InjectLab: A Tactical Framework for Adversarial Threat Modeling Against Large Language Models
This addresses security risks for users and developers of LLMs, but it is incremental as it builds on existing threat modeling approaches like MITRE ATT&CK.
The paper tackles the problem of prompt-based attacks on Large Language Models (LLMs) by introducing InjectLab, a structured, open-source security framework that maps over 25 adversarial techniques across six tactics, including detection guidance and mitigation strategies.
Large Language Models (LLMs) are changing the way people interact with technology. Tools like ChatGPT and Claude AI are now common in business, research, and everyday life. But with that growth comes new risks, especially prompt-based attacks that exploit how these models process language. InjectLab is a security framework designed to address that problem. This paper introduces InjectLab as a structured, open-source matrix that maps real-world techniques used to manipulate LLMs. The framework is inspired by MITRE ATT&CK and focuses specifically on adversarial behavior at the prompt layer. It includes over 25 techniques organized under six core tactics, covering threats like instruction override, identity swapping, and multi-agent exploitation. Each technique in InjectLab includes detection guidance, mitigation strategies, and YAML-based simulation tests. A Python tool supports easy execution of prompt-based test cases. This paper outlines the framework's structure, compares it to other AI threat taxonomies, and discusses its future direction as a practical, community-driven foundation for securing language models.