Multi-Agent Security Tax: Trading Off Security and Collaboration Capabilities in Multi-Agent Systems
This addresses security vulnerabilities in AI agent collaborations, though it is incremental as it builds on existing multi-agent security research.
The paper tackles the problem of security risks in multi-agent systems where a compromised agent can spread malicious instructions, leading to misaligned outcomes, and finds that defense strategies like vaccination and safety instructions reduce malicious spread but decrease collaboration capability.
As AI agents are increasingly adopted to collaborate on complex objectives, ensuring the security of autonomous multi-agent systems becomes crucial. We develop simulations of agents collaborating on shared objectives to study these security risks and security trade-offs. We focus on scenarios where an attacker compromises one agent, using it to steer the entire system toward misaligned outcomes by corrupting other agents. In this context, we observe infectious malicious prompts - the multi-hop spreading of malicious instructions. To mitigate this risk, we evaluated several strategies: two "vaccination" approaches that insert false memories of safely handling malicious input into the agents' memory stream, and two versions of a generic safety instruction strategy. While these defenses reduce the spread and fulfillment of malicious instructions in our experiments, they tend to decrease collaboration capability in the agent network. Our findings illustrate potential trade-off between security and collaborative efficiency in multi-agent systems, providing insights for designing more secure yet effective AI collaborations.