多智能体系统安全防护技术研究综述

doi:10.3969/j.issn.1671-1122.2025.07.012

摘要/Abstract

摘要：

文章聚焦于多智能体系统的安全防护技术，从系统面临的威胁视角展开全面且深入的探讨。首先，基于多智能体系统具备开放性、异构性、自治性、协同性、动态适应性和涌现性6个主要特性，探讨其内生安全风险。从攻击目标、攻击方式和攻击者属性3个维度，对系统的安全风险进行分类，给出相关攻击方式。其次，概述安全威胁识别方法，指出威胁建模方法的局限性。在安全防御技术方面，梳理加密与认证、入侵检测与响应、信誉管理、容错设计、安全策略与审计等领域面临的挑战和研究进展。再次，探讨大模型直接调用智能体可能引发的跨域攻击威胁，分析视觉、音频攻击手段被大模型利用后可能导致的损害，并从打断攻击链的角度分析可能的防御措施。从次，阐述安全架构的演进方向，介绍弹性安全架构和内部工作逻辑。最后，对国内外研究现状进行总结，并从理论、技术和学科融合创新方面给出后续研究建议。

关键词: 多智能体系统, 安全防护, 加密算法, 隐私防护, 跨域攻击

Abstract:

This study focused on security protection technologies for multi-agent systems, conducting a comprehensive and in-depth exploration from the perspective of threats faced by the system. Firstly, based on the six major characteristics of multi-agent systems,including openness, heterogeneity, autonomy, collaboration, dynamic adaptability, and emergence, the intrinsic security risks were discussed. The security risks were categorized from three dimensions: attack targets, attack methods, and attacker attributes, with relevant attack methods provided. Secondly, A summary of threat identification methods was given, highlighting the limitations of threat modeling approaches. In terms of security defense technologies, challenges and research progress in areas such as encryption and authentication, intrusion detection and response, reputation management, fault tolerance design, and security policies and audits were reviewed. Thirdly, The potential cross-domain attack threats caused by large models directly invoking agents were explored, analyzing the damage that visual and audio attack methods could cause when exploited by large models, and proposing possible defensive measures from the perspective of disrupting the attack chain. Finally, The evolution direction of security architecture was elaborated, introducing elastic security architecture and its internal working logic. Finally, the current research status was summarized, and suggestions for future research are provided from theoretical, technological, and interdisciplinary innovation perspectives.

Key words: multi-agent system, security protection, encryption algorithm, privacy protection, cross-domain attack

中图分类号:

TP309

汪正阳, 刘晓露, 沈卓炜, 韦梦立. 多智能体系统安全防护技术研究综述[J]. 信息网络安全, 2025, 25(7): 1138-1152.

WANG Zhengyang, LIU Xiaolu, SHEN Zhuowei, WEI Mengli. Review of Security Protection Technologies for Multi-Agent Systems[J]. Netinfo Security, 2025, 25(7): 1138-1152.

