Juhee Kim, UC Berkeley and Seoul National University; Wenbo Guo, UC Santa Barbara; Dawn Song, UC Berkeley
AI agents that integrate large language models with non-AI tool components are rapidly emerging in real-world applications, offering unprecedented automation and flexibility. However, this flexibility introduces complex security challenges that differ from traditional software systems. In this paper, we present the first comprehensive systematization of knowledge on AI agent security, analyzing the design space, attack landscape, and defense mechanisms for secure AI agent systems. In addition, we identify open challenges for future research in this emerging domain. Our work provides the first systematic framework for understanding AI agent security risks and defense strategies, serving as a foundation for building secure agentic systems and advancing research in this critical area.
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
