pith. sign in

arxiv: 2604.06856 · v1 · submitted 2026-04-08 · 💻 cs.NI

Enhancing Secure Intent-Based Networking with an Agentic AI: The EU Project MARE Approach

Iulisloi Zacarias , Marla Grunewald , Fin Gentzen , Xavi Masip-Bruin , Admela Jukan This is my paper

Pith reviewed 2026-05-10 17:55 UTC · model grok-4.3

classification 💻 cs.NI
keywords intent-based networkingagentic AIlarge language modelsnetwork securitymulti-agent systemsmulti-domain networksintent processing
0
0 comments X

The pith

A hierarchical multi-agent architecture uses large language models to translate high-level network intents into secure low-level actions across multiple vendors and domains.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper tries to establish that intent-based networking becomes more secure and usable when paired with an agentic AI system that manages the translation from operator goals to concrete configurations. A reader would care because it lets network operators state what they want rather than specifying every detail while still handling security in environments with many different vendors and domains. The authors lay out requirements for such a system and describe a layered structure that processes intents interactively and draws on external security information. They position the design as one that can extend past the immediate security focus to wider future network setups.

Core claim

The central claim is that a hierarchical multi-agent and multi-vendor architecture for intent-based systems, built with an interactive intent-processing pipeline that relies on large language models and links to external security knowledge bases, meets the architectural and security needs for reliable operation in multi-domain settings.

What carries the argument

The hierarchical multi-agent architecture with its interactive intent-processing pipeline using large language models and external security knowledge connections.

If this is right

  • The architecture supports secure intent handling across multiple domains and vendors.
  • It allows the intent-based system to draw on external security information during processing.
  • The same structure can be used in broader network designs such as 6G.
  • Operators can shift attention to desired outcomes instead of implementation details.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • Such a system could lower the chance of configuration mistakes that arise from manual low-level commands.
  • Real-time threat response might improve if the agents continuously consult up-to-date security resources.
  • Deployment in live networks would need separate checks for how the language model stage handles edge cases like conflicting intents.

Load-bearing premise

Large language models and agentic AI can reliably turn high-level intents into correct and secure low-level actions in multi-vendor, multi-domain networks without adding new vulnerabilities.

What would settle it

Running the system on a test network with mixed vendor equipment and an ambiguous high-level intent, then checking whether the resulting actions match security standards and produce the intended behavior without errors or breaches.

Figures

Figures reproduced from arXiv: 2604.06856 by Admela Jukan, Fin Gentzen, Iulisloi Zacarias, Marla Grunewald, Xavi Masip-Bruin.

Figure 1
Figure 1. Figure 1: High-level representation of a multi-agent intent-based security framework and its connection with the infrastructure and external data repositories, [PITH_FULL_IMAGE:figures/full_fig_p005_1.png] view at source ↗
Figure 2
Figure 2. Figure 2: Intent pipeline processing, carried out by the Orchestrator Agent. [PITH_FULL_IMAGE:figures/full_fig_p006_2.png] view at source ↗
Figure 3
Figure 3. Figure 3: Success rate of intent execution with the proposed architecture [PITH_FULL_IMAGE:figures/full_fig_p007_3.png] view at source ↗
read the original abstract

In the EU project MARE, a novel plane was proposed and used in combination with intent-based networking (IBN), allowing the operator to focus on what, rather than on how. Recently, LLMs have been successfully employed to translate the high-level intents into low-level actions. The open challenge is to understand how IBN can be effectively enhanced with LLM and the emerging agentic AI for security purposes. Enhancing IBN with an agentic AI paradigm introduces significant challenges that existing solutions do not fully address. This paper proposes an enhanced IBN framework with a strong security focus toward agentic AI. We address the architectural and security requirements for a multi-agent intent-based system (IBS) architecture, including a multi-domain IBN. We propose a hierarchical multi-agent and multi-vendor architecture that can also be applied more broadly in 6G architectures and beyond, beyond the security architecture proposed in MARE. The architecture incorporates an interactive intent-processing pipeline using LLMs, and it also allows the IBS to connect to external security knowledge bases, such as MITRE ATT\&CK, MITRE FiGHT, and NIST.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