图/表 7

图1

表1

表2

表3

表4

表5

图2

参考文献 71

[1]	BALAJI P G, SRINIVASAN D. Innovations in Multi-Agent Systems and Applications-1[M]. Heidelberg: Springer, 2010.
[2]	DORRI A, KANHERE S S, JURDAK R. Multi-Agent Systems: A Survey[J]. IEEE Access, 2018, 6: 28573-28593.
[3]	BO Jianxiong, ZHAO Xu. Vehicle Edge Computing Task Offloading Strategy Based on Multi-Agent Deep Reinforcement Learning[EB/OL]. (2025-03-05) [2025-05-10]. https://link.springer.com/article/10.1007/s10723-025-09800-x#citeas.
[4]	CHEN Jie, ZHANG Zequn, WANG Liping, et al. Self-Adaptive Production Scheduling for Discrete Manufacturing Workshop Using Multi-Agent Cyber Physical System[EB/OL]. (2025-03-26) [2025-05-10]. https://www.sciencedirect.com/science/article/abs/pii/S0952197625006384.
[5]	CHENG Yuheng, ZHAO Huan, ZHOU Xiyuan, et al. A Large Language Model for Advanced Power Dispatch[EB/OL]. (2025-03-15) [2025-05-10]. https://doi.org/10.1038/s41598-025-91940-x.
[6]	SHITHARTH S, ALSHAREEF A M, KHADIDOS A O, et al. A Conjugate Self-Organizing Migration (CSOM) and Reconciliate Multi-Agent Markov Learning (RMML) Based Cyborg Intelligence Mechanism for Smart City Security[EB/OL]. [2025-05-10]. https://pubmed.ncbi.nlm.nih.gov/37735185/.
[7]	DING Lifu, YAN Gangfeng. A Survey of the Security Issues and Defense Mechanisms of Multi-Agent Systems[J]. CAM Transactions on Intelligent Systems, 2020, 15(3):425-434.
	丁俐夫, 颜钢锋. 多智能体系统安全性问题及防御机制综述[J]. 智能系统学报, 2020, 15(3):425-434.
[8]	Foundation for Intelligent Physical Agents. FIPA ACL Message Structure Specification[EB/OL]. (2002-12-03) [2025-05-10]. http://www.fipa.org/specs/fipa00061/SC00061G.html.
[9]	Foundation for Intelligent Physical Agents. FIPA Abstract Architecture Specification[EB/OL]. (2002-12-03) [2025-05-10]. http://www.fipa.org/specs/fipaoo001/SC00001L.html.
[10]	Foundation for Intelligent Physical Agents. FIPA Agent Management Specification[EB/OL]. (2004-03-18) [2025-05-10]. http://www.fipa.org/specs/fipa0023/SC00023K.html.
[11]	WU Jiangxing. Cyber Resilience System Engineering Empowered by Endogenous Security and Safety[M]. Heidelberg: Springer, 2024.
[12]	HEDIN Y, MORADIAN E. Security in Multi-Agent Systems[J]. Procedia Computer Science, 2015, 60: 1604-1612
[13]	ZHANG Dan, FENG Gang, SHI Yang, et al. Physical Safety and Cyber Security Analysis of Multi-Agent Systems: A Survey of Recent Advances[J]. IEEE/CAA Journal of Automatica Sinica, 2021, 8(2): 319-333.
[14]	JIN Zengwang, JIANG Lingyang, DING Junyi, et al. A Review of Research on Industrial Control System Security[J]. Netinfo Security, 2025, 25(3): 341-363.
	金增旺, 江令洋, 丁俊怡, 等. 工业控制系统安全研究综述[J]. 信息网络安全, 2025, 25(3):341-363.
[15]	JAIN G, SOLOMON J N R. Taxonomy of Multi-Agent Systems Attacks and their Defense Tactics in Certifying Security of Cyber Physical Systems[C]// IEEE. 2023 International Conference on Advances in Computation, Communication and Information Technology (ICAICCIT). New York: IEEE, 2023: 648-652.
[16]	LI S C, HUANG Y, TAI B C, et al. Using Data Mining Methods to Detect Simulated Intrusions on a Modbus Network[C]// IEEE. 2017 IEEE 7th International Symposium on Cloud and Service Computing (SC2). New York: IEEE, 2017: 143-148.
[17]	ZHANG Tianyu, YANG Guanghong, YE Dan. Asymmetrical Vulnerability of Heterogeneous Multi-Agent Systems under False-Data Injection Attacks[EB/OL]. (2024-10-22) [2025-05-10]. https://www.sciencedirect.com/science/article/pii/S0005109824004412.
[18]	ROCHER L, TOURNIER A J, YA D M. Adversarial Competition and Collusion in Algorithmic Markets[J]. Nat Mach Intell, 2023, 5: 497-504.
[19]	MATT T, BHARANIDHARAN S, SAMI A, et al. A Review of Threat Modelling Approaches for APT-Style Attacks[EB/OL]. (2021-01-16) [2025-05-10]. https://www.sciencedirect.com/science/article/pii/S2405844021000748.
[20]	SHAYMAA M K, HAYRETDIN B, TARMO K. Threat Modeling of Industrial Control Systems: A Systematic Literature Review[EB/OL]. (2023-10-27) [2025-05-10]. https://www.sciencedirect.com/science/article/pii/S0167404823004534.
