SAIGuard: Communication-State Simulation for Proactive Defense of LLM Multi-Agent Systems

SAIGuard is a proactive defense framework for large language model (LLM) multi-agent systems (MAS) that addresses security risks associated with inter-agent communication. By employing communication-state simulation on the MAS interaction graph, SAIGuard estimates the impact of incoming messages and detects risky communications through deviations from benign patterns, allowing for the sanitization or regeneration of suspicious messages. Experimental results demonstrate that SAIGuard effectively reduces attack success rates while preserving the utility of MAS, outperforming traditional reactive defense mechanisms.