Secure Prompt Engineering: A Practical Framework for Mitigating Prompt Injection and Data Leakage in LLM-based Systems
Description
This paper proposes and empirically evaluates the Secure Prompt Engineering Framework (SPEF), a four-layer defensive architecture for mitigating prompt injection and sensitive data leakage in Large Language Model (LLM)-based systems.
The framework operates entirely at the application layer and requires no access to model weights or training pipelines. A controlled experiment was conducted using Llama-3.3-70B via Groq API with 85 adversarial test cases across six attack categories.
Results show that SPEF reduced the Attack Success Rate (ASR) from 17.6% to 2.4%, representing an 86.4% relative reduction.
The study also contributes a methodological discussion on scorer validity in adversarial LLM evaluation and provides all artifacts as open-source resources.
GitHub Repository:
https://github.com/gugacyber/spef_experiment
Files
Viana_SPEF_Framework_LLM_Security.pdf
Files
(301.6 kB)
| Name | Size | Download all |
|---|---|---|
|
md5:9d4c6a21b8305fc44346521fe786dbe6
|
301.6 kB | Preview Download |
Additional details
Software
- Repository URL
- https://github.com/gugacyber/spef_experiment
- Programming language
- Python
- Development Status
- Active