US Patent 10410002 Intrusion detection apparatus, system and methods

Described herein are various technologies for detection and mitigation of rogue terminal attacks on multiplex data buses. An intrusion detection device is incorporated between a bus controller and a bus of a multiplex data bus. The intrusion detection device receives message that are communicated among the bus controller and a plurality of remote terminals (by way of the bus). The intrusion detection device determines whether messages are unauthorized based upon origins of the messages and predefined rules. When a message is determined to be unauthorized, the intrusion detection device outputs a notification that the unauthorized message has been detected and can block the unauthorized message.