Training Against Human and Generative-AI Social Engineering Attacks with Cognitive Models
preprint
OA: closed
Abstract
Social engineering attacks are commonly used by cybercriminals to gain valuable and sensitive data. Although the concern of attackers using AI-generated content is serious, training against social engineering attacks is typically based on simple human-designed emails. Our research introduces an experimental paradigm to determine whether there is a difference in the detection of human-generated and AI-generated emails. The behavioral results show that emails written by humans and stylized by Generative-AI models are more challenging for end-users. Alongside this novel experiment, we propose a cognitive model that can be used to predict end-user behavior during training, with the potential to improve the quality of examples used during training and the training feedback. Overall, the contributions of this work are, first, the outline of some limitations to current social engineering training methods and, second, pinpointing a potential solution to these limitations through the use of a cognitive model to improve learning outcomes.
My notes (saved in your browser only)
Citation neighborhood (no data yet)
We don't have any in-corpus citations linked to this paper yet. This is a recent paper (2024) — citers typically take a year or two to land, and the OpenAlex reference graph may still be filling in.
Source provenance
- europepmc
- last seen: 2026-05-20T01:45:00.602351+00:00