{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,30]],"date-time":"2026-06-30T05:15:58Z","timestamp":1782796558244,"version":"3.54.5"},"publisher-location":"New York, NY, USA","reference-count":32,"publisher":"ACM","content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2025,6,17]]},"DOI":"10.1145\/3756681.3757083","type":"proceedings-article","created":{"date-parts":[[2025,12,24]],"date-time":"2025-12-24T08:30:04Z","timestamp":1766565004000},"page":"834-839","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":2,"title":["ThreMoLIA: Threat Modeling of Large Language Model-Integrated Applications"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-7090-2753","authenticated-orcid":false,"given":"Felix Viktor","family":"Jedrzejewski","sequence":"first","affiliation":[{"name":"Blekinge Institute of Technology, Karlskrona, Sweden"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0679-4361","authenticated-orcid":false,"given":"Davide","family":"Fucci","sequence":"additional","affiliation":[{"name":"Blekinge Institute of Technology, Karlskrona, Sweden"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0120-5388","authenticated-orcid":false,"given":"Oleksandr","family":"Adamov","sequence":"additional","affiliation":[{"name":"Blekinge Institute of Technology, Karlskrona, Sweden"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2025,12,24]]},"reference":[{"key":"e_1_3_3_2_2_2","unstructured":"Ricardo Britto Timothy Murphy Massimo Iovene Leif Jonsson Melike Erol-Kantarci and Benedek Kov\u00e1cs. 2023. Telecom AI Native Systems in the Age of Generative AI\u2013An Engineering Perspective. arXiv preprint arXiv:https:\/\/arXiv.org\/abs\/2310.11770 (2023)."},{"key":"e_1_3_3_2_3_2","doi-asserted-by":"publisher","DOI":"10.1145\/3637528.3671882"},{"key":"e_1_3_3_2_4_2","unstructured":"Leon Derczynski Hannah\u00a0Rose Kirk Vidhisha Balachandran Sachin Kumar Yulia Tsvetkov Mark\u00a0R Leiser and Saif Mohammad. 2023. Assessing language model deployment with risk cards. arXiv preprint arXiv:https:\/\/arXiv.org\/abs\/2303.18190 (2023)."},{"key":"e_1_3_3_2_5_2","unstructured":"Yi Dong Ronghui Mu Gaojie Jin Yi Qi Jinwei Hu Xingyu Zhao Jie Meng Wenjie Ruan and Xiaowei Huang. 2024. Building guardrails for large language models. arXiv preprint arXiv:https:\/\/arXiv.org\/abs\/2402.01822 (2024)."},{"key":"e_1_3_3_2_6_2","unstructured":"Yunfan Gao Yun Xiong Xinyu Gao Kangxiang Jia Jinliu Pan Yuxi Bi Yi Dai Jiawei Sun Haofen Wang and Haofen Wang. 2023. Retrieval-augmented generation for large language models: A survey. arXiv preprint arXiv:https:\/\/arXiv.org\/abs\/2312.10997 2 (2023)."},{"key":"e_1_3_3_2_7_2","doi-asserted-by":"crossref","unstructured":"Samuel Gehman Suchin Gururangan Maarten Sap Yejin Choi and Noah\u00a0A Smith. 2020. Realtoxicityprompts: Evaluating neural toxic degeneration in language models. arXiv preprint arXiv:https:\/\/arXiv.org\/abs\/2009.11462 (2020).","DOI":"10.18653\/v1\/2020.findings-emnlp.301"},{"key":"e_1_3_3_2_8_2","doi-asserted-by":"publisher","DOI":"10.1145\/3605764.3623985"},{"key":"e_1_3_3_2_9_2","first-page":"4891","volume-title":"33rd USENIX Security Symposium (USENIX Security 24)","author":"Grosse Kathrin","year":"2024","unstructured":"Kathrin Grosse, Lukas Bieringer, Tarek\u00a0R Besold, and Alexandre\u00a0M Alahi. 2024. Towards more Practical Threat Models in Artificial Intelligence Security. In 33rd USENIX Security Symposium (USENIX Security 24). 4891\u20134908."},{"key":"e_1_3_3_2_10_2","doi-asserted-by":"crossref","unstructured":"Daniela Haluza and David Jungwirth. 