I think you are confused. The abstract states the opposite:
Abstract:
How does the security of the AES change when the S-box is
replaced by a secret S-box, about which the adversary has no knowledge?
Would it be safe to reduce the number of encryption rounds?
In this paper, we demonstrate attacks based on integral cryptanalysis which allow to recover both the secret key and the secret S-box for respectively four, five, and six rounds of the AES.
Despite the significantly larger amount of secret information which an adversary needs
to recover, the attacks are very efficient with time/data complexities of
$2^{17}/2^{16},2^{38}/2^{40}$ and $2^{90}/2^{64},$ respectively.
Another interesting aspect of our attack is that it works both as chosen
plaintext and as chosen ciphertext attack. Surprisingly, the chosen ciphertext variant has a significantly lower time complexity in the attacks on four and five round, compared to the respective chosen plaintext attacks.
In conclusion even though the nominal keylength is much longer the attacks demonstrated do not exhibit a corresponding increase in computational complexity.
Remark: An attack complexity of $2^f$ is equivalent to $f$ bits of security, typically measured by $2^f$ encryptions/decryptions in terms of time and $2^f$ blocks of memory in terms of space.