<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE article PUBLIC "-//NLM//DTD JATS (Z39.96) Journal Publishing DTD v1.3 20210610//EN" "JATS-journalpublishing1-3.dtd">
<article article-type="research-article" dtd-version="1.3" xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xml:lang="ru"><front><journal-meta><journal-id journal-id-type="publisher-id">kaz29</journal-id><journal-title-group><journal-title xml:lang="ru">Вестник Казахстанско-Британского технического университета</journal-title><trans-title-group xml:lang="en"><trans-title>Herald of the Kazakh-British Technical University</trans-title></trans-title-group></journal-title-group><issn pub-type="ppub">1998-6688</issn><issn pub-type="epub">2959-8109</issn><publisher><publisher-name>Казахстанско-Британский Технический Университет</publisher-name></publisher></journal-meta><article-meta><article-id pub-id-type="doi">10.55452/1998-6688-2026-23-1-197-208</article-id><article-id custom-type="elpub" pub-id-type="custom">kaz29-2513</article-id><article-categories><subj-group subj-group-type="heading"><subject>Research Article</subject></subj-group><subj-group subj-group-type="section-heading" xml:lang="ru"><subject>КОМПЬЮТЕРНЫЕ НАУКИ</subject></subj-group><subj-group subj-group-type="section-heading" xml:lang="en"><subject>COMPUTER SCIENCE</subject></subj-group></article-categories><title-group><article-title>ИНТЕЛЛЕКТУАЛЬНЫЙ ГИБРИДНЫЙ МЕТОД ДЛЯ АВТОМАТИЗИРОВАННОГО ТЕСТИРОВАНИЯ НА ПРОНИКНОВЕНИЕ В СЕТЯХ 5G И ПОСЛЕДУЮЩИХ ПОКОЛЕНИЙ</article-title><trans-title-group xml:lang="en"><trans-title>IINTELLIGENT HYBRID METHOD FOR AUTOMATED PENETRATION TESTING IN 5G AND BEYOND NETWORKS</trans-title></trans-title-group></title-group><contrib-group><contrib contrib-type="author" corresp="yes"><contrib-id contrib-id-type="orcid">https://orcid.org/0000-0003-3719-4091</contrib-id><name-alternatives><name name-style="eastern" xml:lang="ru"><surname>Иманбаев</surname><given-names>А. Ж.</given-names></name><name name-style="western" xml:lang="en"><surname>Imanbayev</surname><given-names>A. Zh.</given-names></name></name-alternatives><bio xml:lang="ru"><p>ассистент-профессор</p><p>г. Алматы</p></bio><bio xml:lang="en"><p>Assistant Professor</p><p>Almaty</p></bio><email xlink:type="simple">imanbaevazamat@gmail.com</email><xref ref-type="aff" rid="aff-1"/></contrib><contrib contrib-type="author" corresp="yes"><contrib-id contrib-id-type="orcid">https://orcid.org/0000-0002-8341-9645</contrib-id><name-alternatives><name name-style="eastern" xml:lang="ru"><surname>Бердибаев</surname><given-names>Р. Ш.</given-names></name><name name-style="western" xml:lang="en"><surname>Berdibayev</surname><given-names>R. S.</given-names></name></name-alternatives><bio xml:lang="ru"><p>профессор</p><p>г. Алматы</p></bio><bio xml:lang="en"><p>Professor</p><p>Almaty</p></bio><email xlink:type="simple">r.berdybaev@aues.kz</email><xref ref-type="aff" rid="aff-2"/></contrib><contrib contrib-type="author" corresp="yes"><contrib-id contrib-id-type="orcid">https://orcid.org/0000-0002-7130-1375</contrib-id><name-alternatives><name name-style="eastern" xml:lang="ru"><surname>Одарченко</surname><given-names>Р. С.</given-names></name><name name-style="western" xml:lang="en"><surname>Odarchenko</surname><given-names>R. S.</given-names></name></name-alternatives><bio xml:lang="ru"><p>профессор</p><p>г. Киев</p></bio><bio xml:lang="en"><p>Professor</p><p>Kyiv</p></bio><email xlink:type="simple">odarchenko.r.s@ukr.net</email><xref ref-type="aff" rid="aff-3"/></contrib><contrib contrib-type="author" corresp="yes"><contrib-id contrib-id-type="orcid">https://orcid.org/0000-0002-9326-9476</contrib-id><name-alternatives><name name-style="eastern" xml:lang="ru"><surname>Тынымбаев</surname><given-names>С.