In the field of network intrusion detection, both the signature-based intrusion detection system and the machine leaning-based intrusion detection system possess advantages and disadvantages. When the two discrepant systems are combined in a way that the former is used as the main system and the latter as a supporting system, the machine leaning-based intrusion detection system measures the validity of alarms determined by the signature-based intrusion detection system and filters out any false alarms. What is more, such an approach can also detect attacks that the signature-based system by itself cannot detect. The objective of this paper is to propose a combined model of the signature-based and machine leaning-based intrusion detection systems and to show that the combined system is more efficient than each individual system. We used the DARPA Data Set in experiments in order to show the usefulness of the combined model. Snort was used for the experiment as a signature-based intrusion detection system and extended IBL (Instance-based Leaner) was used as the principal leaning algorithm for the machine leaning-based intrusion detection system. To compare performances of the algorithms, C4.5 was used.