Journal: Volume 31, No. 1, 2026
Pages: 128 – 142
DOI: https://doi.org/10.62660/bcstu/1.2026.128
211 Views

Integration of security testing into QA pipelines using adversarial ML

Anatolii Husakovskyi
Received 09.09.2025
Revised 30.01.2026
Accepted 16.03.2026
Published 08.04.2026

Abstract

The study aimed to theoretically systematise approaches to improving the resilience of machine learning systems in cyber defence by integrating resilience testing into the security process. The methodology covered the systematisation of machine learning areas in cyber defence, analysis of strategies to counter adversarial attacks, and a case study of integration into quality assurance and machine learning operations. The study found that the use of machine learning technologies in cyber defence enables the automation of threat detection and response (network anomalies, behavioural analysis, anti-phishing, anti-fraud, malware classification). The main advantages are scalability, response speed, predictability, and effectiveness in complex environments, while the key risks include dependence on data quality, false positives, vulnerability to adversarial and poisoning attacks, as well as privacy and explainability issues. The study determined that adversarial machine learning distinguishes between three attack scenarios (white-box, black-box, grey-box) and their classes (evasion, data poisoning, privacy/inference, model extraction, generative artificial intelligence. The study emphasised that adversarial machine learning encompasses not only technical but also regulatory and ethical dimensions related to the principles of privacy, fairness, and transparency in the use of artificial intelligence. Multi-level protection strategies were presented, integrated into the machine learning model lifecycle at the data level, during training, after training, at the deployment and inference stages. Practical cases demonstrated the feasibility of applying machine learning and anti-money laundering in various domains, from network security and security operations centres to development and operations/continuous integration/continuous delivery, the financial sector, stress testing machine learning pipelines, as well as quality assurance and machine learning operations. The practical significance lies in the ability of cybersecurity specialists, financial analysts, and machine learning operations engineers to use the results to improve the efficiency of security operations centres, integrate adversarial testing, and ensure the stability of machine learning models in production environments

Keywords

model resilience; algorithm vulnerabilities; resilience metrics; automated testing; model lifecycle; protective mechanisms

