Ukrainian Information Security Research Journal

METHODS FOR ADAPTIVE PRIORITIZATION OF REGRESSION TESTING IN DEVSECOPS ENVIRONMENTS CONSIDERING INFORMATION SECURITY RISKS OF ONLINE SERVICES

2026-05-12T06:38:13+03:00

Modern online services, particularly government digital platforms, operate under conditions of high development dynamics and increased cyber threats, which necessitates the integration of security considerations into the software testing process. This paper addresses the problem of regression test prioritization in DevSecOps environments, where time and resource constraints within CI/CD pipelines make it infeasible to execute the entire test suite. An analysis of contemporary regression test prioritization methods is conducted, including approaches based on code coverage, defect history, previous test execution results, risk assessment, heuristic algorithms, and machine learning techniques. Their strengths and limitations are identified in terms of fault detection effectiveness, adaptability, implementation complexity, and suitability for CI/CD environments. Particular attention is given to evaluating the extent to which information security risks are considered within each approach. It is established that most existing methods primarily focus on the detection of functional defects and do not incorporate security factors as an independent prioritization criterion, which may result in overlooking components critical from a security perspective. Based on the comparative analysis, key limitations of current approaches are identified, including the lack of integration with security analysis tools, reliance on indirect quality indicators, insufficient adaptability to evolving threat landscapes, and neglect of system usage context. The necessity of developing adaptive regression test prioritization approaches that integrate security metrics into the decision-making process is substantiated.

MODEL OF SECONDARY PARAMETERS FOR ASSESSING STATUS OF THE STATE SECRET PROTECTION

2026-05-12T06:52:19+03:00

Protection of classified information, especially state secrets, is an important task in the field of national and information security of the state. To minimize possible damage to the national security of Ukraine from violations in the field of state secret protection and to reduce the negative international rating and other serious consequences at the state level, the task of creating specialized databases, developing and improving existing methods and models that implement relevant assessments is urgent. That is why the theoretical multiple presentation of the parameters of the “Report on the State of Protection of State Secrets” in tuple models allows solving the actual scientific and practical task of formalizing the process of assessing the negative consequences of leaking a state secret, its disclosure or loss of Material Carriers of Secret Information (MCSI), violation of the secrecy regime and state of ensuring the protection of country’s secrets in general. Previously, a tuple model of primary and internal parameters was developed, and now, as its completion, a model of secondary parameters and its hierarchical structure has already been proposed, due to the integrated theoretic-multiple representation of sets characterizing information: the implementation or ordering (scientific and/or scientific and technical support) of secret research, development, design and other scientific works, manufacture of secret products, regime premises, objects of information activity, international cooperation, etc., allows to determine sets of input and output parameters for the formation of special databases and formalization of the process of damage assessment caused to national security by violations of state secret protection mechanisms. In the future, to implement the above process, it is necessary to improve the method of assessing damage to national security in the event of a leak of state secrets, both separately for the subject of regime-secret activity (reporting subject) and for the organization (institution) to which the reporting subjects are directly subordinate.

LEGAL FRAMEWORK FOR ARTIFICIAL INTELLIGENCE IN UKRAINE

2026-05-12T06:59:50+03:00

This article proposes scientifically grounded recommendations for the future development of special legislation on artificial intelligence in Ukraine, taking into account the state’s European integration course. The results of the study indicate that, as of early 2026, the legal regulation of artificial intelligence in Ukraine remains fragmented. A specific law is absent, and legal relations are governed by general provisions of civil, information, and administrative legislation. By Order of the Cabinet of Ministers of Ukraine No. 457-r dated May 9, 2025, the Action Plan for the implementation of the Concept for the Development of Artificial Intelligence for 2025– 2026 was approved; however, this document has an exclusively programmatic character and does not contain regulatory provisions. A comparative analysis with the EU AI Act revealed significant gaps: Ukraine has not yet introduced a risk-based approach, classification of AI systems, mechanisms of mandatory certification, or independent oversight.

METHOD FOR PREDICTING NODE COMPROMISE IN EDGE AND FOG ENVIRONMENTS FOR CRITICAL INFRASTRUCTURE

2026-05-12T10:26:06+03:00

The paper proposes a method for predicting node compromise in edge and fog environments for critical infrastructure systems. The relevance of the study is determined by the increasing number of cyberattacks on distributed IoT networks, where disruption of individual components may lead to data integrity violations, reduced node reliability, and degradation of information infrastructure operation. The proposed method is based on the analysis of behavioral and network characteristics of edge/fog components, feature vector formation, anomaly score calculation, integrated compromise risk assessment, trust level estimation, and the use of a
generalized danger indicator. A distinctive feature of the approach is the combination of anomaly detection with state prediction, which makes it possible not only to identify current deviations in node behavior but also to estimate the probability of their transition to a potentially dangerous state. The use of machine learning and neural network elements provides the basis for adapting the method to dynamic operating conditions of distributed systems. The proposed approach can be used to
improve data protection, support timely detection of anomalous behavior, and implement proactive IoT network security mechanisms in critical infrastructure systems.

