Aircraft are becoming increasingly connected to other systems or networks, introducing attack vectors and posing a threat to their operational effectiveness. Many military aircraft function using the MIL-STD-1553 protocol in order to communicate information across its systems. Previous intrusion detection research on this type of data bus is unable to detect spoofing attacks where only data words are manipulated. This paper presents the design of a MIL-STD-1553 anomaly-based intrusion detection system able to identify those attacks through the use of a novel histogram comparison approach and time-based features. The approach includes optimizations for improved time resolution in threat identification. Results demonstrate the effectiveness of the approach in identifying threats quickly and accurately.