Due to extensive growth of the Internet and increasing availability of tools and methods for intruding and attacking networks, intrusion detection has become a critical component of network security parameters. TCP/IP protocol suite is the defacto standard for communication on the Internet. The underlying vulnerabilities in the protocols is the root cause of intrusions. Therefor Intrusion detection system becomes an important element in network security that controls real time data and leads to huge dimensional problem. Processing large number of packets and data in real time is very difficult and costly. Therefor data pre-processing is necessary to remove redundant and unwanted information from packets and clean network data. Here, we are focusing on two important aspects of intrusion detection; one is accuracy and other is performance. The layered approach of TCP/IP model can be applied to packet pre-processing to achieve early and faster intrusion detection. Motivation for the paper comes from the large impact data preprocessing has on the accuracy and capability of anomaly-based NIPS. In this paper it is demonstrated that high attack detection accuracy can be achieved by using layered approach for data preprocessing in Internet. To reduce false positive rate and to increase efficiency of detection, the paper proposed framework for preprocessing in intrusion prevention system. We experimented with real time network traffic as well as he KDDcup99 dataset for our research.