The pattern-matching evasion to network ids

["wangyc" <wangyc () nci ac cn>]

Hi:
Eeveryone,I want to asked an old question, and want to get some information or advices.
I wonder how can we deal with some of the evasion ways the attacker usually used to fool our NIDS.         
such as,they used:
         GET /%63%67%69%2d%62in/r%77%77wsh%65ll%2ep%6c HTTP/1.0
         GET %2f%63g%69-bi%6e%2f%74%65st%2dc%67%69 HTTP/1.0
So, some of the pattern-matching IDS can't correctly understand ,and fail to find these attack.but the Web server can 
comprehend them and will be attacked.
Maybe we should add some higher-level protocol parsing mechanism,do what a real webserver do,but can anyone tell us 
some easy way to settle this problem. or if anyone know  there are some opensource software already achieve the 
string-convert work ?
Thanks a lot!