A Survey on Long-Term Memory Security in LLM Agents: Attacks, Defenses, and Governance Across the Memory Lifecycle

The article presents a comprehensive survey on long-term memory security in LLM agents, outlining a Memory Lifecycle Framework that categorizes attacks and defenses across six phases: Write, Store, Retrieve, Execute, Share & Propagate, and Forget & Rollback. It introduces Verifiable Memory Governance (VMG), which consists of five architectural primitives designed to ensure integrity, confidentiality, availability, and governance of memory systems. This work emphasizes the necessity for proactive security measures at the storage phase to ensure robust long-term memory security rather than relying solely on retrieval or execution-time defenses, which is crucial for practitioners developing secure AI systems.