New challenges within the area of security have arisen due to a relative new paradigm called mobile ad hoc networks. A mobile ad hoc network consists of wireless nodes that form a radio network without any pre-existing infrastructure or centralized servers. However, these networks have inherent vulnerabilities that make them susceptible to malicious attacks such as denial of service and propagation of incorrect routing information. Current security solutions for tactical radio networks are not sufficient. New solutions for intrusion detection are needed to obtain an acceptable level of security. In this report, we first examine the vulnerabilities of mobile ad hoc networks, the reason why we need intrusion detection, and the reason why the current methods for intrusion detection cannot be applied in tactical ad hoc context. Thereafter, requirements for intrusion detection in tactical mobile ad hoc networks are explored. We then propose a new architecture for intrusion detection, based on specification-based detection, applicable to a tactical mobile ad hoc network. To illustrate the approach, we present a new specification-based algorithm that detects attacks in protocols based on a set of constraints, which describe the correct operation of the protocols. A second approach based on anomalies is also briefly described.