Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

The Emerged Security and Privacy of LLM Agent: A Survey with Case Studies

Feng He, Tianqing Zhu, Dayong Ye, Bo Liu, Wanlei Zhou, Philip S. Yu

TL;DR

This survey catalogs emerging security and privacy risks for LLM agents by separating inherited threats from LLMs and agent-specific threats, and then analyzes their impacts on humans, environments, and other agents. It consolidates defenses into category-specific strategies (technical vulnerabilities, malicious attacks, and Threats on agents) and reinforces them with real-world case studies in a virtual town. The work highlights gaps and future directions, notably in multimodal LLM agents and LLM-MA systems, calling for benchmarks, privacy-preserving techniques, and governance frameworks. Overall, the paper aims to accelerate the development of safer, more trustworthy LLM agents across diverse applications.

Abstract

Inspired by the rapid development of Large Language Models (LLMs), LLM agents have evolved to perform complex tasks. LLM agents are now extensively applied across various domains, handling vast amounts of data to interact with humans and execute tasks. The widespread applications of LLM agents demonstrate their significant commercial value; however, they also expose security and privacy vulnerabilities. At the current stage, comprehensive research on the security and privacy of LLM agents is highly needed. This survey aims to provide a comprehensive overview of the newly emerged privacy and security issues faced by LLM agents. We begin by introducing the fundamental knowledge of LLM agents, followed by a categorization and analysis of the threats. We then discuss the impacts of these threats on humans, environment, and other agents. Subsequently, we review existing defensive strategies, and finally explore future trends. Additionally, the survey incorporates diverse case studies to facilitate a more accessible understanding. By highlighting these critical security and privacy issues, the survey seeks to stimulate future research towards enhancing the security and privacy of LLM agents, thereby increasing their reliability and trustworthiness in future applications.

The Emerged Security and Privacy of LLM Agent: A Survey with Case Studies

TL;DR

This survey catalogs emerging security and privacy risks for LLM agents by separating inherited threats from LLMs and agent-specific threats, and then analyzes their impacts on humans, environments, and other agents. It consolidates defenses into category-specific strategies (technical vulnerabilities, malicious attacks, and Threats on agents) and reinforces them with real-world case studies in a virtual town. The work highlights gaps and future directions, notably in multimodal LLM agents and LLM-MA systems, calling for benchmarks, privacy-preserving techniques, and governance frameworks. Overall, the paper aims to accelerate the development of safer, more trustworthy LLM agents across diverse applications.

Abstract

Inspired by the rapid development of Large Language Models (LLMs), LLM agents have evolved to perform complex tasks. LLM agents are now extensively applied across various domains, handling vast amounts of data to interact with humans and execute tasks. The widespread applications of LLM agents demonstrate their significant commercial value; however, they also expose security and privacy vulnerabilities. At the current stage, comprehensive research on the security and privacy of LLM agents is highly needed. This survey aims to provide a comprehensive overview of the newly emerged privacy and security issues faced by LLM agents. We begin by introducing the fundamental knowledge of LLM agents, followed by a categorization and analysis of the threats. We then discuss the impacts of these threats on humans, environment, and other agents. Subsequently, we review existing defensive strategies, and finally explore future trends. Additionally, the survey incorporates diverse case studies to facilitate a more accessible understanding. By highlighting these critical security and privacy issues, the survey seeks to stimulate future research towards enhancing the security and privacy of LLM agents, thereby increasing their reliability and trustworthiness in future applications.
Paper Structure (51 sections, 19 figures, 3 tables)

This paper contains 51 sections, 19 figures, 3 tables.

Table of Contents

  1. Introduction
  2. Foundation of LLM Agent
  3. Definition of LLM Agent
  4. Structure of LLM Agent
  5. Workflow of LLM Agent
  6. Capability of LLM Agent
  7. Case Study on the Structure, Workflow and Capability of LLM Agent
  8. Sources of Threats for LLM Agents
  9. Inherited Threats from LLM
  10. Technical Vulnerabilities
  11. Case Study on Technical Vulnerabilities
  12. Malicious Attacks
  13. Case Study on Malicious Attacks
  14. Specific Threats on Agents
  15. Case Study on Specific Threats on Agents
  16. ...and 36 more sections

Figures (19)

  • Figure 1: Overview of The Pixelated Virtual Town: Each label identifies a specific setting such as stores, offices, restaurants, museums, and parks, where each LLM agent plays a personalized role, simulating real-life interactions and tasks.
  • Figure 2: Taxonomy of The Emerged Security and Privacy of LLM Agent.
  • Figure 3: The Structure of LLM Agent
  • Figure 4: The Fundamental Workflow of LLM Agent
  • Figure 5: Simulation Environment and LLM Agent Components
  • ...and 14 more figures