There is a newer version of the record available.

Published April 16, 2026 | Version v1.0

Secure Prompt Engineering: A Practical Framework for Mitigating Prompt Injection and Data Leakage in LLM-based Systems

  • 1. Anhanguera Educacional, Brazil

Description

This paper proposes and empirically evaluates the Secure Prompt Engineering Framework (SPEF), a four-layer defensive architecture for mitigating prompt injection and sensitive data leakage in Large Language Model (LLM)-based systems.

The framework operates entirely at the application layer and requires no access to model weights or training pipelines. A controlled experiment was conducted using Llama-3.3-70B via Groq API with 85 adversarial test cases across six attack categories.

Results show that SPEF reduced the Attack Success Rate (ASR) from 17.6% to 2.4%, representing an 86.4% relative reduction.

The study also contributes a methodological discussion on scorer validity in adversarial LLM evaluation and provides all artifacts as open-source resources.

GitHub Repository:
https://github.com/gugacyber/spef_experiment

Files

Viana_SPEF_Framework_LLM_Security.pdf

Files (301.6 kB)

Name Size Download all
md5:9d4c6a21b8305fc44346521fe786dbe6
301.6 kB Preview Download

Additional details

Software

Repository URL
https://github.com/gugacyber/spef_experiment
Programming language
Python
Development Status
Active