INTRUSION DETECTION IN NETWORKS UNDER CONDITIONS OF UNCERTAINTY

2026-05-12T10:48:07+03:00

The article addresses the problem of intrusion detection in computer networks under conditions of uncertainty caused by incomplete and inaccurate data, the dynamic nature of network traffic, the concealed character of modern attacks,
and the use of encryption mechanisms. The limitations of traditional signature-based intrusion detection systems are demonstrated, as they fail to provide sufficient effectiveness in the absence of complete attack descriptions and lead to an increased number of false positives and missed threats. A conceptual model of a hybrid intrusion detection system is proposed, combining signaturebased, anomaly-based, and fuzzy-logic approaches. To formalize uncertainty, fuzzy set theory is employed, including fuzzification of network traffic parameters and defuzzification to obtain an integral threat indicator. An uncertainty coefficient is
introduced, enabling a quantitative assessment of the impact of incomplete information on the level of intrusion risk. A mathematical model describing the dependence of risk on uncertainty is proposed and its properties are analyzed.
The approach is based on mathematical modeling and methods for processing imprecise information, which enhances the adaptability of intrusion detection systems (IDS) and their ability to operate effectively under uncertainty. The application of
fuzzy logic, probabilistic models, and machine learning algorithms provides a foundation for reducing false alarms and achieving more accurate identification of potential threats. An algorithmic approach to constructing an IDS with an adaptive detection threshold that varies according to the level of environmental uncertainty is developed. A methodology for evaluating the
probability of attack detection and the false positive rate using ROC curves is presented, along with numerical examples demonstrating the effectiveness of the proposed approach. The results confirm that the use of fuzzy logic and probabilistic models
improves intrusion detection accuracy, reduces the number of false alarms, and ensures the adaptability of protection systems to new and previously unknown attack scenarios.

COMPARATIVE ANALYSIS OF STANDARDS AND REGULATORY DOCUMENTS FOR LONG-TERM PRESERVATION AND VALIDATION OF ELECTRONIC DOCUMENTS AND SIGNATURES

2026-05-12T11:02:03+03:00

The article provides a comparative analysis of international, European and Ukrainian standards and regulatory documents governing long-term preservation of electronic documents and long-term validation of electronic signatures. The regulatory landscape is systematized at three levels: global (OAIS/ISO 14721, ISO 16363, IETF RFC 4998/6283, AdES formats), European (eIDAS 1.0/2.0, ETSI EN 319 series, TR-ESOR, NF Z42-013, E-ARK), and national (Ukrainian Law on Electronic Trust Services, Ministry of Justice Order No. 1886/5 as amended in 2025, e-Archive pilot). Key differences in the depth of legal regulation, maturity of trust service infrastructure, and practical application of LTV mechanisms are identified.

MACHINE-LEARNING-BASED SELECTION OF ENCRYPTION ALGORITHMS FOR UAV

2026-05-12T11:12:09+03:00

Unmanned Aerial Vehicles (UAVs) generate heterogeneous data streams, including real-time video, telemetry, and
command-and-control messages, while operating under strict constraints on communication bandwidth, energy consumption,
computational resources, and mission risk levels. The use of a single universal encryption algorithm across all UAV scenarios is
inefficient, as it either results in excessive computational and energy overhead or provides an insufficient level of cryptographic protection in critical conditions. In this work, a set of eight criteria (K₁–K₈) for the informed selection of symmetric encryption algorithms is formalized. Based on these criteria, a machine learning (ML)-driven approach is proposed to enable the automated selection of the most appropriate cryptographic algorithm according to the parameters of a given UAV deployment scenario.
The key scientific contribution lies in the development of a UAV-oriented dataset that integrates mission context parameters
(operational conditions, resource constraints, threat levels) with cryptographic characteristics of algorithms (security strength, performance, and resource efficiency). The proposed feature structure provides a formalized representation of the algorithm selection problem and establishes a foundation for training intelligent decision-making models.
Each feature group is grounded in state-of-the-art research in UAV cybersecurity, lightweight cryptography, and ML-based adaptive
encryption. Furthermore, this work extends the authors’ previous studies related to the development of cryptographic algorithm datasets and the application of neural networks for ensuring image confidentiality in UAV systems.