High　speed,　continuousness　and　infinity　are　the　features　in　processing　network　data.　With　these　characteristics,　mining　the　data　streams　of　network　accesses　is　important　and　useful　for　discovering　intrusion　patterns.　Based　on　data　stream　mining　techniques,　this　paper　proposes　a　new　intrusion　detection　model　that　combines　anomaly　detection　with　misuse　detection.　Also,　a　new　data　structure　named　MaxFP-Tree　and　an　efficient　algorithm　called　ID-MaxFP　are　presented　to　provide　the　key　solutions　for　finding　maximal　frequent　itemsets　from　data　streams.　Experimental　results　show　that　these　methods　can　achieve　effective　intrusion　detection　results　and　an　efficient　mining　performance　in　time　and　space　usages.