DOAJ Open Access 2024

A Security Risk Taxonomy for Prompt-Based Interaction With Large Language Models

Erik Derner Kristina Batistic Jan Zahalka Robert Babuska

Abstrak

As large language models (LLMs) permeate more and more applications, an assessment of their associated security risks becomes increasingly necessary. The potential for exploitation by malicious actors, ranging from disinformation to data breaches and reputation damage, is substantial. This paper addresses a gap in current research by specifically focusing on security risks posed by LLMs within the prompt-based interaction scheme, which extends beyond the widely covered ethical and societal implications. Our work proposes a taxonomy of security risks along the user-model communication pipeline and categorizes the attacks by target and attack type alongside the commonly used confidentiality, integrity, and availability (CIA) triad. The taxonomy is reinforced with specific attack examples to showcase the real-world impact of these risks. Through this taxonomy, we aim to inform the development of robust and secure LLM applications, enhancing their safety and trustworthiness.

Topik & Kata Kunci

Electrical engineering. Electronics. Nuclear engineering

Penulis (4)

Erik Derner

Kristina Batistic

Jan Zahalka

Robert Babuska

Format Sitasi

APA MLA BibTeX

Derner, E., Batistic, K., Zahalka, J., Babuska, R. (2024). A Security Risk Taxonomy for Prompt-Based Interaction With Large Language Models. https://doi.org/10.1109/ACCESS.2024.3450388

Akses Cepat

PDF tidak tersedia langsung

Cek di sumber asli →

Lihat di Sumber doi.org/10.1109/ACCESS.2024.3450388

Informasi Jurnal

Tahun Terbit: 2024
Sumber Database: DOAJ
DOI: 10.1109/ACCESS.2024.3450388
Akses: Open Access ✓