[21]	KANYAMEE K, SATHITWIRIYAWONG C. High-Availability Decentralized Multi-Agent Key Recovery System[C]// IEEE. 2009 Eighth IEEE/ACIS International Conference on Computer and Information Science. New York: IEEE, 2009: 290-294.
[22]	MANI A K, ADEDAYO O M. Dynamic Calculation of Password Salts for Improved Resilience Towards Password Cracking Algorithms[C]// IEEE. 12th International Symposium on Digital Forensics and Security (ISDFS). New York: IEEE, 2024: 1-6.
[23]	BACHTIAR M M, DITANAYA T H, WASISTA S, et al. Security Enhancement of AES Based Encryption Using Dynamic Salt Algorithm[C]// ICAE. 2018 International Conference on Applied Engineering (ICAE). Amsterdam: Elsevier, 2018: 1-6.
[24]	YE Qing, HE Junfei, YANG Zhichao. Research Progress in Lattice-Based Public-Key Encryption with Keyword Search[J]. Netinfo Security, 2024, 24(6): 903-916.
	叶清, 何俊霏, 杨智超. 基于格的可搜索公钥加密研究进展[J]. 信息网络安全, 2024, 24(6):903-916.
[25]	HASAN H, SALAH T, SHEHADA D, et al. Secure Lightweight ECC-Based Protocol for Multi-Agent IoT Systems[C]// IEEE. The 13th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob). New York: IEEE, 2017: 1-8.
[26]	YAN Yamin, CHEN Zhiyong, VARADHARAJAN V. Consensus of Networked Control Multi-Agent Systems Using a Double-Layer Encryption Scheme[J]. Journal of Automation and Intelligence, 2023(2): 218-226.
[27]	VARMA R, MELVILLE C, PINELLO C, et al. Post Quantum Secure Command and Control of Mobile Agents Inserting Quantum-Resistant Encryption Schemes in the Secure Robot Operating System[C]// IEEE. 2020 Fourth IEEE International Conference on Robotic Computing (IRC). New York: IEEE, 2020: 33-40.
[28]	ZHANG Jian, LI Lei, LIU Weidong, et al. Multi-Subject Information Interaction and One-Way Hash Chain Authentication Method for V2G Application in Internet of Vehicles[C]// IFIP. 2022 4th International Conference on Intelligent Information Processing (IIP). Heidelberg: Springer, 2022: 134-137.
[29]	LAU C H, YAN Fan, CHAN S. Effectiveness of Authentication Schemes in the Internet of Things Networks with Different Structural Topologies[C]// ACM. 2023 International Wireless Communications and Mobile Computing (IWCMC). New York: ACM, 2023: 1118-1123.
[30]	NABIL T C, OMAR A O, HASSAN E G, et al. Secured Storage of Smart Grid Events: Blockchain Based on Multi Agents Markov Decision Processes[C]// IEEE. 2024 11th International Conference on Wireless Networks and Mobile Communications (WINCOM). New York: IEEE, 2024: 1-7.
[31]	KAMALAKANTA S Y. VENU M, RAHUL K, et al. Attention Based Multi-Agent Intrusion Detection Systems Using Reinforcement Learning[EB/OL]. (2021-07-01) [2025-05-10]. https://www.sciencedirect.com/science/article/abs/pii/S2214212621001411.
[32]	SREEKANTH V, KAMALAKANTA S, DINESH M, et al. Federated Reinforcement Learning Based Intrusion Detection System Using Dynamic Attention Mechanism[EB/OL]. (2023-09-19) [2025-05-10]. https://www.sciencedirect.com/science/article/abs/pii/S2214212623001928.
[33]	ZHANG Chen, LIAN Zhuotao, HUANG Huakun, et al. PCIDS: Permission and Credibility-Based Intrusion Detection System in IoT Gateways[J]. IEEE Internet of Things Journal, 2024, 11(1): 904-913.
[34]	USAMA A, MOHAMMAD N, AMNA S, et al. Signature-Based Intrusion Detection Using Machine Learning and Deep Learning Approaches Empowered with Fuzzy Clustering[EB/OL]. (2025-01-11) [2025-05-10]. https://www.nature.com/articles/s41598-025-85866-7.
[35]	WANG Jing. Multi Agent System Based Smart Grid Anomaly Detection Using Blockchain Machine Learning model in Mobile Edge Computing Network[EB/OL]. (2024-11-23) [2025-05-10]. https://www.sciencedirect.com/science/article/pii/S0045790624007523.
[36]	CHENG Fabin, LIANG Hongjing, NIU Ben, et al. Adaptive Neural Self-Triggered Bipartite Secure Control for Nonlinear MASs Subject to DoS Attacks[J]. Information Sciences, 2023(631): 256-270.
