Misuse intrusion detection (IDS) detects signatures of attack scenarios. Hackers try to avoid detection by permuting actions, and inserting, hiding or overlapping packets. Stateful detection becomes thus essential to suitably supervise network traffic. We propose in this paper a new approach for analysing the network traffic. The inspection, while being stateful, processes each packet as soon as it is received. We have used this strategy with appropriate multi-search methods and adequate datastructures for signatures.