Securing Educational LLMs: A Generalised Taxonomy of Attacks on LLMs and DREAD Risk Assessment

TL;DR

This paper presents a comprehensive taxonomy of 50 attacks on Large Language Models (LLMs) used in education and assesses their risks using the DREAD framework, aiming to enhance cybersecurity resilience in educational settings.

Contribution

It introduces a generalized taxonomy of attacks on educational LLMs and applies DREAD risk assessment to identify critical vulnerabilities specific to the educational sector.

Findings

Token smuggling and adversarial prompts are high-risk attacks.

Multi-step jailbreak poses significant security threats.

The taxonomy aids in developing resilient educational LLM solutions.

Abstract

Due to perceptions of efficiency and significant productivity gains, various organisations, including in education, are adopting Large Language Models (LLMs) into their workflows. Educator-facing, learner-facing, and institution-facing LLMs, collectively, Educational Large Language Models (eLLMs), complement and enhance the effectiveness of teaching, learning, and academic operations. However, their integration into an educational setting raises significant cybersecurity concerns. A comprehensive landscape of contemporary attacks on LLMs and their impact on the educational environment is missing. This study presents a generalised taxonomy of fifty attacks on LLMs, which are categorized as attacks targeting either models or their infrastructure. The severity of these attacks is evaluated in the educational sector using the DREAD risk assessment framework. Our risk assessment indicates that token smuggling, adversarial prompts, direct injection, and multi-step jailbreak are critical attacks on eLLMs. The proposed taxonomy, its application in the educational environment, and our risk assessment will help academic and industrial practitioners to build resilient solutions that protect learners and institutions.