2023. Artificial intelligence and ten societal megatrends: an exploratory study using GPT-3. Systems 11 3 (2023) 120.","DOI":"10.3390\/systems11030120"},{"key":"e_1_3_3_2_11_2","unstructured":"Felix Jedrzejewski Davide Fucci and Oleksandr Adamov. 2023. MLSMM: Machine Learning Security Maturity Model. arXiv preprint arXiv:https:\/\/arXiv.org\/abs\/2306.16127 (2023)."},{"key":"e_1_3_3_2_12_2","doi-asserted-by":"publisher","DOI":"10.1145\/3644815.3644975"},{"key":"e_1_3_3_2_13_2","unstructured":"Fengqing Jiang Zhangchen Xu Luyao Niu Boxin Wang Jinyuan Jia Bo Li and Radha Poovendran. 2023. Identifying and mitigating vulnerabilities in llm-integrated applications. arXiv preprint arXiv:https:\/\/arXiv.org\/abs\/2311.16153 (2023)."},{"key":"e_1_3_3_2_14_2","doi-asserted-by":"crossref","unstructured":"Anton Konev Alexander Shelupanov Mikhail Kataev Valeriya Ageeva and Alina Nabieva. 2022. A survey on threat-modeling techniques: protected objects and classification of threats. Symmetry 14 3 (2022) 549.","DOI":"10.3390\/sym14030549"},{"key":"e_1_3_3_2_15_2","unstructured":"Jiangnan Li Yingyuan Yang and Jinyuan Sun. 2024. Risks of Practicing Large Language Models in Smart Grid: Threat Modeling and Validation. arXiv preprint arXiv:https:\/\/arXiv.org\/abs\/2405.06237 (2024)."},{"key":"e_1_3_3_2_16_2","unstructured":"Manqing Mao Paishun Ting Yijian Xiang Mingyang Xu Julia Chen and Jianzhe Lin. 2024. Multi-user chat assistant (MUCA): a framework using LLMS to facilitate group conversations. arXiv preprint arXiv:https:\/\/arXiv.org\/abs\/2401.04883 (2024)."},{"key":"e_1_3_3_2_17_2","doi-asserted-by":"crossref","unstructured":"Lara Mauri and Ernesto Damiani. 2022. Modeling threats to AI-ML systems using STRIDE. Sensors 22 17 (2022) 6662.","DOI":"10.3390\/s22176662"},{"key":"e_1_3_3_2_18_2","unstructured":"Suvda Myagmar Adam\u00a0J Lee and William Yurcik. 2005. Threat modeling as a basis for security requirements. (2005)."},{"key":"e_1_3_3_2_19_2","unstructured":"Rahul Pankajakshan Sumitra Biswal Yuvaraj Govindarajulu and Gilad Gressel. 2024. Mapping LLM Security Landscapes: A Comprehensive Stakeholder Risk Assessment Proposal. arXiv preprint arXiv:https:\/\/arXiv.org\/abs\/2403.13309 (2024)."},{"key":"e_1_3_3_2_20_2","doi-asserted-by":"crossref","unstructured":"Simon Schneider Nicolas E\u00a0Diaz Ferreyra Pierre-Jean Queval Georg Simhandl Uwe Zdun and Riccardo Scandariato. 2024. How Dataflow Diagrams Impact Software Security Analysis: an Empirical Experiment. arXiv preprint arXiv:https:\/\/arXiv.org\/abs\/2401.04446 (2024).","DOI":"10.1109\/SANER60148.2024.00103"},{"key":"e_1_3_3_2_21_2","unstructured":"Nataliya Shevchenko Timothy\u00a0A Chick Paige O\u2019Riordan Thomas\u00a0Patrick Scanlon and Carol Woody. 2018. Threat modeling: a summary of available methods. Software Engineering Institute| Carnegie Mellon University (2018)."},{"key":"e_1_3_3_2_22_2","volume-title":"Threat modeling: Designing for security","author":"Shostack Adam","year":"2014","unstructured":"Adam Shostack. 2014. Threat modeling: Designing for security. John Wiley & Sons."},{"key":"e_1_3_3_2_23_2","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP51992.2021.00024"},{"key":"e_1_3_3_2_24_2","unstructured":"Stephen\u00a0Burabari Tete. 2024. Threat Modelling and Risk Analysis for Large Language Model (LLM)-Powered Applications. arXiv preprint arXiv:https:\/\/arXiv.org\/abs\/2406.11007 (2024)."