</given-names></name><name name-style="western" xml:lang="en"><surname>Tynymbayev</surname><given-names>S.</given-names></name></name-alternatives><bio xml:lang="ru"><p>профессор</p><p>г. Алматы</p></bio><bio xml:lang="en"><p>Professor</p><p>Almaty</p></bio><email xlink:type="simple">s.tynym@mail.ru</email><xref ref-type="aff" rid="aff-4"/></contrib></contrib-group><aff-alternatives id="aff-1"><aff xml:lang="ru">Казахстанско-Британский технический университет<country>Казахстан</country></aff><aff xml:lang="en">Kazakh-British Technical University<country>Kazakhstan</country></aff></aff-alternatives><aff-alternatives id="aff-2"><aff xml:lang="ru">Алматинский университет энергетики и связи<country>Казахстан</country></aff><aff xml:lang="en">Almaty University of Power Engineering and Telecommunications<country>Kazakhstan</country></aff></aff-alternatives><aff-alternatives id="aff-3"><aff xml:lang="ru">Государственный университет «Киевский авиационный институт»<country>Украина</country></aff><aff xml:lang="en">State University «Kyiv Aviation Institute»,<country>Ukraine</country></aff></aff-alternatives><aff-alternatives id="aff-4"><aff xml:lang="ru">Международный университет информационных технологий<country>Казахстан</country></aff><aff xml:lang="en">International Information Technology University<country>Kazakhstan</country></aff></aff-alternatives><pub-date pub-type="collection"><year>2026</year></pub-date><pub-date pub-type="epub"><day>29</day><month>03</month><year>2026</year></pub-date><volume>23</volume><issue>1</issue><fpage>197</fpage><lpage>208</lpage><permissions><copyright-statement>Copyright &amp;#x00A9; Иманбаев А.Ж., Бердибаев Р.Ш., Одарченко Р.С., Тынымбаев С., 2026</copyright-statement><copyright-year>2026</copyright-year><copyright-holder xml:lang="ru">Иманбаев А.Ж., Бердибаев Р.Ш., Одарченко Р.С., Тынымбаев С.</copyright-holder><copyright-holder xml:lang="en">Imanbayev A.Z., Berdibayev R.S., Odarchenko R.S., Tynymbayev S.</copyright-holder><license xml:lang="ru" license-type="creative-commons-attribution" xlink:href="https://creativecommons.org/licenses/by/4.0/" xlink:type="simple"><license-p>Данная работа распространяется под лицензией Creative Commons Attribution 4.0.</license-p></license><license xml:lang="en" license-type="creative-commons-attribution" xlink:href="https://creativecommons.org/licenses/by/4.0/" xlink:type="simple"><license-p>This work is licensed under a Creative Commons Attribution 4.0 License.</license-p></license></permissions><self-uri xlink:href="https://vestnik.kbtu.edu.kz/jour/article/view/2513">https://vestnik.kbtu.edu.kz/jour/article/view/2513</self-uri><abstract><p>Развитие технологий 5G и предстоящее внедрение сетей 6G приводят к существенному усложнению архитектуры мобильных систем за счет сервисно ориентированной архитектуры, сетевого слайсинга, виртуализации и распределенных cloud-native функций. Эти изменения повышают масштабируемость и гибкость, но одновременно увеличивают атакуемую поверхность и формируют новые типы уязвимостей. Традиционные методы тестирования на проникновение не соответствуют таким динамичным и виртуализированным средам, поскольку полагаются на статические процедуры и ручные действия, не успевающие за изменениями сетевой инфраструктуры. В то же время системы обнаружения вторжений (IDS), основанные на машинном обучении, способны выявлять аномалии