achieves an accuracy approximately similar to KNN(k=13) with 85.64% but with less prediction time. The proposed method can be generalized to test all other ML methods (MLP, DecisionTrees,..etc.) in order to know in which group it performs better.