[37]	LI Hui, WU Wei, TONG Shaocheng. Adaptive Fuzzy Output-Feedback Secure Consensus Fault-Tolerant Control of Nonlinear Multi-Agent Systems Under DoS Attacks[EB/OL]. (2024-11-20) [2025-05-10]. https://link.springer.com/article/10.1007/s40815-024-01898-7.
[38]	HU Xiaoyan, LI Yuanxin, TONG Shaocheng. Event-Triggered Secure Control of Nonlinear Multi-Agent Systems Under Sensor Attacks[J]. Journal of the Franklin Institute, 2023(360): 9468-9489.
[39]	FAN Na, GAO Yuxin, LI Jialong, et al. Multi-Attack Identification and Mitigation Mechanism Based on Multi-Agent Collaboration in Vehicular Named Data Networking[EB/OL]. (2025-03-25) [2025-05-10]. https://www.sciencedirect.com/science/article/abs/pii/S138912862500194X.
[40]	HUO Shicheng, WU Hao, WU Tiejun, et al. Secure Output Containment of Heterogeneous Multi-Agent Systems against Hybrid Attacks[J]. ISA Transactions, 2024(148): 191-200.
[41]	CAVALCANTE R C, BITTENCOURT I I, SILVA A P D, et al. A Survey of Security in Multi-Agent Systems[J]. Expert Systems with Applications, 2012, 39: 4835-4846.
[42]	ZHENG Min, WANG Hong, LIU Hong, et al. Survey on Consensus Algorithms of Blockchain[J]. Netinfo Security, 2019, 19(7): 8-24.
	郑敏, 王虹, 刘洪, 等. 区块链共识算法研究综述[J]. 信息网络安全, 2019, 19(7):8-24.
[43]	BENNACEUR J, ZOUAGHI W, MABROUK A. Multi-Dimensional Trust Model: Towards Multi-Layered Secure Architecture for Enhanced Threat Information Sharing[EB/OL]. (2024-10-17) [2025-05-10]. https://doi.org/10.1007/s11518-024-5631-y.
[44]	ANAMIKA S, RAJESH K D, ANUPAM K S. Personalized Device Authentication Scheme Using Q-Learning-Based Decision-Making with the Aid of Transfer Fuzzy Learning for IIoT Devices in Zero Trust Network (PDA-QLTFL)[EB/OL]. (2024-07-17) [2025-05-10]. https://www.sciencedirect.com/science/article/abs/pii/S004579062400363X.
[45]	WEI Feng, CHEN Zhao, WANG Yin, et al. Security Risk Assessment System for Power Monitoring Systems Based on Zero Trust Architecture[C]// IEEE. 2024 4th International Conference on Computer Science, Electronic Information Engineering and Intelligent Control Technology (CEI). New York: IEEE, 2024: 215-218.
[46]	MRABET K, BOUANANI F E, BEN-AZZA H. Generalized Secure and Dynamic Decentralized Reputation System with a Dishonest Majority[J]. IEEE Access, 2023, 11: 9368-9388.
[47]	AL-SHAMAILEH M, ANTHONY P, CHARTERS S. Trust and Reputation Management in IoT Using Multi-Agent System Approach[C]// Springer. PRICAI 2023:Trends in Artificial Intelligence. Heidelberg: Springer, 2023: 480-485.
[48]	KHANDAIT A U, PATTANSHETTI T R. Lightweight Authentication System Based on Zero Knowledge Proof for IoT Devices[C]// IEEE. 2024 Global Conference on Communications and Information Technologies (GCCIT). New York: IEEE, 2024: 1-5.
[49]	AKRAM J, ANAISSI A. DDRM: Distributed Drone Reputation Management for Trust and Reliability in Crowdsourced Drone Services[C]// IEEE. 2024 IEEE International Conference on Web Services (ICWS). New York: IEEE, 2024: 921-931.
[50]	KE Changbo, XIAO Fu, CAO Yan, et al. A Group-Vehicles Oriented Reputation Assessment Scheme for Edge VANETs[J]. IEEE Transactions on Cloud Computing, 2024(12): 859-875.
[51]	FORTINO G, MESSINA F, ROSACI D, et al. A Trust-Based Team Formation Framework for Mobile Intelligence in Smart Factories[J]. IEEE Transactions on Industrial Informatics, 2020(16): 6133-6142.
[52]	MUSHTAQ S U, SHEIKH S, IDREES S M, et al. In-Depth Analysis of Fault Tolerant Approaches Integrated with Load Balancing and Task Scheduling[J]. Peer-to-Peer Networking and Applications, 2024, 17: 4303-4337.
[53]	SUN Huihui, JIANG Hui, ZHANG Long, et al. Multi-Robot Hierarchical Safe Reinforcement Learning Autonomous Decision-Making Strategy Based on Uniformly Ultimate Boundedness Constraints[EB/OL]. (2025-02-18) [2025-05-10]. https://www.nature.com/articles/s41598-025-89285-6.
