Quantifying the Irreducible: A Systematic Survey of Adversarial Jailbreak Vectors, Red Team Methodologies, and Enterprise Threat Exposure in Large Language Model Deployments

This paper presents a systematic survey of adversarial jailbreak attacks against large language models (LLMs), covering 65 peer-reviewed publications from 2022 to 2025 across NeurIPS, ICML, ICLR, USENIX Security, ACM CCS, and EMNLP. We introduce the Enterprise Threat Exposure Model (ETEM), a risk quantification framework comprising three indices: the Adversarial Penetration Index (API), Defense Residual Vulnerability Score (DRVS), and Regulatory Exposure Quotient (REQ). A five-dimensional taxonomy classifies 23 distinct attack methodologies. Cross-model vulnerability analysis covers six model families including Claude, GPT-4, Gemini, LLaMA, DeepSeek, and Mistral. Emergent threats from agentic architectures, MCP tooling exploitation, and chain-of-thought hijacking in reasoning models are examined. A prescriptive five-layer defense-in-depth architecture and seven open research challenges are identified.