Saved in:
Bibliographic Details
Main Authors: Zahid, Farzana, Sewwandi, Anjalika, Brandon, Lee, Kumar, Vimal, Sinha, Roopak
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2508.08629
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866909733849399296
author Zahid, Farzana
Sewwandi, Anjalika
Brandon, Lee
Kumar, Vimal
Sinha, Roopak
author_facet Zahid, Farzana
Sewwandi, Anjalika
Brandon, Lee
Kumar, Vimal
Sinha, Roopak
contents Due to perceptions of efficiency and significant productivity gains, various organisations, including in education, are adopting Large Language Models (LLMs) into their workflows. Educator-facing, learner-facing, and institution-facing LLMs, collectively, Educational Large Language Models (eLLMs), complement and enhance the effectiveness of teaching, learning, and academic operations. However, their integration into an educational setting raises significant cybersecurity concerns. A comprehensive landscape of contemporary attacks on LLMs and their impact on the educational environment is missing. This study presents a generalised taxonomy of fifty attacks on LLMs, which are categorized as attacks targeting either models or their infrastructure. The severity of these attacks is evaluated in the educational sector using the DREAD risk assessment framework. Our risk assessment indicates that token smuggling, adversarial prompts, direct injection, and multi-step jailbreak are critical attacks on eLLMs. The proposed taxonomy, its application in the educational environment, and our risk assessment will help academic and industrial practitioners to build resilient solutions that protect learners and institutions.
format Preprint
id arxiv_https___arxiv_org_abs_2508_08629
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle Securing Educational LLMs: A Generalised Taxonomy of Attacks on LLMs and DREAD Risk Assessment
Zahid, Farzana
Sewwandi, Anjalika
Brandon, Lee
Kumar, Vimal
Sinha, Roopak
Computers and Society
Artificial Intelligence
Due to perceptions of efficiency and significant productivity gains, various organisations, including in education, are adopting Large Language Models (LLMs) into their workflows. Educator-facing, learner-facing, and institution-facing LLMs, collectively, Educational Large Language Models (eLLMs), complement and enhance the effectiveness of teaching, learning, and academic operations. However, their integration into an educational setting raises significant cybersecurity concerns. A comprehensive landscape of contemporary attacks on LLMs and their impact on the educational environment is missing. This study presents a generalised taxonomy of fifty attacks on LLMs, which are categorized as attacks targeting either models or their infrastructure. The severity of these attacks is evaluated in the educational sector using the DREAD risk assessment framework. Our risk assessment indicates that token smuggling, adversarial prompts, direct injection, and multi-step jailbreak are critical attacks on eLLMs. The proposed taxonomy, its application in the educational environment, and our risk assessment will help academic and industrial practitioners to build resilient solutions that protect learners and institutions.
title Securing Educational LLMs: A Generalised Taxonomy of Attacks on LLMs and DREAD Risk Assessment
topic Computers and Society
Artificial Intelligence
url https://arxiv.org/abs/2508.08629