SMSR: Certified Defence Against Runtime Memory Poisoning in Persistent LLM Agent Systems

The paper introduces Signed Memory with Smoothed Retrieval (SMSR), a novel defense mechanism against Multi-Session Memory Poisoning (MSMP) in persistent LLM agent systems. SMSR combines HMAC-SHA256 provenance checks at write time and randomized memory ablation with verdict-based voting at query time, achieving a reduction in attack success rates from 93-100% to 0% for unsigned injections and from 65.3% to 5.3% for end-to-end query-only attacks. This advancement is crucial for practitioners as it provides a certified robustness framework to protect against memory injection attacks that exploit persistent memory in RAG agents.