Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Understanding AI Methods for Intrusion Detection and Cryptographic Leakage

Reza Zilouchian, Michael Chavez, Fernando Koch

Abstract

We investigate the role of artificial intelligence in cybersecurity by evaluating how machine learning techniques can detect malicious network activity and identify potential information leakage in cryptographic implementations. We conduct a series of experiments using the NSL-KDD and CIC-IDS datasets to evaluate intrusion detection performance across controlled and shifted data environments. Our results demonstrate that AI models can achieve near-perfect detection accuracy within stable network environment. However, their performance declines when exposed to fluctuating or previously unseen traffic patterns. We also observed that learned models identify patterns consistent with side-channel leakage, suggesting that AI can assist in uncovering implementation-level vulnerabilities.

Understanding AI Methods for Intrusion Detection and Cryptographic Leakage

Abstract

We investigate the role of artificial intelligence in cybersecurity by evaluating how machine learning techniques can detect malicious network activity and identify potential information leakage in cryptographic implementations. We conduct a series of experiments using the NSL-KDD and CIC-IDS datasets to evaluate intrusion detection performance across controlled and shifted data environments. Our results demonstrate that AI models can achieve near-perfect detection accuracy within stable network environment. However, their performance declines when exposed to fluctuating or previously unseen traffic patterns. We also observed that learned models identify patterns consistent with side-channel leakage, suggesting that AI can assist in uncovering implementation-level vulnerabilities.

Paper Structure

This paper contains 11 sections, 8 figures, 1 table.

Table of Contents

  1. Introduction
  2. Background
  3. Method
  4. Experiment 1: NSL-KDD Intrusion Detection
  5. Experiment 2: Detection Sensitivity Analysis
  6. Experiment 3: Side Channel Analysis
  7. Analysis
  8. Finding 1: Performance Sensitivity to Data Distribution
  9. Finding 2: Feature-Level Vulnerabilities in AI-Based Detection
  10. Finding 3: AI-Based Identification of Side-Channel Leakage
  11. Conclusions

Figures (8)

  • Figure 1: Secure communication between Alice and Bob in the presence of an attacker (Eve).
  • Figure 2: Side Channel Explantion
  • Figure 3: Source vs. destination byte counts (log scale) showing clustered normal traffic and disperse attack activity.
  • Figure 4: Model performance comparison between training and shifted testing data
  • Figure 5: Model performance comparison between training and shifted testing data
  • ...and 3 more figures