Understanding AI Methods for Intrusion Detection and Cryptographic Leakage

TL;DR

This paper evaluates AI-based intrusion detection and cryptographic leakage identification, showing high accuracy in stable environments but performance drops with new traffic patterns, and highlighting AI's potential in vulnerability detection.

Contribution

It provides empirical insights into AI's effectiveness in cybersecurity, especially in detecting network intrusions and cryptographic side-channel leaks under various conditions.

Findings

AI models achieve near-perfect detection in stable environments.

Performance declines with unseen traffic patterns.

AI can help uncover implementation vulnerabilities.

Abstract

We investigate the role of artificial intelligence in cybersecurity by evaluating how machine learning techniques can detect malicious network activity and identify potential information leakage in cryptographic implementations. We conduct a series of experiments using the NSL-KDD and CIC-IDS datasets to evaluate intrusion detection performance across controlled and shifted data environments. Our results demonstrate that AI models can achieve near-perfect detection accuracy within stable network environment. However, their performance declines when exposed to fluctuating or previously unseen traffic patterns. We also observed that learned models identify patterns consistent with side-channel leakage, suggesting that AI can assist in uncovering implementation-level vulnerabilities.