Due to the rapid development of the cyber world and the many diverse cybercrime activities, it is necessary to have an intrusion detection system (IDS) capable of detecting anomalies beyond IDS which are spread both open-source and commercially. This research focuses on the development side of Snort which will be integrated with machine learning to be able to detect deeper DoS attacks and Probe attacks. This study also compares three types of machine learning algorithm models, including Neural Network, K-Means, and Support Vector Machine to predict NSL-KDD datasets, also detect DoS attacks and Probe attacks in real-time. The comparison of the three types of algorithms results in a conclusion where the Support Vector Machine is the best and most stable algorithm based on dataset analysis and detection of DoS and Probe attacks in real time. This research has succeeded in proving that the use of machine learning can detect deeper types of Probe attacks that can lead to TCP SYN Flooding DoS attacks and is also able to prove the Support Vector Machine algorithm model to be the best algorithm model for this type of application.