English

A Proposal for Evaluating the Operational Risk for ChatBots based on Large Language Models

Cryptography and Security 2025-05-09 v1 Artificial Intelligence Computers and Society

Abstract

The emergence of Generative AI (Gen AI) and Large Language Models (LLMs) has enabled more advanced chatbots capable of human-like interactions. However, these conversational agents introduce a broader set of operational risks that extend beyond traditional cybersecurity considerations. In this work, we propose a novel, instrumented risk-assessment metric that simultaneously evaluates potential threats to three key stakeholders: the service-providing organization, end users, and third parties. Our approach incorporates the technical complexity required to induce erroneous behaviors in the chatbot--ranging from non-induced failures to advanced prompt-injection attacks--as well as contextual factors such as the target industry, user age range, and vulnerability severity. To validate our metric, we leverage Garak, an open-source framework for LLM vulnerability testing. We further enhance Garak to capture a variety of threat vectors (e.g., misinformation, code hallucinations, social engineering, and malicious code generation). Our methodology is demonstrated in a scenario involving chatbots that employ retrieval-augmented generation (RAG), showing how the aggregated risk scores guide both short-term mitigation and longer-term improvements in model design and deployment. The results underscore the importance of multi-dimensional risk assessments in operationalizing secure, reliable AI-driven conversational systems.

Keywords

Cite

@article{arxiv.2505.04784,
  title  = {A Proposal for Evaluating the Operational Risk for ChatBots based on Large Language Models},
  author = {Pedro Pinacho-Davidson and Fernando Gutierrez and Pablo Zapata and Rodolfo Vergara and Pablo Aqueveque},
  journal= {arXiv preprint arXiv:2505.04784},
  year   = {2025}
}

Comments

21 pages

R2 v1 2026-06-28T23:25:02.527Z