Automotive Ethernet enables high-bandwidth in-vehicle networking, facilitating the transmission of sensor data among electronic control units. However, the increasing connectivity and potential vulnerability inheritance in connected and autonomous vehicles expose them to security risks. To address this challenge, an intrusion detection system (IDS) capable of analyzing automotive Ethernet traffic and detecting anomalies is essential. In thisarticle, we propose automotive Ethernet real-time observer (AERO), an unsupervised network IDS designed to protect in-vehicle networks. AERO consists of three components: a feature extractor that constructs three multimodal features, a neural network for processing the extracted features, and an online anomaly detector that calculates outlier scores in real time. We evaluate the performance of AERO using the TOW-IDS automotive Ethernet intrusion dataset. The experimental results demonstrate that AERO achieves high detection performance across five different attack types and is highly applicable to automotive-grade devices for real-time anomaly detection.