Search Icon
Register

Cognitive Threat Detection for SOC Operations: Automating Manipulation Tactic Analysis in Election Security

Keerthana Madhavan (School of Computer Science, University of Guelph, Canada), Luiza Antonie (School of Computer Science; CARE-AI, University of Guelph, Canada), Stacey D. Scott, School of Computer Science; CARE-AI, University of Guelph, Canada)

Election security Security Operations Centers (SOCs) face an expanding mandate: beyond traditional network defense, they must now detect cognitive threats, content that manipulates audiences through psychological tactics rather than explicit falsehoods. Existing tools provide binary labels without explaining how manipulation occurs, limiting triage and response. We present E-MANTRA, a Large Language Model (LLM)-based framework that integrates agentic Artificial Intelligence (AI) into SOC workflows by identifying six manipulation tactics (emotional manipulation, conspiracy framing, discrediting, trolling, impersonation, polarization) with explainable classifications. Evaluated on 900 election-related samples, E-MANTRA attains 54.2% triage accuracy and an estimated 57% workload reduction under confidence-based decision-making. Results confirm exploitable model specialization: Llama-3 70B excels at conspiracy detection (F1=0.71), GPT-3.5 at emotional manipulation (F1=0.66), Mistral- Small at discrediting (F1=0.63). Category-aware routing improves accuracy by 2.4 percentage points over the best single model at $0.005 per classification. We provide a practitioner-oriented deployment checklist, cost models, and Security Information and Event Management (SIEM)/Security Orchestration, Automation, and Response (SOAR) integration guidelines to support operational adoption in election security SOCs.

Paper

View More Papers

Cache Me, Catch You: Cache Related Security Threats in...

XiangFan Wu (Ocean University of China; QI-ANXIN Technology Research Institute), Lingyun Ying (QI-ANXIN Technology Research Institute), Guoqiang Chen (QI-ANXIN Technology Research Institute), Yacong Gu (Tsinghua University; Tsinghua University-QI-ANXIN Group JCNS), Haipeng Qu (Department of Computer Science and Technology, Ocean University of China)

Read More

A Temporal Paradox in Software Vulnerability Prioritization: Why Do...

Osama Al Haddad (Macquarie University, Sydney, Australia), Muhammad Ikram (Macquarie University, Sydney, Australia), Young Choon Lee (Macquarie University, Sydney, Australia), Muhammad Ejaz Ahmed (Data61 CSIRO, Sydney, Australia)

Read More

BPA-X: An Architecture-Agnostic Block-Based Points-to Analysis for Stripped Binaries

Bokai Zhang, Monika Santra, Syed Rafiul Hussain, Gang Tan (Pennsylvania State University)

Read More