The dissertation solves the current scientific and applied problem of increasing the resistance to social engineering attacks of distributed computer systems by developing methods and means of synthesizing RCS resistant to social engineering attacks.
The object of the study is the process of synthesizing distributed computer systems resistant to social engineering attacks.
The subject of the study is models, methods and means of synthesizing distributed computer systems resistant to social engineering attacks.
The purpose of the dissertation research is to increase the resistance to social engineering attacks of distributed computer systems by developing methods and means of synthesizing RCS resistant to social engineering attacks, which comprehensively ensure the reliability of attack detection, adaptability, scalability, survivability and efficiency of collective decision-making of RCS nodes.
In the dissertation work, a method for ensuring the scalability of the RCS architecture, resistant to social engineering attacks, was developed for the first time, which, unlike known approaches, combines the principles of dynamic decomposition, multi-agent interaction and adaptive resource redistribution taking into account the behavioral characteristics of users and threats, which makes it possible to ensure the controlled scalability of the distributed system without reducing the level of security, to increase its survivability under conditions of an increase in the number of distributed CS nodes and the intensity of social engineering attacks.
In the dissertation work, a method for comprehensively assessing the resistance of RCS to social engineering attacks was developed for the first time, which, unlike known methods, is based on a multidimensional system of formalized criteria for adaptability, scalability, survivability and reliability of detection, which allowed obtaining a single universal metric for assessing the resistance of RCS to social engineering attacks.
In the dissertation work, the architecture of a distributed computer system resistant to social engineering attacks was further developed, which, unlike the known ones, is based on a hierarchical multi-agent basis with the use of reinforcement learning, entropy-oriented reward functions, a priori knowledge in the form of a knowledge graph, and modal-specific service agents, which allows adaptively reducing uncertainty in the process of detecting attacks, reducing the number of dialog steps, and increasing the accuracy of detecting and classifying social engineering attacks.
The dissertation also improves the method for detecting social engineering cyberattacks in distributed computer systems based on a unique linguistic identifier of the formulation, which, unlike known approaches, is based on the formation of a specialized set of unique language identifiers, their preliminary linguistic normalization, expert labeling and the application of the k-nearest neighbors method with subsequent adaptive tuning of hyperparameters and trust thresholds, which makes it possible to increase the accuracy and stability of detecting social engineering attacks, reduce the number of false positives, ensure early response and integration of the results into the protection circuits of a distributed computer system.
The practical value of the results obtained lies in the implementation of all theoretical provisions presented in the dissertation research into applied solutions and the possibility of their direct implementation and use in enterprises. Based on the results of the research, the applicant implemented a distributed computer system that is resistant to social engineering attacks. The practical value of the work lies in the possibility of using the obtained results to develop corporate security policies, build simulation simulators to study user interaction with social engineering attacks, create intelligent agents for cyber defense and optimize distributed systems architectures taking into account risks. The proposed methods can be applied in the banking, telecommunications, energy and government sectors, where it is critically important to ensure the resilience of systems to complex behavioral threats.
The results of the dissertation work have been implemented in: PP "AVIVI" (implementation act dated 08.01.2025); LLC "GM HOST" (implementation act dated 30.12.2025); in the educational process of Khmelnytskyi National University (implementation act dated 30.09.2025); when implementing the state budget theme of Khmelnytskyi National University "System for detecting malware and computer attacks in corporate networks using false attack objects and traps" (state research project No. 0124U000980).
