Attacks against computer systems are becoming more complex, making it necessary to develop new security systems continually, such as Intrusion Detection Systems (IDS) which provide security for computer systems by distinguishing between hostile and non-hostile activity. With the aim of minimizing the number of wrong decisions of a misuse (signature-based) IDS, an optimization strategy for automatic rule generation is presented. This optimizer is a Pareto-based multi-objective evolutionary algorithm included within a network IDS, which has been evaluated using a benchmark dataset. The results obtained show the advantages of using this multi-objective approach.