The more prosperous development of the Internet, the higher frequency both the Government and enterprises use it to provide services. The electronization of different kinds of data in various applications has brought much convenience. However, the easy access of the Internet were accompanied with many risks, such as information leakage, system intrusion , etc. Most of the campus networks use firewall to prevent hackers as the first line of defense. Since the approaches used by hackers have become more sophisticated and diversified with the great development of the Internet. Using firewall as the only defensive tool is not enough. Therefore, this study proposed a solid IPS and ABBA System, which utilized the network system administrator to detect suspicious intrusion effectively among abounding alerts, and furthermore blocked it by firewall. In this study, we collected the data of invasion from the computers in computer classrooms in an elementary school. Then we employed the ABBA System to carry out statistical analysis. The result we obtained from the ABBA System did benefit the system administrators realize the present status of network anomalies and allowed them to take necessary actions ,which contributed to achieve the goal of upgrading the safety of campus .