Agentic AI-Driven Social Engineering: An Elicitation Simulation for Cybersecurity Education

Authors

  • Audrey Fruean Northeastern University
  • Rose Zhao Northeastern University
  • Joshua Goldberg Northeastern University
  • Emily Flores Northeastern University
  • Ella Zou Northeastern University
  • Emma Trowbridge Northeastern University
  • Hsiao An Wang Northeastern University

DOI:

https://doi.org/10.34190/iccws.21.1.4396

Keywords:

Cybersecurity Awareness, Cybersecurity, Social Engineering, Human Behaviors

Abstract

The Elicitation Simulation is an interactive cybersecurity training tool designed to model social and prompt engineering through realistic conversational scenarios. Users engage with three AI “characters” and attempt to extract sensitive information, governed by a Trust Flag System that assigns sensitivity rankings (Level 1–10) to personal data, from easily disclosed facts, such as family names, to highly confidential details such as SSNs or credit card numbers. Sessions are orchestrated through n8n, which manages conversational flow and memory buffers to maintain user-specific context, while Pinecone stores vectorized scenario data for context retrieval. Each AI character dynamically adjusts its trust level based on the user’s prior interactions, which determines whether it will disclose sensitive information to the user. The simulation challenges users to employ subtle elicitation techniques such as indirect questioning, framing, and rapport-building while avoiding overt or coercive tactics that trigger conversational shutdowns. By mirroring authentic social engineering behavior, the tool cultivates strategic communication skills essential for understanding and defending against real-world elicitation and social engineering attacks.

Author Biographies

Audrey Fruean, Northeastern University

Audrey Fruean is a second-year Cybersecurity and Economics student at Northeastern University with a passion for AI research. She is currently working as a Teaching Assistant for a foundational cybersecurity course and a beta tester for cybersecurity education courses.

Rose Zhao, Northeastern University

Ruoyu Zhao, a computer science student at Northeastern University concentrating in AI, has experience in systems, algorithms, and the development of AI tools, including retrieval-augmented generation (RAG). She has a passion for writing reliable software and for overcoming challenging technical issues in the real world.

Joshua Goldberg, Northeastern University

Joshua Goldberg is a third-year student studying at Northeastern University. He is interested in cybersecurity, specifically how large language models (LLMs) can be integrated into educational settings in meaningful ways. He is also interested in the intersection of programming languages and cybersecurity through cryptography.

Ella Zou, Northeastern University

My name is Zixuan Zou. I’m a second-year Computer Science student at Northeastern University. With the internet taking decades to spread and AI achieving similar impact in just a few years, I’m fascinated by how quickly technology evolves and excited to see how AI reshapes our world.

Emma Trowbridge, Northeastern University

Emma is a senior at Northeastern University studying cybersecurity and criminal justice. With a technical background in cybersecurity and a strong foundation in criminology, she is particularly interested in how cyber threats intersect with criminal behavior, fraud, and social engineering. She aims to bring justice-informed perspectives into the cybersecurity practice.

Downloads

Published

19-02-2026

Issue

Vol. 21 No. 1 (2026): Proceedings of the 21st International Conference on Cyber Warfare and Security (ICCWS 2026)

Section

Academic Papers

License

Copyright (c) 2026 Audrey Fruean, Rose Zhao, Joshua Goldberg, Emily Flores, Ella Zou, Emma Trowbridge, Hsiao An Wang

Creative Commons License

This work is licensed under a Creative Commons Attribution-NoDerivatives 4.0 International License.