survey 2026

Human Society-Inspired Approaches to Agentic AI Security: The 4C Framework

Alsharif Abuadbba 1, Nazatul Sultan 1, Surya Nepal 1, Sanjay Jha 2

1 CSIRO's Data61

2 University of New South Wales

0 citations · 38 references · arXiv (Cornell University)
α

Published on arXiv

2602.01942

Excessive Agency

OWASP LLM Top 10 — LLM08

Prompt Injection

OWASP LLM Top 10 — LLM01

Insecure Plugin Design

OWASP LLM Top 10 — LLM07

Key Finding

The 4C Framework identifies that system-centric defenses (prompt injection, data poisoning, tool misuse) fail to capture emergent risks from autonomy and interaction, requiring a behavioral-integrity-centered approach to agentic AI security.

4C Framework

Novel technique introduced

AI is moving from domain-specific autonomy in closed, predictable settings to large-language-model-driven agents that plan and act in open, cross-organizational environments. As a result, the cybersecurity risk landscape is changing in fundamental ways. Agentic AI systems can plan, act, collaborate, and persist over time, functioning as participants in complex socio-technical ecosystems rather than as isolated software components. Although recent work has strengthened defenses against model and pipeline level vulnerabilities such as prompt injection, data poisoning, and tool misuse, these system centric approaches may fail to capture risks that arise from autonomy, interaction, and emergent behavior. This article introduces the 4C Framework for multi-agent AI security, inspired by societal governance. It organizes agentic risks across four interdependent dimensions: Core (system, infrastructure, and environmental integrity), Connection (communication, coordination, and trust), Cognition (belief, goal, and reasoning integrity), and Compliance (ethical, legal, and institutional governance). By shifting AI security from a narrow focus on system-centric protection to the broader preservation of behavioral integrity and intent, the framework complements existing AI security strategies and offers a principled foundation for building agentic AI systems that are trustworthy, governable, and aligned with human values.

Key Contributions

  • Introduces the 4C Framework organizing agentic AI security risks across Core (infrastructure integrity), Connection (inter-agent trust), Cognition (goal/reasoning integrity), and Compliance (governance) dimensions
  • Shifts AI security framing from narrow system-centric protection to broader behavioral integrity and intent preservation in multi-agent settings
  • Provides a principled, society-inspired foundation for designing trustworthy and governable agentic AI systems that complements existing pipeline-level defenses

🛡️ Threat Analysis

Details

Domains
nlp
Model Types
llm
Threat Tags
inference_time
Applications
multi-agent ai systemsllm-based autonomous agentscross-organizational ai deployments
Read PDF arXiv DOI

Similar Papers

survey

Taming OpenClaw: Security Analysis and Mitigation of Autonomous LLM Agent Threats

2026 0 cit.
100%
survey

From Thinker to Society: Security in Hierarchical Autonomy Evolution of AI Agents

2026 0 cit.
100%
survey

SoK: Trust-Authorization Mismatch in LLM Agent Interactions

2025 2 cit.
100%
survey

A Survey on Agentic Security: Applications, Threats and Defenses

2025 8 cit.
100%
survey

Systems Security Foundations for Agentic Computing

2025 3 cit.
93%
survey

Agentic AI as a Cybersecurity Attack Surface: Threats, Exploits, and Defenses in Runtime Supply Chains

2026 0 cit.
93%
survey

Securing the Model Context Protocol (MCP): Risks, Controls, and Governance

2025 10 cit.
88%
defense

Authenticated Workflows: A Systems Approach to Protecting Agentic AI

2026 0 cit.
87%