3 major / 2 minor

Summary. The paper proposes a hierarchical multi-agent, multi-vendor architecture for secure intent-based networking (IBN) as part of the EU MARE project. It incorporates an interactive LLM-based intent-processing pipeline and connections to external security knowledge bases (MITRE ATT&CK, MITRE FiGHT, NIST) to address challenges in translating high-level intents to low-level actions, claiming broader applicability to 6G and beyond.

Significance. If validated through analysis or implementation, the proposal could advance secure IBN by grounding LLM-driven intent translation in established security frameworks, offering a structured approach for multi-domain environments. The multi-agent hierarchy and external KB integration represent a concrete architectural direction worth exploring for 6G security.

major comments (3)
  1. [Abstract] Abstract and architecture description: The central claim that the architecture 'enhances' IBN security with agentic AI rests on an untested assumption that LLM integration plus KB lookup inherently prevents vulnerabilities such as prompt injection, hallucination-induced misconfigurations, or cross-domain policy conflicts; no threat model, formal security requirements analysis, or validation mechanism is provided to support this.
  2. [architecture description] Proposed multi-agent IBS architecture: No agent interaction protocols, pseudocode, or sandboxing details are given for how LLM outputs are validated or enforced before low-level actions in multi-vendor settings, leaving the 'interactive intent-processing pipeline' as a high-level sketch without load-bearing mechanisms.
  3. [concluding remarks] Broader 6G applicability claim: The statement that the architecture 'can also be applied more broadly in 6G architectures and beyond' is asserted without any specific adaptations, requirements mapping, or analysis of 6G-specific constraints such as ultra-low latency or massive device scale.
minor comments (2)
  1. [Abstract] The abstract would benefit from a clearer statement of how the proposed IBS differs from prior IBN+LLM works in terms of security mechanisms.
  2. [architecture description] Notation for the hierarchical multi-agent structure (e.g., agent roles and hierarchy levels) should be defined explicitly with a diagram or table for readability.

Simulated Author's Rebuttal

3 responses · 0 unresolved

We thank the referee for the constructive and detailed comments. We address each major point below and will revise the manuscript to strengthen the presentation of our proposed architecture while remaining faithful to its conceptual scope as part of the MARE project.

read point-by-point responses

  1. Referee: [Abstract] Abstract and architecture description: The central claim that the architecture 'enhances' IBN security with agentic AI rests on an untested assumption that LLM integration plus KB lookup inherently prevents vulnerabilities such as prompt injection, hallucination-induced misconfigurations, or cross-domain policy conflicts; no threat model, formal security requirements analysis, or validation mechanism is provided to support this.

    Authors: We agree that the current manuscript is a high-level architectural proposal and does not contain a formal threat model, quantitative validation, or exhaustive security requirements analysis. The enhancement claim is grounded in the design choice to link the LLM-based pipeline to established security knowledge bases (MITRE ATT&CK, MITRE FiGHT, NIST) and a hierarchical multi-agent structure intended to provide checks against misconfigurations. In the revised version we will add a new subsection on security considerations that outlines a preliminary threat model addressing prompt injection, hallucination risks, and cross-domain conflicts, together with the mitigation strategies the architecture proposes at the design level. revision: yes

  2. Referee: [architecture description] Proposed multi-agent IBS architecture: No agent interaction protocols, pseudocode, or sandboxing details are given for how LLM outputs are validated or enforced before low-level actions in multi-vendor settings, leaving the 'interactive intent-processing pipeline' as a high-level sketch without load-bearing mechanisms.

