T2-AT-011MEDIUM
Abbreviation and Acronym Abuse
T2 · Semantic & Linguistic Evasion →Risk score160
RatingMedium
Procedures2
Severity
Mechanism
Uses abbreviations/acronyms for restricted concepts. The model expands internally; the classifier sees only the abbreviation. Limited effectiveness for well-known acronyms (IED, TATP in most blocklists) but higher for domain-specific ones.
Detection
- Acronym expansion database for restricted-content acronyms
Mitigation
Acronym expansion before classificationHIGH
Chaining
Chains with T2-AT-006 (Linguistic Camouflage) in technical register.
Framework mapping
Open in the technique browser →OWASP LLMLLM01