[54]	SUN Qinghan, MA Huan, ZHAO Tian, et al. Break down the Decentralization-Security-Privacy Trilemma in Management of Distributed Energy Systems[EB/OL]. (2024-05-27) [2025-05-10]. https://www.nature.com/articles/s41467-024-48860-7#citeas.
[55]	YUAN Chengzhi, ZENG Wei, DAI Shilu. Distributed Model Reference Adaptive Containment Control of Heterogeneous Uncertain Multi-Agent Systems[J]. ISA Transactions, 2019, 86: 73-86. doi: S0019-0578(18)30429-4 pmid: 30502121
[56]	LIU Jinliang, ZHENG Hao, ZHA Lijuan, et al. Secure Consensus for Multiagent Systems with Hybrid Cyber Attacks: A Multi-Round-Robin Protocol-Based Approach[EB/OL]. (2024-06-10) [2025-05-10]. https://www.sciencedirect.com/science/article/abs/pii/S0020025524007928.
[57]	LI Wenyu, SADER M, ZHU Zhibin, et al. Event-Triggered Fault-Tolerant Secure Containment Control of Multi-Agent Systems through Impulsive Scheme[J]. Information Sciences, 2023(622): 1128-1140.
[58]	YANG Zonglin, LING Guang, GE Mingfeng. Secure Impulsive Tracking of Multi-Agent Systems with Directed Hypergraphtopologies against Hybrid Deception Attacks[EB/OL]. (2024-09-09) [2025-05-10]. https://www.sciencedirect.com/science/article/abs/pii/S0893608024006154.
[59]	PANG Kai, MA Lifeng, BAI Hongyang, et al. Probability-Guaranteed Secure Consensus Control for Time-Varying Stochastic Multi-Agent Systems under Mixed Attacks[J]. Journal of the Franklin Institute, 2022(359): 2541-2564.
[60]	MURCIA J M B, CÁNOVAS E, GARCÍA-RODRÍGUEZ J, et al. Decentralised Identity Management Solution for Zero-Trust Multi-Domain Computing Continuum Frameworks[EB/OL]. (2024-08-09) [2025-05-10]. https://www.sciencedirect.com/science/article/pii/S0167739X2400429.
[61]	LIU Cong. Application of Security Algorithm in Audit Data Asset Valuation Based on Distributed Machine Learning[EB/OL]. (2023-05-18) [2025-05-10]. https://link.springer.com/article/10.1007/s11277-023-10497-y#citeas.
[62]	HOSSAIN M Z, IMTEAJ A. Securing Vision-Language Models with a Robust Encoder Against Jailbreak and Adversarial Attacks[C]// IEEE. 2024 IEEE International Conference on Big Data (BigData). New York: IEEE, 2024: 6250-6259.
[63]	ZHANG Yingying, JIANG Zhengdan, CHENG Xingkai, et al. A Method of SQL Injection Attack Detection Based on Large Language Models[C]// IEEE. 2024 2nd International Conference on Computer Network Technology and Electronic and Information Engineering (CNTEIE). New York: IEEE, 2024: 154-158.
[64]	LIANG Jingguo, YI Ru, CHEN Jicheng, et al. Securing Autonomous Vehicles Visual Perception: Adversarial Patch Attack and Defense Schemes with Experimental Validations[EB/OL]. (2024-05-21) [2025-05-10]. https://ieeexplore.ieee.org/document/10535728.
[65]	LU Yantao, REN Haining, CHAI Weiheng, et al. Time-Aware and Task-Transferable Adversarial Attack for Perception of Autonomous Vehicles[J]. Pattern Recognition Letters, 2024(178): 145-152.
[66]	LIU Tiantian, LIN Feng, WANG Zhangsen, et al. MagBackdoor: Beware of Your Loudspeaker as a Backdoor For Magnetic Injection Attacks[C]// IEEE. 2023 IEEE Symposium on Security and Privacy (SP). New York: IEEE, 2023: 3416-3431.
[67]	CHENG Peng, WANG Yuwei, HUANG Peng, et al. ALIF: Low-Cost Adversarial Audio Attacks on Black-Box Speech Platforms Using Linguistic Features[C]// IEEE. 2024 IEEE Symposium on Security and Privacy (SP). New York: IEEE, 2024: 1628-1645.
[68]	WOOLDRIDGE M, JENNINGS N R. Intelligent Agents: Theory and Practice[J]. The Knowledge Engineering Review, 1995, 10(2): 115-152.
[69]	SCHMIDT S, STEELE R, DILLON T S, et al. Fuzzy Trust Evaluation and Credibility Development in Multi-Agent Systems[J]. Applied Soft Computing, 2007(7): 492-505.
[70]	CHRISTIDIS K, DEVETSIKIOTIS M. Blockchains and Smart Contracts for the Internet of Things[J]. IEEE Access, 2016(4): 2292-2303.
[71]	PAPADOPOULOS G T, ANTONA M, STEPHANIDIS C. Towards Open and Expandable Cognitive AI Architectures for Large-Scale Multi-Agent Human-Robot Collaborative Learning[J]. IEEE Access, 2021(9): 73890-73909.