и неизвестные угрозы, но остаются отделенными от процессов тестирования на проникновение. В работе представлен интеллектуальный гибридный метод автоматизированного тестирования на проникновение в сетях 5G и будущих поколений. Подход объединяет IDS, основанную на инкрементальном обучении, автоэнкодерах и GAN-моделях, с модулем оптимизации атак на основе алгоритма дифференциальной эволюции (DE). Вместо генетического алгоритма используется DE благодаря высокой скорости сходимости, устойчивости к локальным минимумам и пригодности для оптимизации высокоразмерных представлений стратегий атак. Эксперименты на тестовой платформе 5G Standalone, реализованной с использованием OpenAirInterface, показали, что DE повышает эффективность идентификации уязвимостей и формирует оптимальные многоэтапные стратегии атак. Эти результаты показывают, что оптимизация на основе DE обеспечивает масштабируемую, адаптивную и эффективную основу для непрерывной оценки безопасности мобильных сетей следующего поколения.</p></abstract><trans-abstract xml:lang="en"><p>The evolution of 5G and the anticipated introduction of 6G technologies significantly increases network complexity through service-based architecture, network slicing, virtualization and distributed cloud-native functions. These advancements improve scalability and flexibility but simultaneously expand the attack surface and introduce novel vulnerabilities. Traditional penetration testing methodologies are not suitable for such dynamic and virtualized environments because they rely on static procedures and manual testing that cannot match the speed and structural variability of modern mobile networks. In parallel, machine learning–based intrusion detection systems (IDS) demonstrate strong capabilities in detecting anomalous and zero-day behaviors but operate independently from penetration testing processes. This paper presents an intelligent hybrid method for automated penetration testing in 5G and beyond networks, integrating a machine-learning intrusion detection system based on incremental learning, autoencoders and generative adversarial networks (GANs) – with an attack optimization module driven by the Differential Evolution (DE) algorithm. Instead of a genetic algorithm, DE is employed due to its fast convergence, robustness to local minima, and suitability for optimizing high-dimensional representations of attack strategies. An experimental evaluation on a real OpenAirInterface-based 5G Standalone testbed demonstrates that the DEdriven approach improves vulnerability identification efficiency, produces optimal multi-stage attack strategies, and enables realistic automated penetration scenarios. These results indicate that DE-based optimization provides a scalable, adaptive and efficient foundation for continuous security assessment of next-generation mobile networks.</p></trans-abstract><kwd-group xml:lang="ru"><kwd>безопасность 5G</kwd><kwd>система обнаружения вторжений</kwd><kwd>дифференциальная эволюция</kwd><kwd>автоматизированное тестирование на проникновение</kwd><kwd>граф атак</kwd></kwd-group><kwd-group xml:lang="en"><kwd>5G security</kwd><kwd>intrusion detection system</kwd><kwd>Differential Evolution</kwd><kwd>automated penetration testing</kwd><kwd>attack graph</kwd></kwd-group><funding-group xml:lang="en"><funding-statement>This research was funded by the Science Committee of the Ministry of Science and Higher Education of the Republic of Kazakhstan (Grant No. AP26199941).