Recent years have witnessed increasing interests in passive intrusion detection for wireless environments, e.g., asset protection in industrial facilities and emergency rescue of trapped people. Most previous studies have focused primarily on exploiting a single intrusion indicator, such as moving variance, for capturing an intrusion pattern at a time. However, in real-world, there are many intrusion patterns which may be only detectable by combining different intrusion indicators and performing detection jointly. To this end, we propose a joint intrusion learning approach, which has the ability in combining the detection power of several complementary intrusion indicators and detects different intrusion patterns at the same time. We developed the GREEK algorithm, which utilizes grid-based clustering over K-neighborhood to effectively diagnose the presence of intrusions. Further, we show that the performance of intrusion detection can be enhanced by utilizing the collaborative detecting efforts among multiple transmitter-receiver pairs. To validate the effectiveness of the joint intrusion learning method, we conducted experiments in a real-office environment using an IEEE 802.15.4 (Zigbee) network. Our experimental results provide strong evidence of the effectiveness of our joint learning approach in performing passive intrusion detection with a minimized false positive rate.