Probabilistic security mapping of large language model integrations via stochastic Petri Nets

Abstract

Large Language Models (LLMs) are becoming increasingly popular for use in modern software systems. However, with increasing popularity, newly introduced security risks have emerged while integrating LLMs in a software system. These security gaps do not align with the traditional cybersecurity framework. To address it, this study specifically focuses on modeling three distinct related threats: prompt injection, context extraction, and Denial of Service (DoS) by resource exhaustion. First, the research maps these three LLM security aspects with the traditional CIA triad (Confidentiality, Integrity, Availability) and maps the system assets with corresponding justifications to show exactly what component of a system is at risk during these specific attacks. After that, the research investigates three distinct and independent threat models across the LLM architecture. First, Prompt Injection is analyzed at the input processing layer to mathematically evaluate Defensive Depth theory. Second, Data Exfiltration is evaluated during output scanning to formalize the Temporal Defense theory. Finally, a Denial of Service (DoS) attack is modeled to validate the Saturation theory. To transition from theoretical risk to measurable impact, an independent threat model is developed using Petri Net diagram to simulate these distinct stages of the LLM pipeline. Mathematical analysis is then conducted using a Continuous-Time Markov Chain (CTMC) and finite queuing theories. Specifically for the DoS evaluation, the adversarial arrival rate (λ) and system processing bottleneck (ρ) are modeled to measure the queue wait times and resource depletion. Across all three threat vectors, Monte Carlo validation is used to ensure the theoretical mathematical calculations match the simulated reality. The result provides a formalized mathematical baseline for each independent vulnerability. The findings demonstrate the exact architectural trade-offs to implement input-layer defensive depth, the temporal cost for output sanitization, and the critical threshold where system queues saturate and drop legitimate requests during a DoS attack. These insights help developer to design more resilient, optimized, and mathematically verifiable security architecture for deployed LLM applications.