References

  1. Adversarial robustness evaluation metric. (2025). Retrieved from https://www.ibm.com/docs/en/watsonx/ saas?topic=metrics-adversarial-robustness&utm_source=.
  2. Agarwal, A., & Nene, M.J. (2025). Advancing trustworthy AI: A comparative evaluation of AI robustness toolboxes. SN Computer Science, 6, article number 234. doi: 10.1007/s42979-025-03785-w.
  3. Amazon Web Services. (n.d.). Metrics for CI/CD pipelines. Retrieved from https://docs.aws.amazon.com/ prescriptive-guidance/latest/strategy-cicd-litmus/metrics-for-cicd-pipelines.html?utm_source=.
  4. Bagai, R., Masrani, A., Ranjan, P., & Najana, M. (2024). Implementing continuous integration and deployment (CI/CD) for machine learning models on AWS. International Journal of Global Innovations and Solutionsdoi: 10.21428/e90189c8.9cb39c55.
  5. Bena, N., Anisetti, M., Gianini, G., & Ardagna, C.A. (2024). Certifying accuracy, privacy, and robustness of MLBased malware detection. SN Computer Science, 5(1), article number 710. doi: 10.1007/s42979-024-03024-8.
  6. Bountakas, P., Zarras, A., Lekidis, A., & Xenakis, C. (2023). Defense strategies for adversarial machine learning: A survey. Computer Science Review, 49, article number 100573. doi: 10.1016/j.cosrev.2023.100573.
  7. El Gharbaoui, O., Kiyadi, I., & El Boukhari, H. (2024). Evaluating AI and ML in network security: A comprehensive literature review. Procedia Computer Science, 251, 727-733. doi: 10.1016/j.procs.2024.11.176.
  8. Fessenko, D.S., & Jasperse, A. (2025). Ethics at the heart of AI regulation. AI and Ethics, 5, 3387-3398. doi: 10.1007/ s43681-024-00562-y.
  9. Filus, K., & Domańska, J. (2024). Similarity-driven adversarial testing of neural networks. Knowledge-Based Systems, 305, article number 112621. doi: 10.1016/j.knosys.2024.112621.
  10. Gajbhiye, B., Aggarwal, A., & Jain, S. (2024). Automated security testing in DevOps environments using AI and ML. International Journal for Research Publication and Seminar, 15(2), 259-271. doi: 10.36676/jrps.v15.i2.1472.
  11. Gala, D.L., Molleda, J., & Usamentiaga, R. (2025). Evaluating the impact of adversarial patch attacks on YOLO models and the implications for edge AI security. International Journal of Information Security, 24, article number 154. doi: 10.1007/s10207-025-01067-3.
  12. Gopireddy, S.R. (2024). AI-powered code review and vulnerability detection in DevOps pipelinesJournal of Scientific and Engineering Research, 11(10), 124-129.
  13. Guo, J., Bao, W., Wang, J., Ma, Y., Gao, X., Xiao, G., Liu, A., Dong, J., Liu, X., & Wu, W. (2023). A comprehensive evaluation framework for deep model robustness. Pattern Recognition, 137, article number 109308. doi: 10.1016/j.patcog.2023.109308.
  14. ISO/IEC 23894:2023. (2023). Information technology – artificial intelligence – guidance on risk management. Retrieved from https://www.iso.org/standard/77304.html?utm_source=.
  15. Jedrzejewski, F.V., Thode, L., Fischbach, J., Gorschek, T., Mendez, D., & Lavesson, N. (2024). Adversarial machine learning in industry: A systematic literature review. Computers & Security, 145, article number 103988. doi: 10.1016/j.cose.2024.103988.
  16. Jiang, L., & Torra, V. (2023). Data protection and multi-database data-driven models. Future Internet, 15(3), article number 93. doi: 10.3390/fi15030093.
  17. Jiang, X., Xia, Y., Zhang, X.-P., & Ma, J. (2022). Robust image matching via local graph structure consensus. Pattern Recognition, 126, article number 108588. doi: 10.1016/j.patcog.2022.108588.
  18. Kashefi, P., Kashefi, Y., & Mirsaraei, A.G. (2024). Shaping the future of AI: Balancing innovation and ethics in global regulation. Uniform Law Review, 29(3), 524-548. doi: 10.1093/ulr/unae040.
  19. Khaleel, Y.L., Habeeb, M.A., Albahri, A.S., Al-Quraishi, T., Albahri, O.S., & Alamoodi, A.H. (2024). Network and cybersecurity applications of defense in adversarial attacks: A state-of-the-art using machine learning and deep learning methods. Journal of Intelligent Systems, 33(1), article number 20240153. doi: 10.1515/ jisys-2024-0153.
  20. Kim, T.W., & Strudler, A. (2023). Should robots have rights or rites? Communications of the ACM, 66(6), 78-85. doi: 10.1145/3571721.
  21. Kotenko, D., & Khlaponin, Y. (2024). Artificial intelligence in cyber attack detection and prevention systems: Prospects and challenges. Underwater Technologies, 1(14), 48-55. doi: 10.32347/uwt.2024.14.1203.
