In many mission-critical applications such as military operations or disaster relief efforts, wireless networks employing dynamic spectrum access enabled by cognitive radio technology gain popularity due to their high spectrum efficiency and interoperability. However, the use of cognitive radio further complicates the security problems in wireless networks and introduces additional challenges. For instance, an attacker may mimic the behavior of a licensed primary user and disrupt the communication strategy of opportunistic spectrum usage of cognitive radio nodes, known as Primary User Emulation Attacks. Another example is a smart jammer, who can scan the spectrum and jam channels selectively. A common characteristic of the attacks in both examples is that they cause anomalous spectrum usage and disrupt the dynamic spectrum access, thus we termed them Anomalous Spectrum Usage Attacks in the context of cognitive radio wireless networks. Anomalous Spectrum Usage Attacks are extremely difficult to detect. In order to address these challenges, we propose a cross-layer framework for security enhancement and attack mitigation. In addition to physical layer sensing, we also take advantage of statistical analysis of the routing information of multiple paths collected by the routing module at the network layer. Inference of congested areas due to spectrum shortage can be made by information fusion and the results from the inference module will be compared to prior knowledge of the primary users, and the suspicious spectrum shortage will be subject to selective auditing, where a manager such as a cluster head will poll more detailed data from the cognitive nodes locating near the suspicious area for further analysis. We use a spectrum-aware split multipath routing as a baseline routing for performance evaluation. The effectiveness of the proposed scheme is demonstrated by extensive simulations.