LLM agents security duality: a comprehensive survey of self-security and empowered cybersecurity

📅 2026-06-26
📈 Citations: 0
Influential: 0
📄 PDF
🤖 AI Summary
This work addresses the dual challenges of intrinsic security risks in large language model (LLM) agents and the lack of a systematic understanding of their potential to enhance cybersecurity. It proposes, for the first time, a synergistic mechanism that jointly advances LLM agent self-security and their empowerment of cybersecurity operations. The study introduces the first comprehensive agent-enabled framework spanning the entire cyber kill chain, integrating a threat-source taxonomy to systematically analyze internal and external attack surfaces. By synthesizing mitigation strategies, evaluation methodologies, and application techniques, this research clarifies the current state of the field, reveals bidirectional synergies between agent security and cybersecurity augmentation, and outlines a roadmap toward more reliable and intelligent agent systems.
📝 Abstract
Large language model (LLM) agents are rapidly being integrated into real-world systems. Their autonomy and tool-use capabilities generate substantial value while simultaneously expanding the security attack surface. This survey provides a comprehensive overview of the opportunities and challenges of LLM agents in security, focusing on two core areas: (1) threats to LLM agents themselves and corresponding mitigation strategies (LLM agents self-security), and (2) the role of LLM agents in empowering the cybersecurity lifecycle across offense and defense (LLM agents empowered cybersecurity). We first examine the internal and external attack surfaces of agents, propose a taxonomy organized by threat sources, and analyze associated mitigations and evaluation frameworks. We then investigate how agent capabilities are applied in cybersecurity practice and present, to our knowledge, the first agent-empowerment framework aligned with the full cyber offense-defense lifecycle. By systematically surveying these two areas, we are the first to highlight a positive feedback synergy between LLM agents self-security and empowered cybersecurity, offering new insights for the advancement of both. We further identify current limitations and outline promising directions for future research. The insights provided aim to catalyze the coordinated development of LLM agents self-security and agent empowered cybersecurity, paving the way for more capable and robust agent applications.
Problem

Research questions and friction points this paper is trying to address.

LLM agents
self-security
empowered cybersecurity
attack surface
security duality
Innovation

Methods, ideas, or system contributions that make the work stand out.

LLM agents
self-security
empowered cybersecurity
attack surface
agent-empowerment framework
Yiwei Xu
Yiwei Xu
College of Information, University of Maryland; Information School, University of Washington
social data sciencehuman-centered AIhealth informaticsinformation behaviors
Yong Zhuang
Yong Zhuang
Assistant Professor of Computer Science, Grand Valley State University
Machine LearningDeep LearningSpatio-temporal analysis
X
Xuanming Liu
School of Cyber Science and Engineering, Wuhan University, Wuhan, China
T
Tian Zhang
School of Cyber Science and Engineering, Wuhan University, Wuhan, China
B
Bowen Xiao
School of Cyber Science and Engineering, Wuhan University, Wuhan, China
Xiaoyang Xu
Xiaoyang Xu
New Jersey Institute of Technology
biomaterialsnanomedicinedrug deliverynanotechnologytissue engineering
D
Delong Jiang
School of Cyber Science and Engineering, Wuhan University, Wuhan, China
J
Juan Wang
School of Cyber Science and Engineering, Wuhan University, Wuhan, China
Hongxin Hu
Hongxin Hu
Professor of Computer Science, University at Buffalo, SUNY
SecurityPrivacyNFV/SDN/5GAIIoT