V. Pejić
Please Note
1 records found
1
We present VukZero, a zero-trust architecture for autonomous Large Language Model (LLM) agents. These agents operate on untrusted input, so a successful prompt injection can lead to continued malicious behavior. Existing defenses aim only to prevent this, leaving no recourse once an agent is compromised. VukZero instead applies zero-trust across three layers. An agent permission system mediates privileged actions. Tamper-evident behavioral recording supports evidence-based agent expulsion. System-level containment limits post-compromise damage. On a standard prompt-injection benchmark, VukZero's permission system cut the macro-average attack success rate to 3.81%, compared with 8.66% for an established privilege-control defense. The recording layer expelled the attacker in all 60 reputation-trap scenarios where an unprotected baseline expelled none. The containment layer also blocked 100% of malicious host-level probes. The contribution is integrating the layers so that the zero-trust principle holds throughout and after a compromise.