G-Safeguard: A Topology-Guided Security Lens and Treatment on LLM-based Multi-agent Systems

TL;DR

G-Safeguard introduces a topology-guided approach using graph neural networks to detect and remediate adversarial attacks in LLM-based multi-agent systems, significantly improving robustness and adaptability.

Contribution

It presents a novel topology-guided security framework leveraging graph neural networks for anomaly detection and attack remediation in LLM-MAS, enhancing robustness against adversarial threats.

Findings

Recover over 40% of performance under prompt injection attacks

Highly adaptable to various LLM backbones and large-scale MAS

Seamless integration with mainstream MAS with security guarantees

Abstract

Large Language Model (LLM)-based Multi-agent Systems (MAS) have demonstrated remarkable capabilities in various complex tasks, ranging from collaborative problem-solving to autonomous decision-making. However, as these systems become increasingly integrated into critical applications, their vulnerability to adversarial attacks, misinformation propagation, and unintended behaviors have raised significant concerns. To address this challenge, we introduce G-Safeguard, a topology-guided security lens and treatment for robust LLM-MAS, which leverages graph neural networks to detect anomalies on the multi-agent utterance graph and employ topological intervention for attack remediation. Extensive experiments demonstrate that G-Safeguard: (I) exhibits significant effectiveness under various attack strategies, recovering over 40% of the performance for prompt injection; (II) is highly adaptable to diverse LLM backbones and large-scale MAS; (III) can seamlessly combine with mainstream MAS with security guarantees. The code is available at https://github.com/wslong20/G-safeguard.