Understanding AI Methods for Intrusion Detection and Cryptographic Leakage
For cybersecurity practitioners, this work highlights the limitations of AI-based intrusion detection under data distribution shifts and suggests potential for AI in side-channel analysis.
The study evaluates AI-based intrusion detection on NSL-KDD and CIC-IDS datasets, achieving near-perfect accuracy in stable environments but performance declines under shifting traffic patterns. It also finds that AI can identify patterns consistent with cryptographic side-channel leakage.
We investigate the role of artificial intelligence in cybersecurity by evaluating how machine learning techniques can detect malicious network activity and identify potential information leakage in cryptographic implementations. We conduct a series of experiments using the NSL-KDD and CIC-IDS datasets to evaluate intrusion detection performance across controlled and shifted data environments. Our results demonstrate that AI models can achieve near-perfect detection accuracy within stable network environment. However, their performance declines when exposed to fluctuating or previously unseen traffic patterns. We also observed that learned models identify patterns consistent with side-channel leakage, suggesting that AI can assist in uncovering implementation-level vulnerabilities.