For example, it can initiate an IPS to stop the connection of an active and normal port in a network hub by sending some traffic pattern that triggers the IPS’s monitoring system to response by shutting down the port. But actually, the port is running normally and the hacker simply wants the IPS to do this to achieve Denial of Service (DOS) attack to that port.

Damen

The primary difference between an IDS and an IPS is that an IDS is a reactive security mechanism and an IPS is a proactive security mechanism. An IDS will attempt to attacks as they are occurring (that is, once the system has recognized that an attack is occuring) and an IPS will attempt to determine whether incoming traffic is ‘probably’ malicious before it is received by the intended recipient.

An IDS is easier to build; for example, an IDS can reject any traffic attempting to access ‘/etc/passwd’.
An IPS *can* be more effective; for example, an IPS can categorize traffic (in real-time) and determine whether its malicious or not, and before it received by the intended recipient.

Snort and Cisco PIX can do these types of things, to name a few.

Intrusion Detection Systems simply detect possible intrusions and possibly notify the administrators

Intrusion Prevention Systems will not only detect the intrusions but will take actions like terminating the connection.