Most of the work for securing the routing protocols of mobile ad hoc wireless networks has been done in prevention. Intrusion detection systems play a complimentary role to that of prevention for dealing with malicious insiders, incorrect implementation and attack models. We present a statistical framework that allows the incorporation of prior information about the normal behavior of the network and of network attacks in a principled way for the detection of known and unkown attacks. For detecting an attack as soon as possible we use quickest change detection stalgorithms. We use hidden Markov models (HMMs) as a generative view of the dynamic evolution of the hop count distribution. Our results show that simple attacks can be detected by an anomaly detection framework. However, detection of more complex attacks requires incorporation of prior knowledge in the HMMs.