</funding-statement></funding-group></article-meta></front><back><ref-list><title>References</title><ref id="cit1"><label>1</label><citation-alternatives><mixed-citation xml:lang="ru">3GPP. System Architecture for the 5G System (5GS). 3GPP TS 23.501, Release 19 (2025).</mixed-citation><mixed-citation xml:lang="en">3GPP. System Architecture for the 5G System (5GS). 3GPP TS 23.501, Release 19 (2025).</mixed-citation></citation-alternatives></ref><ref id="cit2"><label>2</label><citation-alternatives><mixed-citation xml:lang="ru">3GPP. Security Architecture and Procedures for 5G System. 3GPP TS 33.501, Release 19 (2025).</mixed-citation><mixed-citation xml:lang="en">3GPP. Security Architecture and Procedures for 5G System. 3GPP TS 33.501, Release 19 (2025).</mixed-citation></citation-alternatives></ref><ref id="cit3"><label>3</label><citation-alternatives><mixed-citation xml:lang="ru">3GPP. Management and Orchestration: Concepts, Use Cases and Architecture. 3GPP TS 28.530, Release 19 (2025).</mixed-citation><mixed-citation xml:lang="en">3GPP. Management and Orchestration: Concepts, Use Cases and Architecture. 3GPP TS 28.530, Release 19 (2025).</mixed-citation></citation-alternatives></ref><ref id="cit4"><label>4</label><citation-alternatives><mixed-citation xml:lang="ru">Singh, A., Juneja, D., Singh, J., and Aggarwal, S. Security Technologies for 6G Mobile Systems and Challenges Associated with AI Technologies. Lecture Notes in Electrical Engineering, 1444, 1–13 (2026). https://doi.org/10.1007/978-981-96-8283-6_1</mixed-citation><mixed-citation xml:lang="en">Singh, A., Juneja, D., Singh, J., and Aggarwal, S. Security Technologies for 6G Mobile Systems and Challenges Associated with AI Technologies. Lecture Notes in Electrical Engineering, 1444, 1–13 (2026). https://doi.org/10.1007/978-981-96-8283-6_1</mixed-citation></citation-alternatives></ref><ref id="cit5"><label>5</label><citation-alternatives><mixed-citation xml:lang="ru">Albrecht, M.R., and Jensen, R.B. The Vacuity of the Open Source Security Testing Methodology Manual. Lecture Notes in Computer Science, 12529, 114–147 (2020). https://doi.org/10.1007/978-3-030-64357-7_6</mixed-citation><mixed-citation xml:lang="en">Albrecht, M.R., and Jensen, R.B. The Vacuity of the Open Source Security Testing Methodology Manual. Lecture Notes in Computer Science, 12529, 114–147 (2020). https://doi.org/10.1007/978-3-030-64357-7_6</mixed-citation></citation-alternatives></ref><ref id="cit6"><label>6</label><citation-alternatives><mixed-citation xml:lang="ru">Lidanta, F.Z., Almaarif, A., and Budiyono, A. Vulnerability Analysis of Wireless LAN Networks Using Penetration Testing Execution Standard: A Case Study of Cafes in Palembang. Proceedings of the 2021 International Conference on ICT for Smart Society (ICISS), 1–5 (2021). https://doi.org/10.1109/ICISS53185.2021.9533216</mixed-citation><mixed-citation xml:lang="en">Lidanta, F.Z., Almaarif, A., and Budiyono, A. Vulnerability Analysis of Wireless LAN Networks Using Penetration Testing Execution Standard: A Case Study of Cafes in Palembang. Proceedings of the 2021 International Conference on ICT for Smart Society (ICISS), 1–5 (2021). https://doi.org/10.1109/ICISS53185.2021.9533216</mixed-citation></citation-alternatives></ref><ref id="cit7"><label>7</label><citation-alternatives><mixed-citation xml:lang="ru">Scarfone, K., Souppaya, M., Cody, A., and Orebaugh, A. Technical Guide to Information Security Testing and Assessment. NIST Special Publication 800-115 (2008). https://doi.org/10.6028/NIST.SP.800-115</mixed-citation><mixed-citation xml:lang="en">Scarfone, K., Souppaya, M., Cody, A., and Orebaugh, A. Technical