Systems and methods for detecting intrusion into a data network are disclosed. Such intrusion can be detected, for example, by providing at least two network devices in a data network. Each of the network devices has a decoy cryptographic key that is used to detect unauthorized data and an authentic cryptographic key that is used to encrypt authorized data. The first network device receives data from the second network device that is encrypted using the decoy cryptographic key. The first network device determines that the data is encrypted using the decoy cryptographic key. The first network device deletes or otherwise discards the data encrypted using the decoy cryptographic key. The first network device can generate an alert message instructing other network devices that the second network device is generating the unauthorized data. The alert message also instructs the other network devices to ignore data originating from the second network device.