Goal-Driven Risk Assessment for LLM-Powered Systems: A Healthcare Case Study
Neha Nagaraja, Hayretdin Bahsi
TL;DR
This paper introduces a goal-driven risk assessment method using attack trees for LLM-powered healthcare systems, addressing security challenges and enhancing secure-by-design practices.
Contribution
It presents a structured approach to threat modeling with detailed attack vectors, attack paths, and contextualization for LLM-based systems, demonstrated through a healthcare case study.
Findings
Harmonizes state-of-the-art LLM attacks with traditional threats
Identifies detailed attack paths and vectors for healthcare LLM systems
Enhances risk prioritization through structured threat assessment
Abstract
While incorporating LLMs into systems offers significant benefits in critical application areas such as healthcare, new security challenges emerge due to the potential cyber kill chain cycles that combine adversarial model, prompt injection and conventional cyber attacks. Threat modeling methods enable the system designers to identify potential cyber threats and the relevant mitigations during the early stages of development. Although the cyber security community has extensive experience in applying these methods to software-based systems, the elicited threats are usually abstract and vague, limiting their effectiveness for conducting proper likelihood and impact assessments for risk prioritization, especially in complex systems with novel attacks surfaces, such as those involving LLMs. In this study, we propose a structured, goal driven risk assessment approach that contextualizes the…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsInformation and Cyber Security · Smart Grid Security and Resilience · Access Control and Trust