Network Intrusion Detection Systems (NIDS) are essential in modern computing infrastructure to help monitor and identify undesirable and malicious network traffic (such as unauthorised system access or poorly configured systems). The majority of commercial NIDS are signature based, where a set of rules are used to determine what constitutes undesirable network traffic by monitoring patterns in that traffic. Whilst such systems are highly effective against known threats, signature based detection fails when attack vectors are unknown or known attacks are modified to get around such rules [2]. As well as struggling to identify unknown or modified threats, signature based detection in NIDS in real-world scenarios are frequently plagued by false positives. This is particularly problematic in the detection of malicious shellcode – a high impact threat vector allowing attackers to obtain unauthorised commandline access to both conventional computer systems and cyber–physical systems such as smart grid infrastructure – as shellcode patterns can be difficult to distinguish from benign network traffic [3]. For example, while working as a network security consultant for the Shop Direct Group (UK) using the network intrusion detection tools. Sguil and Snort from the Debian based Linux distribution Security Onion, it was noticed that signatures designed to match shellcode frequently also matched other non shellcode binaries e.g. DLLs as well as jpg image files. The frequency of these false positives was such that the signatures themselves ultimately had to be disabled, rendering them useless. This experience with the false positive problem with shellcode and signature based systems is very common, Microsoft discuss this at length in their patent of methods to detect malicious shellcode with reduced false positives in memory [3]. Shellcode is frequently used as a payload in system penetration tools due to the enhanced access and further leverage they offer to an attacker [4]. This paper outlines a non-signature based detection mechanism for malicious shellcode based around Artificial Neural Networks. Results presented show that this novel classification approach is capable of detecting shellcode with extremely high accuracy and minimal numbers of false positives. The proposed approach is validated using repeated 10-fold cross-validation and is then tested with respect to creation of false positive alerts on a large dataset of typical network traffic file contents (achieving a false positive rate of less than 2%). The rest of this paper is organised as follows: Section 2 provides a background to intrusion detection systems and artificial neural networks, before Section 3 provides a brief introduction to the particular instances that motivated the creation of this system and the results achieved by the proposed AI based intrusion detection system. Section 4 then concludes with the main achievements of this research and some potential avenues for further work.