分类维度	威胁类型	典型示例
攻击目标	针对智能体本体的攻击^[12]	节点劫持、恶意指令注入^[17]、资源耗尽攻击
	针对通信链路的攻击^[12]	窃听、中间人攻击（MITM）、拒绝服务（DoS）攻击、破坏攻击、事件触发攻击、复合攻击、用户攻击
	针对系统协调机制的攻击^[12]	共识攻击（拜占庭攻击、女巫攻击）、信誉系统操纵、共谋攻击^[18]
攻击方式	主动攻击	伪造信息、拒绝服务、消息注入、知识注入等
攻击方式	被动攻击	流量分析、信息收集
攻击者的属性	内部攻击	恶意智能体、叛变节点、滥用权限
攻击者的属性	外部攻击	网络入侵、物理破坏

威胁类型	MAS典型表现	应对措施
欺骗（Spoofing）	身份伪造（如篡改ACL sender字段）	强身份认证（去中心化身份认证（DID）+零知识证明）
篡改（Tampering）	消息内容/路由篡改	端到端加密+区块链存证
否定（Repudiation）	否认已发送消息	不可抵赖签名（如XMSS）
信息披露（Info Disclosure）	敏感数据泄露	同态加密+ABE（属性基加密）访问控制
拒绝服务（DoS）攻击	针对资源的泛洪攻击	速率限制+信誉机制
权限提升（Elevation）	权限提升（如滥用ontology参数）	最小权限原则+动态ABAC

