Generally, Intrusion detection system (IDS) is installed in industrial environment for protecting network that works based on signature, where they are not capable of detecting most unidentified attacks. The detection of undefined attack and intrusion is not more helpful to identify the several kinds of attack, where intrusion-based attack has become a challenging task to detect intruder on network. A skilled attacker can obtain a sensible information and data from the system after knowing the weakness. Distributed denial of service (DDoS) is a major thread over the security and most enlarging thread in recent days. There are so many types of Denial of Service (DoS) such as Teardrop, Smurf, Ping of Death, and Clone attack. The aim of the cyber defense system is to detect the main cause of the several counter attacks on the enterprise network. On the way to fix these issues, we are proposing a novel idea that relies on honey pot technique and packet data analysis which are trained by the sample of malware after using the Intrusion detection technique in both ways separately as Network and Anomaly intrusion detection system. Some approaches are not being easily implemented in the network of real enterprises, because of practicability training system which is trained by the sample of malware or deep analysis of packet inspection or depends on the host-based technique that requires a big capacity for storage over the enterprise. The honey pots are one of the most successful techniques to collect the sample of malware for the purpose of analysis and identification of attacks. Honey pot is a novel technology which consists of massive energy and possibilities in the field of security. It helps reading the behavior of the attack and attacker information.