A Prompt Injection Attack Dataset and Prompt Collection for Evaluating Defense-in-Depth Security in LLM-Based Systems
收藏Zenodo2026-04-14 更新2026-05-26 收录
下载链接:
https://zenodo.org/doi/10.5281/zenodo.19570953
下载链接
链接失效反馈官方服务:
资源简介:
This repository provides the dataset and prompt collection used in the study titled “A Defense-in-Depth Approach to Mitigating Prompt Injection in LLM-Based Systems.” The materials are designed to support reproducibility and transparency of the experimental evaluation conducted in the study.
The repository consists of two main components:
1. Prompt Injection Attack Dataset
The dataset is provided in the file dataset.docx and contains a curated set of prompt injection attack instances. The dataset is systematically structured and categorized to represent commonly observed attack types in LLM-based systems.
The dataset includes the following five categories:
Instruction OverridePrompts attempting to override or ignore system-level instructions.
Role ManipulationPrompts designed to force the model into unauthorized or privileged roles.
System Prompt LeakagePrompts aiming to extract hidden system or developer-defined instructions.
Data Exfiltration AttemptsPrompts targeting the disclosure of sensitive or restricted information.
Indirect InjectionContext-based attacks where malicious instructions are embedded within external or retrieved content.
Each category contains a balanced number of samples to ensure fair and controlled experimental comparisons across attack types.
2. Prompt Collection for System Design
The file prompt_article.docx contains all prompts used in the system design and experimental evaluation.
This includes:
Input prompts used in attack scenarios
System prompts defining model behavior
Policy enforcement prompts
Retrieval-related prompts (for RAG scenarios)
Output validation and guardrail prompts
These prompts collectively represent the operational configuration of the evaluated LLM-based system and enable reproducibility of the experimental setup.
Purpose and Usage
The dataset and prompt collection are intended for:
Evaluating prompt injection attacks in LLM-based systems
Benchmarking security mechanisms such as defense-in-depth architectures
Supporting research on LLM security, prompt engineering, and adversarial robustness
Reproducing the experimental results reported in the associated study
Researchers can use this dataset to analyze attack behavior, test defense strategies, or extend the experimental framework to different models and architectures.
Reproducibility
All experiments in the associated study were conducted using the provided prompts and dataset under controlled conditions. The materials included in this repository allow other researchers to replicate the experimental scenarios and validate the reported findings.
Notes
The dataset is synthetically constructed based on patterns and attack strategies reported in the literature.
The prompts are designed for research purposes and do not reflect real user data.
No sensitive or personal data is included in this repository.
提供机构:
Zenodo创建时间:
2026-04-14