文献	密码类型	加密类型	密钥机制	数学基础 /核心技术	优势	局限性	适用场景
文献[21,22]	DES-56	对称加密	共享密钥（静态单一密钥）	Feistel结构，56位密钥	运算复杂度低，速度快	密钥短易被暴力破解，安全性弱	传统低安全需求场景
文献[23]	AES-256	对称加密	共享密钥（静态单一密钥）	SPN结构，256位密钥	抗暴力破解能力强，标准化程度高	密钥管理压力大	物联网、边缘计算
文献[25,26]	RSA	非对称加密	公钥/私钥分离	大整数分解难题	安全性高，支持数字签名	计算开销大，密钥长度长	传统互联网、数字证书
文献[25]	ECC	非对称加密	公钥/私钥分离	椭圆曲线离散对数问题	同等安全下密钥更短，效率高	实现复杂，量子攻击威胁	物联网、移动设备
文献[24,27]	NTRU/Ring -LWE	非对称加密	公钥/私钥分离	格理论难题	抗量子攻击，轻量化	性能损耗需优化	量子威胁场景、机器人系统
文献[26]	Paillier	同态加密	公钥/私钥分离	复合剩余类问题	支持加法同态运算	计算密集，适用场景受限	隐私计算、多方协作
文献[23]	动态盐法+OTP	混合加密	动态盐值生成	LCG算法+一次性密码本	抗彩虹表攻击，随机性高	盐值同步要求严格	高动态安全需求场景
文献[21]	门限密码学	分布式加密	分片密钥管理	秘密共享协议	防单点泄露，容错性高	分片重组复杂度高	多智能体系统、去中心化网络
文献[27]	抗量子协同加密	后量子加密	分层封装机制	格理论+门限分片	抗量子攻击，支持分布式协作	实现复杂度高	量子计算环境、多智能体集群

文献	研究方向	创新点
文献[46,49]	抗操纵信誉系统	BFT共识结合令牌经济模型
文献[44,50]	动态信任评估	迁移学习与边缘计算优化
文献[45]	零信任实时监测	KD-tree快速定位与区块链审计
文献[47,48]	轻量级分布式架构	多智能体分层管理与ZKP认证
文献[51]	复杂场景信任管理	AGV信任建模与自组织团队形成

文献	稳定性理论	优化方法	决策过程
文献[53]	一致最终有界性（Uniformly Ultimate Bounded，UUB）	Lagrange乘子法、Lyapunov安全成本网络	约束马尔可夫决策过程
文献[54]	拜占庭容错共识 +可信执行环境（硬件隔离	加密优化模型，交替方向乘子法	分层迭代框架 + 计算结果链上验证 + 经济激励与认证机制
文献[55]	Lyapunov稳定性理论，Barbalat引理，凸包收敛性理论	LMI优化，鲁棒自适应优化	分层决策架构，信息受限下的决策策略，性能-鲁棒性权衡
文献[56]	均方有界共识	多轮询协议（Multiple Rapid Ring Protocol，MRRP）	集成概率攻击模型和边界约束，通过分布式观测器-控制器实现鲁棒决策
文献[57]	二次型Lyapunov函数，触发函数包含时间补偿项，避免Zeno行为	事件触发机制减少通信负担，冲动控制最小化能量消耗	感知邻居状态 → 计算触发函数 → 若触发，则施加冲动控制 → 动态补偿故障和攻击
文献[58]	均方有界稳定性的Lyapunov框架	基于LMI的鲁棒控制设计	决策过程分为攻击响应层和脉冲控制层
文献[59]	概率有界的椭球集稳定性理论	基于LMI的椭球区域极小化与扰动抑制优化	混合攻击建模（FDIAs + 重放攻击）与输出反馈容错控制