Towards Unifying Quantitative Security Benchmarking for Multi Agent Systems

Sharma, Gauri, Kulkarni, Vidhi, King, Miles, Huang, Ken

arXiv.org Artificial Intelligence 

--Evolving AI systems increasingly deploy multi-agent architectures where autonomous agents collaborate, share information, and delegate tasks through developing protocols. This connectivity, while powerful, introduces novel security risks. Once such risk is a cascading risk: a breach in one agent can cascade through the system, compromising others by exploiting inter-agent trust. In tandem with OW ASP's initiative for an Agentic AI V ulnerability Scoring System we define an attack vector, Agent Cascading Injection, analogous to Agent Impact Chain and Blast Radius, operating across networks of agents. In an ACI attack, a malicious input or tool exploit injected at one agent leads to cascading compromises and amplified downstream effects across agents that trust its outputs. We formalize this attack with an adversarial goal equation and key variables (compromised agent, injected exploit, polluted observations, etc.), capturing how a localized vulnerability can escalate into system-wide failure. We then analyze ACI's properties - propagation chains, amplification factors, and inter-agent compound effects - and map these to OW ASP's emerging Agentic AI risk categories (e.g. Finally, we argue that ACI highlights a critical need for quantitative benchmarking frameworks to evaluate the security of agent-to-agent communication protocols. We outline a methodology for stress-testing multi-agent systems (using architectures such as Google's A2A and Anthropic's MCP) against cascading trust failures, developing upon groundwork for measurable, standardized agent to agent security evaluation. Our work provides the essential apparatus for engineers to benchmark system resilience, make data-driven architectural trade-offs, and develop robust defenses against a new generation of agentic threats. Index T erms --component, formatting, style, styling, insert. As the use of autonomous AI agents expands across cyber-security, finance, healthcare, and critical infrastructure, agent-to-agent communication protocols have emerged as founda-tional components for coordinating tasks, sharing information, and executing distributed decision-making.

Duplicate Docs Excel Report

Title
None found

Similar Docs  Excel Report  more

TitleSimilaritySource
None found