This study addresses the challenge of AI-driven information manipulation, which systematically undermines public trust, attention, and decision-making through coordinated social network attacks. Existing defenses struggle with an imbalance between event-level detection and strategic attribution, limiting their effectiveness. To bridge this gap, the authors propose a SOCMINT framework centered on Information Manipulation Sets (IMS)—an intermediate analytical unit that conceptualizes manipulation as a coherent process integrating narratives, accounts, infrastructure, and cognitive objectives. The framework employs signal detection, IMS hypothesis generation, structured uncertainty reasoning, cross-platform behavioral modeling, and tabletop exercise evaluation to uncover manipulation patterns often missed by conventional methods, enabling auditable and proportionate mitigation decisions. Experimental validation demonstrates that IMS significantly enhances manipulation detection capabilities and introduces a novel paradigm for confidence calibration and decision-quality assessment in risk governance.

AI-mediated information manipulation increasingly takes the form of social cyber attacks that target trust, attention, credibility, reputation, and decision-making rather than only technical infrastructures or isolated false contents. Existing defensive approaches often oscillate between incident-level analysis, which fragments campaigns into weak signals, and attribution-first analysis, which may delay mitigation until responsibility is established. This paper proposes a SOCMINT framework based on Information Manipulation Sets (IMS) as an intermediate operational unit between individual incidents and strategic attribution. Building on the VIGINUM/EEAS use of IMS in counter-FIMI analysis, the framework treats manipulation as a coherent process involving narratives, accounts, infrastructures, temporal patterns, cross-platform migration, synthetic amplification, and cognitive targeting. The proposed pipeline moves from signal detection and diagnostic triage to IMS hypothesis construction, confidence/severity assessment, mitigation selection, and iterative update. A compact scenario illustrates how IMS-based analysis captures what content-level and attribution-first approaches miss. The paper also proposes a tabletop evaluation protocol to assess decision quality, confidence calibration, and mitigation proportionality. The main implication is that human-centred risk mitigation requires not only better detection, but also structured reasoning under uncertainty, auditable decision-making, and safeguards against over-securitising legitimate dissent.