},{"key":"e_1_3_3_2_25_2","doi-asserted-by":"publisher","DOI":"10.1109\/RE.2017.13"},{"key":"e_1_3_3_2_26_2","unstructured":"Apurv Verma Satyapriya Krishna Sebastian Gehrmann Madhavan Seshadri Anu Pradhan Tom Ault Leslie Barrett David Rabinowitz John Doucette and NhatHai Phan. 2024. Operationalizing a threat model for red-teaming large language models (llms). arXiv preprint arXiv:https:\/\/arXiv.org\/abs\/2407.14937 (2024)."},{"key":"e_1_3_3_2_27_2","first-page":"35413","volume-title":"International Conference on Machine Learning","author":"Wan Alexander","year":"2023","unstructured":"Alexander Wan, Eric Wallace, Sheng Shen, and Dan Klein. 2023. Poisoning language models during instruction tuning. In International Conference on Machine Learning. PMLR, 35413\u201335425."},{"key":"e_1_3_3_2_28_2","doi-asserted-by":"crossref","unstructured":"Johannes Welbl Amelia Glaese Jonathan Uesato Sumanth Dathathri John Mellor Lisa\u00a0Anne Hendricks Kirsty Anderson Pushmeet Kohli Ben Coppin and Po-Sen Huang. 2021. Challenges in detoxifying language models. arXiv preprint arXiv:https:\/\/arXiv.org\/abs\/2109.07445 (2021).","DOI":"10.18653\/v1\/2021.findings-emnlp.210"},{"key":"e_1_3_3_2_29_2","doi-asserted-by":"crossref","unstructured":"Xiaoyuan Xie Zhiyi Zhang Tsong\u00a0Yueh Chen Yang Liu Pak-Lok Poon and Baowen Xu. 2020. METTLE: A metamorphic testing approach to assessing and validating unsupervised machine learning systems. IEEE Transactions on Reliability 69 4 (2020) 1293\u20131322.","DOI":"10.1109\/TR.2020.2972266"},{"key":"e_1_3_3_2_30_2","doi-asserted-by":"crossref","unstructured":"Wenjun Xiong and Robert Lagerstr\u00f6m. 2019. Threat modeling\u2013A systematic literature review. Computers & security 84 (2019) 53\u201369.","DOI":"10.1016\/j.cose.2019.03.010"},{"key":"e_1_3_3_2_31_2","doi-asserted-by":"crossref","unstructured":"Yifan Yao Jinhao Duan Kaidi Xu Yuanfang Cai Zhibo Sun and Yue Zhang. 2024. A survey on large language model (llm) security and privacy: The good the bad and the ugly. High-Confidence Computing (2024) 100211.","DOI":"10.1016\/j.hcc.2024.100211"},{"key":"e_1_3_3_2_32_2","first-page":"9","volume-title":"Proceedings of the ACM\/IEEE 42nd International Conference on Software Engineering: New Ideas and Emerging Results","author":"Yskout Koen","year":"2020","unstructured":"Koen Yskout, Thomas Heyman, Dimitri Van\u00a0Landuyt, Laurens Sion, Kim Wuyts, and Wouter Joosen. 2020. Threat modeling: from infancy to maturity. In Proceedings of the ACM\/IEEE 42nd International Conference on Software Engineering: New Ideas and Emerging Results. 9\u201312."},{"key":"e_1_3_3_2_33_2","unstructured":"Yadong Zhang Shaoguang Mao Tao Ge Xun Wang Yan Xia Man Lan and Furu Wei. 2024. K-Level Reasoning with Large Language Models. arXiv preprint arXiv:https:\/\/arXiv.org\/abs\/2402.01521 (2024)."}],"event":{"name":"EASE '25: Evaluation and Assessment in Software Engineering","location":"Istanbul Turkiye","acronym":"EASE '25"},"container-title":["Proceedings of the 29th International Conference on Evaluation and Assessment in Software Engineering"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3756681.3757083","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,12,24]],"date-time":"2025-12-24T08:43:39Z","timestamp":1766565819000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3756681.3757083"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,6,17]]},"references-count":32,"alternative-id":["10.1145\/3756681.3757083","10.1145\/3756681"],"URL":"https:\/\/doi.org\/10.1145\/3756681.3757083","relation":{},"subject":[],"published":{"date-parts":[[2025,6,17]]},"assertion":[{"value":"2025-12-24","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}