  22. Liu, R., Shi, J., Chen, X., & Lu, C. (2024). Network anomaly detection and security defense technology based on machine learning: A review. Computers and Electrical Engineering, 119(A), article number 109581. doi: 10.1016/j. compeleceng.2024.109581.
  23. Macas, M., Wu, C., & Fuertes, W. (2024). Adversarial examples: A survey of attacks and defenses in deep learningenabled cybersecurity systems. Expert Systems with Applications, 238(E), article number 122223. doi: 10.1016/j. eswa.2023.122223.
  24. Malatji, M., & Tolah, A. (2025). Artificial intelligence (AI) cybersecurity dimensions: A comprehensive framework for understanding adversarial and offensive AI. AI and Ethics, 5, 883-910. doi: 10.1007/s43681-024-00427-4.
  25. Microsoft Security. (n.d.). How Microsoft secures generative AI. Retrieved from https://www.microsoft.com/content/ dam/microsoft/final/en-us/microsoft-brand/documents/EN-US_BDM_Microsoft_Security_Whitepaper_v3.pdf.
  26. MLOps: Continuous delivery and automation pipelines in machine learning. (n.d.). Retrieved from https://cloud.google.com/architecture/mlops-continuous-delivery-and-automation-pipelines-in-machine-learning?utm_ source=.
  27. Musser, M., et al. (2023). Adversarial machine learning and cybersecurity: Risks, challenges, and legal implications. Georgetown: CSET. doi: 10.51593/2022CA003.
  28. National Institute of Standards and Technology. (2023). Artificial Intelligence: A taxonomy of AI risk and a framework for assessing AI risk (NIST AI 100-1). Gaithersburg: National Institute of Standards and Technology. doi: 10.6028/NIST.AI.100-1.
  29. Neretin, O., & Kharchenko, V. (2022). Ensurance of artificial intelligence systems cyber security: Analysis of vulnerabilities, attacks and countermeasures. Academic Journals and Conferences, 12, 7-22. doi: 10.23939/ sisn2022.12.007.
  30. OpenAI. (2024). GPT-4o system card. Retrieved from https://cdn.openai.com/gpt-4o-system-card.pdf?utm_ source=.
  31. Polemi, N., & Praça, I. (2023). Multilayer framework for good cybersecurity practices for AI. Attiki: European Union Agency for Cybersecurity.
  32. Roshanaei, M., Khan, M.R., & Sylvester, N.N. (2024). Enhancing cybersecurity through AI and ML: Strategies, challenges, and future directions. Journal of Information Security, 15(3), 320-339. doi: 10.4236/jis.2024.153019.
  33. Saeed, M.M., & Alsharidah, M. (2024). Security, privacy, and robustness for trustworthy AI systems: A review. Computers and Electrical Engineering, 119(B), article number 109643. doi: 10.1016/j.compeleceng.2024.109643.
  34. Sarhan, B.B., & Altwaijry, N. (2023). Insider threat detection using machine learning approach. Applied Sciences, 13(1), article number 259. doi: 10.3390/app13010259.
  35. Steidl, M., Felderer, M., & Ramler, R. (2023). The pipeline for the continuous development of artificial intelligence models – current state of research and practice. Journal of Systems and Software, 199, article number 111615. doi: 10.1016/j.jss.2023.111615.
  36. Vadde, B.C., & Munagandla, V.B. (2023). Integrating AI-driven continuous testing in DevOps for enhanced software qualityJournal of Artificial Intelligence in Medicine, 14(1), 505-515.
  37. Vassilev, A., Oprea, A., Fordyce, A., Anderson, H., Davies, X., & Hamin, M. (2025). Adversarial machine learning: A taxonomy and terminology of attacks and mitigations. Gaithersburg: National Institute of Standards and Technology. doi: 10.6028/NIST.AI.100-2e2025.
  38. Velaga, S.P. (2024). Case studies of successful CI/CD pipeline implementations for Machine Learning and AI. International Journal of Research and Analytical Reviews, 11(3), 137-145.
  39. Yaseen, A. (2023). The role of machine learning in network anomaly detection for cybersecurity. Sage Science Review of Applied Machine Learning, 6(8), 16-34.
  40. Zhu, J., Xu, G., Lorenzi, F., Glavic, B., & Salimi, B. (2025). Stress-testing ML pipelines with adversarial data corruption. Proceedings of the VLDB Endowment, 18(11), 4668-4681. doi: 10.14778/3749646.3749721.

Suggested citation

Husakovskyi, A. (2026). Integration of security testing into QA pipelines using adversarial ML. Bulletin of Cherkasy State Technological University, 31(1), 128-142. https://doi.org/10.62660/bcstu/1.2026.128