Guide to Information Security Testing and Assessment. NIST Special Publication 800-115 (2008). https://doi.org/10.6028/NIST.SP.800-115</mixed-citation></citation-alternatives></ref><ref id="cit8"><label>8</label><citation-alternatives><mixed-citation xml:lang="ru">OWASP Foundation. OWASP Web Security Testing Guide v4 (2021). https://owasp.org/www-projectweb-security-testing-guide/v41/</mixed-citation><mixed-citation xml:lang="en">OWASP Foundation. OWASP Web Security Testing Guide v4 (2021). https://owasp.org/www-projectweb-security-testing-guide/v41/</mixed-citation></citation-alternatives></ref><ref id="cit9"><label>9</label><citation-alternatives><mixed-citation xml:lang="ru">Harvanek, M., Bolcek, J., Kufa, J., Polak, L., Simka, M., and Marsalek, R. Survey on 5G Physical Layer Security Threats and Countermeasures. Sensors, 24, 5523 (2024). https://doi.org/10.3390/s24175523</mixed-citation><mixed-citation xml:lang="en">Harvanek, M., Bolcek, J., Kufa, J., Polak, L., Simka, M., and Marsalek, R. Survey on 5G Physical Layer Security Threats and Countermeasures. Sensors, 24, 5523 (2024). https://doi.org/10.3390/s24175523</mixed-citation></citation-alternatives></ref><ref id="cit10"><label>10</label><citation-alternatives><mixed-citation xml:lang="ru">Imanbayev, A., Tynymbayev, S., Odarchenko, R., Gnatyuk, S., Berdibayev, R., Baikenov, A., and Kaniyeva, N. Research of Machine Learning Algorithms for the Development of Intrusion Detection Systems in 5G Mobile Networks and Beyond. Sensors, 22 (24), 9957 (2022). https://doi.org/10.3390/s22249957</mixed-citation><mixed-citation xml:lang="en">Imanbayev, A., Tynymbayev, S., Odarchenko, R., Gnatyuk, S., Berdibayev, R., Baikenov, A., and Kaniyeva, N. Research of Machine Learning Algorithms for the Development of Intrusion Detection Systems in 5G Mobile Networks and Beyond. Sensors, 22 (24), 9957 (2022). https://doi.org/10.3390/s22249957</mixed-citation></citation-alternatives></ref><ref id="cit11"><label>11</label><citation-alternatives><mixed-citation xml:lang="ru">Pinchuk, A., Odarchenko, R., Samoilenko, V., and Imanbayev, A. 5G Network Deployment Based on Open-source Projects: A Comparative Analysis. Proceedings of the IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems (IDAACS), 596–601 (2023). https://doi.org/10.1109/IDAACS58523.2023.10348675</mixed-citation><mixed-citation xml:lang="en">Pinchuk, A., Odarchenko, R., Samoilenko, V., and Imanbayev, A. 5G Network Deployment Based on Open-source Projects: A Comparative Analysis. Proceedings of the IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems (IDAACS), 596–601 (2023). https://doi.org/10.1109/IDAACS58523.2023.10348675</mixed-citation></citation-alternatives></ref><ref id="cit12"><label>12</label><citation-alternatives><mixed-citation xml:lang="ru">Storn, R., and Price, K. Differential Evolution – A Simple and Efficient Heuristic for Global Optimization over Continuous Spaces. Journal of Global Optimization, 11, 341–359 (1997). https://doi.org/10.1023/A:1008202821328</mixed-citation><mixed-citation xml:lang="en">Storn, R., and Price, K. Differential Evolution – A Simple and Efficient Heuristic for Global Optimization over Continuous Spaces. Journal of Global Optimization, 11, 341–359 (1997). https://doi.org/10.1023/A:1008202821328</mixed-citation></citation-alternatives></ref><ref id="cit13"><label>13</label><citation-alternatives><mixed-citation xml:lang="ru">Almutairi, M.S. Deep Learning-Based Solutions for 5G Network and 5G-Enabled Internet of Vehicles: Advances, Meta-Data Analysis, and Future