Cross-LLM Generalization of Behavioral Backdoor Detection in AI Agent Supply Chains

Authors

DOI:

https://doi.org/10.32996/jcsts.2025.7.12.45

Keywords:

AI Security, Backdoor Detection, Large Language Models, Cross-LLM Generalization, Behavioral Anomaly Detection, AI Security, Backdoor Detection, Large language Models, Cross LLM Generilization, Behavioral Anomaly Detection

Abstract

As AI agents increasingly become integral to enterprise workflows, their reliance on shared tool libraries and pre-trained components creates significant supply chain vulnerabilities. This paper presents the first systematic study of cross-LLM behavioral backdoor detection in AI agent supply chains, evaluating generalization across six production LLMs: GPT-5.1, Claude Sonnet 4.5, Grok 4.1, Llama 4 Maverick, GPT-OSS 120B, and DeepSeek Chat V3.1. Through 1,198 execution traces and 36 cross-model experiments, we identify a critical finding: single-model detectors achieve 92.7% accuracy within their training distribution but only 49.2% across different LLMs, representing a 43.4 percentage point generalization gap equivalent to random guessing. Our analysis reveals this gap stems from model-specific behavioral signatures, particularly in temporal features with coefficient of variation exceeding 0.8, while structural features remain stable across architectures. We demonstrate that a simple model-aware detection strategy, incorporating model identity as an additional feature, achieves 90.6% accuracy universally across all evaluated models. These findings establish that organizations using multiple LLMs cannot rely on single-model detectors and require unified detection strategies. We release our multi-LLM trace dataset and detection framework to enable reproducible research in this emerging area.

Author Biography

  • Arun Chowdary Sanna, Enterprise AI Architect, USA
    Arun Chowdary Sanna is an Enterprise AI Architect at Precise Software Solutions in Ashburn, Virginia, USA. He specializes in cloud architecture, DevSecOps, and AI-driven modernization for federal healthcare and regulatory agencies, including the Centers for Medicare & Medicaid Services and the Food and Drug Administration. His recent work focuses on secure deployment of large language model–based systems and AI agents in mission-critical government environments. Previously, he served as Chief Architect at VivSoft Technologies and Principal Architect supporting U.S. Department of Defense platforms.  In that role, he helped design and scale Platform One–based services that host hundreds of applications and tens of thousands of containers for DoD missions.  His DoD platforms supported Operation Allies Refuge, contributing to the coordination of large-scale evacuation efforts that assisted more than 120,000 people in a matter of days. At the Centers for Medicare & Medicaid Services, he led cloud modernization initiatives that significantly reduced Authority to Operate timelines while modernizing multi-service applications. He holds a Master’s degree in Electrical and Computer Engineering from California State University, Los Angeles. His professional interests include AI agent security, cloud-native architectures, continuous authorization, and resilient data platforms for public-sector systems.

Downloads

Published

2025-12-15

Issue

Vol. 7 No. 12

Section

Research Article

How to Cite

Sanna, A. C. (2025). Cross-LLM Generalization of Behavioral Backdoor Detection in AI Agent Supply Chains. Journal of Computer Science and Technology Studies, 7(12), 355-363. https://doi.org/10.32996/jcsts.2025.7.12.45