INTACT: Intent-Aware Representation Learning for Cryptographic Traffic Violation Detection
Rahul D Ray
TL;DR
INTACT introduces an intent-aware framework for cryptographic traffic violation detection, improving interpretability and accuracy by modeling violations conditioned on security policies and observed behavior.
Contribution
It presents a novel policy-conditioned learning approach that models violations based on explicit security intents, enhancing detection performance and interpretability.
Findings
Achieves near-perfect AUROC in real-world data
Outperforms baseline methods in synthetic datasets
Demonstrates improved robustness and interpretability
Abstract
Security monitoring systems typically treat anomaly detection as identifying statistical deviations from observed data distributions. In cryptographic traffic analysis, however, violations are defined not by rarity but by explicit policy constraints, including key reuse prohibition, downgrade prevention, and bounded key lifetimes. This fundamental mismatch limits the interpretability and adaptability of conventional anomaly detection methods. We introduce INTACT (INTent-Aware Cryptographic Traffic), a policy-conditioned framework that reformulates violation detection as conditional constraint learning. Instead of learning a static decision boundary over behavioral features, INTACT models the probability of violation conditioned on both observed behavior and declared security intent. The architecture factorizes representation learning into behavioral and intent encoders whose fused…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsInternet Traffic Analysis and Secure E-voting · Network Security and Intrusion Detection · Smart Grid Security and Resilience