Intruder detection using a wireless service mesh network

What is claimed is: 1. A computer-implemented method for detecting physical movement using a wireless mesh network, the wireless mesh network having a plurality of mesh points, each mesh point having a wireless coverage, wherein the wireless mesh network includes a fronthaul that provides wireless data communication to clients, and a backhaul that provides communication of management functions among the plurality of mesh points, the method comprising: compiling a database of known devices based on monitoring unique identifiers (UIDs) of known devices that have previously conducted communication with the wireless mesh network through the plurality of mesh points; coordinating, via the backhaul, the mesh points to utilize one or more of the mesh points to perform detection of a physical presence of devices within the wireless mesh network, wherein the detection comprises utilizing a difference in wireless network circuitry of the one or more mesh points that provides the fronthaul to estimate an existence of an anomalous device within the wireless mesh network; upon detecting a physical presence of a subject device within a physical space of the wireless mesh network, determining, based on the database of known devices, whether the physical presence of the subject device belongs to an anomaly; and when the physical presence of the subject device is determined to be an anomaly, causing a security action to be performed. 2. The method of claim 1 , wherein the database of known devices includes UIDs of known devices, and pattern of known devices. 3. The method of claim 2 , wherein the pattern of the known devices includes time of presence and estimated locations of the known devices within the wireless mesh network. 4. The method of claim 1 , wherein the physical presence of the subject device is determined to be an anomaly when data in the database of known devices show that an estimated location of the subject device deviates from a pattern of known devices. 5. The method of claim 1 , wherein the physical presence of the subject device is determined to be an anomaly when a location of the subject device is within a determined boundary. 6. The method of claim 5 , wherein determined boundary is determined by a pattern of known devices or by an administrator of the wireless mesh network. 7. The method of claim 1 , wherein the physical presence of the subject device is determined to be an anomaly when historic data show that a timing of the subject device's physical presence deviates from a pattern of known devices. 8. The method of claim 1 , wherein the physical presence of the subject device is determined to be an anomaly when the subject device has a UID not in the database of known devices. 9. The method of claim 1 , wherein determining whether the physical presence of the subject device is to be an anomaly is based on a window of data samples relating to the physical presence of the subject device over a predetermined period of time. 10. The method of claim 9 , wherein the physical presence of the subject device is an anomaly if an average value of the window varies more than a threshold. 11. The method of claim 1 , wherein the physical presence of the subject device is detected based on wireless communication prior to association between the wireless mesh network and the subject device. 12. The method of claim 11 , wherein the wireless communication prior to association contains a UID of the subject device. 13. The method of claim 1 , wherein the physical presence of the subject device is detected based on signal interference caused by the subject device or by the human body of an intruder with physical possession of the subject device. 14. The method of claim 1 , further comprising: causing a number of mesh points in the wireless mesh network to estimate a location of the subject device based on a proximity between each of the number of mesh points and the subject device. 15. The method of claim 14 , further comprising: determining the proximity between a respective mesh point and the subject device based on one or more of: (1) a round trip time (RTT) in communications between a respective mesh point and the subject device, (2) a time of arrival (TOA) of communications from the subject device to the respective mesh point, or (3) a received signal strength indicator (RSSI) value of communications from the subject device to the respective mesh point. 16. The method of claim 14 , further comprising: determining the proximity between a respective mesh point and the subject device based on whether the subject device is able to successfully communicate with one or more radio modules on the respective mesh point. 17. The method of claim 16 , wherein the one or more radio modules have different or tunable wireless communication ranges. 18. The method of claim 1 , further comprising: training one or more machine learning models on the known devices during an initial training period. 19. The method of claim 18 , wherein whether the physical presence of the subject device belongs to an anomaly is determined based on the one or more trained machine learning models. 20. The method of claim 18 , wherein training the one or more machine learning models comprises establishing a hidden Markov model to model movement of the subject device for determining the anomaly. 21. The method of claim 1 , further comprising: causing, by using a backhaul communication mechanism that is not client-serving, a number of mesh points in the wireless mesh network to estimate a location of the subject device. 22. The method of claim 1 , further comprising: instructing, by using a backhaul communication mechanism that is not client-serving, a number of mesh points in the wireless mesh network to utilize one or more client-serving radio modules that have different or tunable wireless communication ranges for estimating a location of the subject device.