DynaTrust: Defending Multi-Agent Systems Against Sleeper Agents via Dynamic Trust Graphs

A team of researchers has introduced DynaTrust, a new security framework designed to protect teams of AI agents (multi-agent systems or MAS) from a sophisticated threat known as 'sleeper agents.' These are malicious agents that behave normally to build trust before executing harmful actions when triggered. Current defenses often use static rules that fail to adapt, leading to high false-positive rates that disrupt system operations. DynaTrust addresses this by fundamentally rethinking how trust is managed in collaborative AI environments.

DynaTrust models the entire multi-agent system as a Dynamic Trust Graph (DTG), where trust is a continuous, evolving metric rather than a fixed label. It analyzes each agent's historical behavior and the confidence of designated 'expert' agents to dynamically update trust scores. When a potential sleeper agent is detected, the system doesn't simply block it—which could break critical workflows—but intelligently restructures the communication graph to isolate the threat while re-routing tasks to maintain overall system functionality and usability.

The method was rigorously evaluated on benchmarks combining AdvBench and HumanEval datasets. The results were significant: DynaTrust achieved a defense success rate exceeding 86% under adversarial conditions, which represents a 41.7% improvement over the previous leading method, AgentShield. Crucially, it also dramatically reduced false-positive rates, ensuring that legitimate system operations are not unnecessarily interrupted. This balance of high security and maintained utility is a key advancement for deploying trustworthy, collaborative AI systems in real-world scenarios.