Direction. Mathematical Problems in Engineering, Article ID 6855435 (2022). https://doi.org/10.1155/2022/6855435</mixed-citation><mixed-citation xml:lang="en">Almutairi, M.S. Deep Learning-Based Solutions for 5G Network and 5G-Enabled Internet of Vehicles: Advances, Meta-Data Analysis, and Future Direction. Mathematical Problems in Engineering, Article ID 6855435 (2022). https://doi.org/10.1155/2022/6855435</mixed-citation></citation-alternatives></ref><ref id="cit14"><label>14</label><citation-alternatives><mixed-citation xml:lang="ru">Dai, W., Zhou, J., Ye, C., and Xu, G. Automated Penetration Testing System Based on PTES and ATT&amp;CK. Communications in Computer and Information Science, 2594, 433–444 (2026). https://doi.org/10.1007/978-981-95-1340-6_35</mixed-citation><mixed-citation xml:lang="en">Dai, W., Zhou, J., Ye, C., and Xu, G. Automated Penetration Testing System Based on PTES and ATT&amp;CK. Communications in Computer and Information Science, 2594, 433–444 (2026). https://doi.org/10.1007/978-981-95-1340-6_35</mixed-citation></citation-alternatives></ref><ref id="cit15"><label>15</label><citation-alternatives><mixed-citation xml:lang="ru">Odarchenko, R., Iavich, M., and Pinchuk, A. Development of a Method for Automated 5G and Beyond Network Slices Penetration Testing. Radioelectronic and Computer Systems, 1 (113), 248–263 (2025). https:// doi.org/10.32620/reks.2025.1.17</mixed-citation><mixed-citation xml:lang="en">Odarchenko, R., Iavich, M., and Pinchuk, A. Development of a Method for Automated 5G and Beyond Network Slices Penetration Testing. Radioelectronic and Computer Systems, 1 (113), 248–263 (2025). https:// doi.org/10.32620/reks.2025.1.17</mixed-citation></citation-alternatives></ref><ref id="cit16"><label>16</label><citation-alternatives><mixed-citation xml:lang="ru">Allaw, Z., Zein, O., and Ahmad, A.-M. Cross-Layer Security for 5G/6G Network Slices: An SDN, NFV, and AI-Based Hybrid Framework. Sensors, 25 (11), 3335 (2025). https://doi.org/10.3390/s25113335</mixed-citation><mixed-citation xml:lang="en">Allaw, Z., Zein, O., and Ahmad, A.-M. Cross-Layer Security for 5G/6G Network Slices: An SDN, NFV, and AI-Based Hybrid Framework. Sensors, 25 (11), 3335 (2025). https://doi.org/10.3390/s25113335</mixed-citation></citation-alternatives></ref><ref id="cit17"><label>17</label><citation-alternatives><mixed-citation xml:lang="ru">Eltaeib, T., and Mahmood, A. Differential Evolution: A Survey and Analysis. Applied Sciences, 8 (10), 1945 (2018). https://doi.org/10.3390/app8101945</mixed-citation><mixed-citation xml:lang="en">Eltaeib, T., and Mahmood, A. Differential Evolution: A Survey and Analysis. Applied Sciences, 8 (10), 1945 (2018). https://doi.org/10.3390/app8101945</mixed-citation></citation-alternatives></ref><ref id="cit18"><label>18</label><citation-alternatives><mixed-citation xml:lang="ru">Noor, K., Imoize, A.L., Li, C.-T., and Weng, C.-Y. A Review of Machine Learning and Transfer Learning Strategies for Intrusion Detection Systems in 5G and Beyond. Mathematics, 13 (7), 1088 (2025). https://doi.org/10.3390/math13071088</mixed-citation><mixed-citation xml:lang="en">Noor, K., Imoize, A.L., Li, C.-T., and Weng, C.-Y. A Review of Machine Learning and Transfer Learning Strategies for Intrusion Detection Systems in 5G and Beyond. Mathematics, 13 (7), 1088 (2025). https://doi.org/10.3390/math13071088</mixed-citation></citation-alternatives></ref></ref-list><fn-group><fn fn-type="conflict"><p>The authors declare that there are no conflicts of interest present.</p></fn></fn-group></back></article>
