Visual TL;DR. Multi-agent LLMs use Runtime Monitors. Distributed Backdoors leverage Local Benignness. Local Benignness creates Observability Boundary. Runtime Monitors limited by Observability Boundary. Distributed Backdoors cause Security Vulnerability. Observability Boundary leads to Security Vulnerability. Security Vulnerability requires Compositional Representation.
- Multi-agent LLMs: systems with multiple interacting LLM agents, increasing complexity and attack surface
- Runtime Monitors: common safety measure, checks individual messages or tool calls for malicious content
- Distributed Backdoors: malicious payload split across agents, each fragment appears locally benign
- Local Benignness: attack fragments engineered to appear innocuous and ordinary when examined in isolation
- Observability Boundary: monitor's limited view prevents detection of the full, assembled malicious payload
- Security Vulnerability: critical gap in current multi-agent LLM security paradigms, highlighted by research
- Compositional Representation: effective defense requires detecting attacks at this higher, assembled signal level
Visual TL;DR
