Method for vehicle intrusion detection with mobile router

The invention claimed is: 1. A method of operating a mobile router installed in a vehicle, said vehicle comprising a vehicle network bus coupled to a plurality of electronic control units each of said electronic control units comprising a separate processor and a separate physical memory, said mobile router comprising: a wireless wide area network interface to access a wireless wide area network, a wireless local area network interface operable to provide a wireless local area network mobile with said mobile router, an interface to said vehicle network bus coupled to said plurality of electronic control units, a separate processor, a separate physical mobile router memory, and an intrusion detection program stored in said separate physical mobile router memory and executable by said mobile router separate processor to detect electronic intrusions, said mobile router operable to route data between one or more mobile devices located in said vehicle coupled to said wireless local area network mobile with said router and said wireless wide area network, said method comprising: isolating said intrusion detection program to insure the integrity of said intrusion detection program; utilizing one or more memory isolation approaches to isolate said intrusion detection program stored in said separate physical mobile router memory from any other program or programs to insure said integrity of said intrusion detection program; monitoring data on said vehicle network bus; utilizing said intrusion detection program to detect one or more anomalies in said monitored data indicative of an electronic intrusion; and generating an alert indicative of an electronic intrusion upon detection of said one or more of anomalies indicative of an electronic intrusion said one or more anomalies indicative of an electronic intrusion comprise re-flashing of an electronic control unit memory and predetermined radio frequency hub activity in said vehicle of a type that comprise attempts to determine a predetermined code assigned to said vehicle; and receiving at least one of calibration information and update information for said intrusion detection program via a selected one of said wireless wide area network interface and said wireless local area network interface. 2. The method in accordance with claim 1 , comprising: storing said intrusion detection program in a first memory portion of said separate physical mobile router memory; and storing said one or more programs in a second memory portion of said separate physical mobile router memory. 3. The method in accordance with claim 1 , wherein: said intrusion detection program utilizes statistical anomaly detection. 4. The method in accordance with claim 1 , wherein: said intrusion detection program comprises Bayes' Law. 5. The method in accordance with claim 1 , comprising: transmitting said alert indicative of an electronic intrusion to one of a display in said vehicle, a mobile device, and a server. 6. The method in accordance with claim 1 , comprising: transmitting said alert indicative of an electronic intrusion via a selected one of said wireless wide area network interface and said wireless local area network interface to one of a mobile device and a server. 7. The method in accordance with claim 1 , wherein: said vehicle network bus comprises a Controller Area Network (CAN) bus. 8. The method in accordance with claim 1 , comprising: determining a profile of normal data on said vehicle network bus based upon learned data; and utilizing said profile of normal data to detect said one or more anomalies. 9. The method in accordance with claim 8 , wherein: said normal data comprises one or more of an amount of normal traffic, identification of normal messages, identification of normal vehicle device to device communication, and identification of normal sensor data. 10. The method in accordance with claim 1 , wherein: said intrusion detection program comprises specification based anomaly detection. 11. The method in accordance with claim 10 , comprising: ignoring all specification compliant data on said vehicle network bus; and generating said alert indicative of an electronic intrusion for data on said vehicle network bus that is not specification compliant. 12. The method in accordance with claim 10 , comprising: transmitting said alert indicative of an electronic intrusion to one of a display in said vehicle, a mobile device, and a server. 13. The method in accordance with claim 10 , comprising: transmitting said alert indicative of an electronic intrusion via a selected one of said wireless wide area network interface and said wireless local area network interface to one of a mobile device and a server. 14. The method in accordance with claim 10 , comprising: utilizing said specification-based anomaly detection to detect one or more of acceleration patterns, braking patterns, original equipment manufacturer (OEM) provided patterns, counterfeit airbags, and invalid bus identifications. 15. The method in accordance with claim 1 , comprising: said intrusion detection program comprises an anomaly detection engine; and utilizing said anomaly detection engine. 16. The method in accordance with claim 1 , wherein: said anomaly detection engine said intrusion detection program comprises one of statistical anomaly detection and specification based anomaly detection.