A traditional Network Intrusion Detection System (NIDS) isbased on a centralized architecture that does not satisfy theneeds of most modern network infrastructures characterizedby high traffic volumes and complex topologies. The problemof decentralized NIDS based on multiple sensors is thateach of them gets just a partial view of the network trafficand this prevents a stateful and fully reliable traffic analysis.We propose a novel cooperation mechanism that addressesthe previous issues through an innovative state managementand state migration framework. It allows multipledecentralized sensors to share their internal state, thus accomplishing innovative and powerful traffic analysis. Theadvanced functionalities and performance of the proposedcooperative framework for network intrusion detection systemsare demonstrated through a fully operative prototype.