Intrusion detection for IP networks has been a research theme for a number of years already. One of the challenges is to keep up with the ever increasing Internet usage and network link speeds, as more and more data has to be scanned for intrusions. Another challenge is that it is hardly feasible to adapt the scanning configuration to new threats manually in a timely fashion, because of the possible rapid spread of new threats. This paper is the result of the first three months of a PhD research project in high speed, self-learning network intrusion detection systems. Here, we give an overview of the state of the art in this field, highlighting at the same time the major open issues.