{"id":"https://openalex.org/W4417077680","doi":"https://doi.org/10.48550/arxiv.2509.14956","title":"Sentinel Agents for Secure and Trustworthy Agentic AI in Multi-Agent Systems","display_name":"Sentinel Agents for Secure and Trustworthy Agentic AI in Multi-Agent Systems","publication_year":2025,"publication_date":"2025-09-18","ids":{"openalex":"https://openalex.org/W4417077680","doi":"https://doi.org/10.48550/arxiv.2509.14956"},"language":"en","primary_location":{"id":"pmh:oai:arXiv.org:2509.14956","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2509.14956","pdf_url":"https://arxiv.org/pdf/2509.14956","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},"type":"preprint","indexed_in":["arxiv","datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://arxiv.org/pdf/2509.14956","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5120642656","display_name":"Diego Gosmar","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Gosmar, Diego","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"last","author":{"id":"https://openalex.org/A5073974219","display_name":"Deborah Dahl","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Dahl, Deborah A.","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":0,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.4424999952316284,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},"topics":[{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.4424999952316284,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T12203","display_name":"Mobile Agent-Based Network Management","score":0.10719999670982361,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10456","display_name":"Multi-Agent Systems and Negotiation","score":0.07680000364780426,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/audit","display_name":"Audit","score":0.541100025177002},{"id":"https://openalex.org/keywords/component","display_name":"Component (thermodynamics)","score":0.5401999950408936},{"id":"https://openalex.org/keywords/reliability","display_name":"Reliability (semiconductor)","score":0.44690001010894775},{"id":"https://openalex.org/keywords/trustworthiness","display_name":"Trustworthiness","score":0.41429999470710754},{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.4115000069141388},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.3582000136375427},{"id":"https://openalex.org/keywords/corporate-governance","display_name":"Corporate governance","score":0.3456000089645386},{"id":"https://openalex.org/keywords/audit-trail","display_name":"Audit trail","score":0.32409998774528503}],"concepts":[{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6930999755859375},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6535000205039978},{"id":"https://openalex.org/C199521495","wikidata":"https://www.wikidata.org/wiki/Q181487","display_name":"Audit","level":2,"score":0.541100025177002},{"id":"https://openalex.org/C168167062","wikidata":"https://www.wikidata.org/wiki/Q1117970","display_name":"Component (thermodynamics)","level":2,"score":0.5401999950408936},{"id":"https://openalex.org/C43214815","wikidata":"https://www.wikidata.org/wiki/Q7310987","display_name":"Reliability (semiconductor)","level":3,"score":0.44690001010894775},{"id":"https://openalex.org/C153701036","wikidata":"https://www.wikidata.org/wiki/Q659974","display_name":"Trustworthiness","level":2,"score":0.41429999470710754},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.4115000069141388},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.3582000136375427},{"id":"https://openalex.org/C39389867","wikidata":"https://www.wikidata.org/wiki/Q380767","display_name":"Corporate governance","level":2,"score":0.3456000089645386},{"id":"https://openalex.org/C80958533","wikidata":"https://www.wikidata.org/wiki/Q1047174","display_name":"Audit trail","level":3,"score":0.32409998774528503},{"id":"https://openalex.org/C74072328","wikidata":"https://www.wikidata.org/wiki/Q1142726","display_name":"Intelligent agent","level":2,"score":0.31779998540878296},{"id":"https://openalex.org/C76178495","wikidata":"https://www.wikidata.org/wiki/Q4808784","display_name":"Asset (computer security)","level":2,"score":0.3089999854564667},{"id":"https://openalex.org/C41550386","wikidata":"https://www.wikidata.org/wiki/Q529909","display_name":"Multi-agent system","level":2,"score":0.30889999866485596},{"id":"https://openalex.org/C2779585090","wikidata":"https://www.wikidata.org/wiki/Q3457762","display_name":"Resilience (materials science)","level":2,"score":0.2919999957084656},{"id":"https://openalex.org/C184337299","wikidata":"https://www.wikidata.org/wiki/Q1437428","display_name":"Semantics (computer science)","level":2,"score":0.2734000086784363},{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.26739999651908875},{"id":"https://openalex.org/C182590292","wikidata":"https://www.wikidata.org/wiki/Q989632","display_name":"Network security","level":2,"score":0.2667999863624573},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.263700008392334},{"id":"https://openalex.org/C206345919","wikidata":"https://www.wikidata.org/wiki/Q20380951","display_name":"Resource (disambiguation)","level":2,"score":0.2565000057220459}],"mesh":[],"locations_count":2,"locations":[{"id":"pmh:oai:arXiv.org:2509.14956","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2509.14956","pdf_url":"https://arxiv.org/pdf/2509.14956","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},{"id":"doi:10.48550/arxiv.2509.14956","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2509.14956","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"Preprint"}],"best_oa_location":{"id":"pmh:oai:arXiv.org:2509.14956","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2509.14956","pdf_url":"https://arxiv.org/pdf/2509.14956","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"This":[0,133],"paper":[1],"proposes":[2],"a":[3,24,31,86,158,186,205],"novel":[4],"architectural":[5,182],"framework":[6,22,227],"aimed":[7],"at":[8],"enhancing":[9],"security":[10,33,135],"and":[11,51,67,70,95,122,153,174,199,236],"reliability":[12],"in":[13],"multi-agent":[14,176,206],"systems":[15],"(MAS).":[16],"A":[17],"central":[18],"component":[19],"of":[20,26,79,85,129,141,148,160,193,221],"this":[21],"is":[23,82],"network":[25],"Sentinel":[27,80,107,142,210],"Agents,":[28,150],"functioning":[29],"as":[30,39],"distributed":[32],"layer":[34],"that":[35],"integrates":[36],"techniques":[37],"such":[38],"semantic":[40],"analysis":[41],"via":[42],"large":[43],"language":[44],"models":[45],"(LLMs),":[46],"behavioral":[47],"analytics,":[48],"retrieval-augmented":[49],"verification,":[50],"cross-agent":[52],"anomaly":[53],"detection.":[54],"Such":[55],"agents":[56],"can":[57,114],"potentially":[58],"oversee":[59],"inter-agent":[60],"communications,":[61],"identify":[62],"potential":[63],"threats,":[64,161],"enforce":[65],"privacy":[66,172],"access":[68],"controls,":[69],"maintain":[71,126],"comprehensive":[72],"audit":[73],"records.":[74],"Complementary":[75],"to":[76,125,180],"the":[77,83,101,127,130,138,145,181,214,218,222],"idea":[78],"Agents":[81,143,211],"use":[84],"Coordinator":[87,90,102,149],"Agent.":[88],"The":[89,209,226],"Agent":[91],"supervises":[92],"policy":[93,238],"implementation,":[94],"manages":[96],"agent":[97,166],"participation.":[98],"In":[99,178],"addition,":[100],"also":[103,228],"ingests":[104],"alerts":[105],"from":[106],"Agents.":[108],"Based":[109],"on":[110],"these":[111],"alerts,":[112],"it":[113],"adapt":[115],"policies,":[116],"isolate":[117],"or":[118],"quarantine":[119],"misbehaving":[120],"agents,":[121],"contain":[123],"threats":[124],"integrity":[128],"MAS":[131],"ecosystem.":[132],"dual-layered":[134],"approach,":[136],"combining":[137],"continuous":[139],"monitoring":[140,224],"with":[144],"governance":[146],"functions":[147],"supports":[151,233],"dynamic":[152],"adaptive":[154],"defense":[155],"mechanisms":[156],"against":[157],"range":[159],"including":[162],"prompt":[163],"injection,":[164,197],"collusive":[165],"behavior,":[167],"hallucinations":[168],"generated":[169],"by":[170],"LLMs,":[171],"breaches,":[173],"coordinated":[175],"attacks.":[177],"addition":[179],"design,":[183],"we":[184],"present":[185],"simulation":[187],"study":[188],"where":[189],"162":[190],"synthetic":[191],"attacks":[192],"different":[194],"families":[195],"(prompt":[196],"hallucination,":[198],"data":[200],"exfiltration)":[201],"were":[202],"injected":[203],"into":[204],"conversational":[207],"environment.":[208],"successfully":[212],"detected":[213],"attack":[215],"attempts,":[216],"confirming":[217],"practical":[219],"feasibility":[220],"proposed":[223],"approach.":[225],"offers":[229],"enhanced":[230],"system":[231],"observability,":[232],"regulatory":[234],"compliance,":[235],"enables":[237],"evolution":[239],"over":[240],"time.":[241]},"counts_by_year":[],"updated_date":"2026-07-01T06:00:48.157686","created_date":"2025-10-10T00:00:00"}
