Systems and methods for relating network intrusions to passenger-owned devices

What is claimed is: 1. A correlation engine of a network system on board a vehicle, the network system including a network bus, a network processor connected to the network bus, a network storage area of at least a first storage device connected to the network bus, a first plurality of wireless network-access devices distributed in a passenger area of the vehicle that are accessible by a passenger using a passenger-owned device having a corresponding wireless communication device, and a first plurality of network nodes including the first plurality of network-access devices, wherein the network processor is configured to detect an unauthorized data intrusion on the network system by the passenger-owned device communicating wirelessly with the network system through at least one of the first plurality of network-access devices; the correlation engine comprising: a correlation-engine processor, and a correlation-engine storage area of the at least the first storage device; wherein the correlation-engine processor is configured to: (a) receive from the network processor intrusion information associated with a detected unauthorized data intrusion, including information regarding a communication signal associated with the detected unauthorized data intrusion; (b) store on the correlation-engine storage area communications information including information that is unique to the passenger-owned device, and including actual and optional routes through network nodes of the first plurality of network nodes traversed by the communication signal associated with the detected unauthorized data intrusion; (c) store passenger-area information relating passenger positions to locations of the first plurality of network-access devices; and (d) determine a position of the passenger in the passenger area using distance vectoring based at least in part on the stored communications signal route information. 2. The correlation engine of claim 1 , wherein the correlation-engine processor is further configured to assign a unique code to the passenger-owned device, and associate the unique code with communications by the passenger-owned device on the network system. 3. The correlation engine of claim 2 , wherein the network system further includes a first plurality of network nodes including the first plurality of network-access devices, and the correlation-engine processor is further configured to: store communication-signal information for at least one network node of the first plurality of network nodes for communications received by the at least one network-access device from the passenger-owned device, and correlate communications information associated with the passenger-owned device with passenger-related information of a passenger based at least in part on the communication-signal information, the passenger-related information including passenger positions, wherein the correlation-engine processor is configured to determine the position of the passenger based on the correlation. 4. The correlation engine of claim 3 , wherein the communication-signal information includes timing information for each of a second plurality of network nodes of the first plurality of network nodes for communications transmitted by the passenger-owned device and received by the second plurality of network nodes, and the correlation-engine processor is configured to determine the position of the passenger using multilateration based at least in part on the communication-signal information. 5. The correlation engine of claim 3 , further comprising a plurality of first sensors distributed in predetermined locations in the passenger area, each first sensor being configured to receive a first signal from a first transmitter on the passenger-owned device that is not the wireless communication device, and wherein the correlation-engine processor is configured to store in the correlation-engine storage area first-sensor information associated with the first signal and correlate the first sensor information with the communication-signal information based at least in part on the communications information and the passenger-related information. 6. The correlation engine of claim 3 , where the vehicle further includes a plurality of cameras distributed about the passenger area, and wherein the intrusion information associated with the detected unauthorized data intrusion includes information regarding a communication signal associated with the detected unauthorized data intrusion, and the correlation-engine processor is further configured to store camera images of passenger positions in the passenger area, and associate the determined position of the passenger with a stored camera image of the determined position of the passenger taken when the communication signal associated with the detected unauthorized data intrusion was received by a network-access device proximate to the determined position of the passenger. 7. The correlation engine of claim 1 , where the network system is configured to communicate with the passenger-owned device over one of a plurality of channels each having a different channel frequency, and wherein the correlation-engine processor is further configured to assign to the passenger-owned device one of the plurality of channels, and associate the assigned channel with communications by the passenger-owned device on the network system. 8. A method of relating a data intrusion on a network of a vehicle to a passenger on the vehicle, the network including a network processor, a network storage area of at least a first storage device, a first plurality of wireless network-access devices distributed in a passenger area of the vehicle that are accessible by the passenger using a passenger-owned device having a corresponding wireless communication device, a first plurality of network nodes including the first plurality of network-access devices, and a plurality of cameras distributed about the passenger area, the method comprising: storing on a correlation-engine storage area communications information representative of data communications occurring on the network, the data communications including information that is unique to the passenger-owned device and the communications information including information regarding a communication signal associated with the detected unauthorized data intrusion, receiving from the network processor intrusion information associated with a detected unauthorized data intrusion on the network by the passenger-owned device communicating wirelessly with the network system through at least one of the first plurality of network-access devices; storing communication-signal information for at least one network node of the first plurality of network nodes for communications received by the at least one network-access device from the passenger-owned device; and correlating communications information associated with the passenger-owned device with passenger-related information of the passenger based at least in part on the communication-signal information, the passenger-related information including passenger positions; determining a location of the passenger-owned device based at least in part on the communications information correlation; storing camera images of passenger positions in the passenger area; and associating the determined location with a stored camera image of the determined location taken when the communication signal associated with the detected unauthorized data intrusion was received by a network-access device proximate to the determined location. 9. The method of claim 8 , further comprising assigning a unique code to the passenger-owned device, and associating the unique code with communications by the passenger-owned device