With the advent of cloud computing, a number of issues are discussed and among them, security is an important one. This thesis concentrates on intrusion detection. It studies how to apply the intrusion detection systems (IDS) in cloud and makes them cooperate with each other to provide a more secure solution. A two-phase collaborative mechanism is proposed to enhance the security in cloud. The first phase is constructing the trust management model. Such model is designed to establish the trustworthiness relationships between each IDS. It is contributed by three steps, sending test messages, encouraging replying, and considering the transitivity of trust. The second phase is collaborating. The trustworthiness between each system, derived at first phase, is used to strengthen the quality of collaboration. There are two ways to collaborate, alert correlation and symptoms sharing. An IDS can increase the performance obviously by sharing the information with each other. Eventually, with analyzing the simulation results, the average detection accuracy of IDSs in the proposed mechanism is 98% when the IDSs are sensitive to attacks. It is higher than the non-cooperation (88%) and the other proposal (90%).