    Authors: The architecture section intentionally focuses on the overall hierarchy, multi-domain aspects, and integration points rather than implementation specifics. We acknowledge that concrete protocols and validation mechanisms are not detailed. In the revision we will expand this section with high-level interaction protocols, pseudocode sketches for the intent-processing pipeline, and discussion of sandboxing and enforcement approaches suitable for multi-vendor environments, drawing on established multi-agent system patterns. revision: yes

  3. Referee: [concluding remarks] Broader 6G applicability claim: The statement that the architecture 'can also be applied more broadly in 6G architectures and beyond' is asserted without any specific adaptations, requirements mapping, or analysis of 6G-specific constraints such as ultra-low latency or massive device scale.

    Authors: The statement reflects the authors' view that the core hierarchical and KB-linked design is not limited to the MARE context. We accept that no explicit mapping or constraint analysis is provided. In the revised manuscript we will add a concise discussion in the concluding section that maps the architecture to selected 6G requirements (latency tolerance via hierarchical delegation, scalability via multi-agent distribution) while clearly indicating that detailed quantitative analysis lies beyond the scope of this conceptual paper. revision: partial

Circularity Check

0 steps flagged

No circularity: high-level architecture proposal with no derivations, fits, or self-referential reductions

full rationale

The manuscript is a conceptual proposal for a hierarchical multi-agent IBS architecture that integrates LLMs and external security databases. It contains no equations, no parameter fitting, no predictions of derived quantities, and no load-bearing self-citations that reduce the central claim to prior author results by construction. References to the MARE project and MITRE/NIST bases are external and do not create definitional loops or force the architecture via ansatz smuggling. The derivation chain is therefore self-contained as a design description rather than a tautological reduction of inputs.

Axiom & Free-Parameter Ledger

0 free parameters · 2 axioms · 1 invented entities

The proposal rests on domain assumptions about LLM reliability and the value of external security databases, with one invented architectural entity and no free parameters or mathematical fitting.

axioms (2)
  • domain assumption LLMs can accurately and securely translate high-level network intents into low-level actions
    Invoked in the description of the interactive intent-processing pipeline.
  • domain assumption Integration with external knowledge bases such as MITRE ATT&CK will improve security outcomes without introducing integration risks
    Used to justify the connection to security databases in the architecture.
invented entities (1)
  • Hierarchical multi-agent multi-vendor IBS architecture no independent evidence
    purpose: To enable secure intent translation and management across domains and vendors
    Newly proposed structure presented as an enhancement beyond the MARE project security architecture.

pith-pipeline@v0.9.0 · 5518 in / 1325 out tokens · 32791 ms · 2026-05-10T17:55:15.571431+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Reference graph

Works this paper leans on

27 extracted references · 27 canonical work pages

  1. [1]

    Intent-Based Networking - Concepts and Definitions,

    A. Clemm, L. Ciavaglia, L. Z. Granville, and J. Tantsura, “Intent-Based Networking - Concepts and Definitions,” RFC 9315, Oct. 2022

    work page 2022

  2. [2]

    Emergence: An intent fulfillment system,

    K. Dzeparoska, A. Tizghadam, and A. Leon-Garcia, “Emergence: An intent fulfillment system,”IEEE Comm. Magazine, vol. 62, no. 6, pp. 36–41, 2024

    work page 2024

  3. [3]

    An Intent Translation Framework for Internet of Things,

    M. Gu and J. P. Jeong, “An Intent Translation Framework for Internet of Things,” Internet Engineering Task Force, Internet-Draft draft-gu-nmrg- intent-translator-02, Oct. 2025, Work in Progress

    work page 2025

  4. [4]

    A survey on intent-based networking,

    A. Leivadeas and M. Falkner, “A survey on intent-based networking,” IEEE Comm. Surveys & Tutorials, vol. 25, no. 1, pp. 625–655, 2022

    work page 2022

  5. [5]

    Security in intent-based networking: Challenges and solutions,

    I. Ahmad, J. Malinen, F. Christou, P. Porambage, A. Kirstädter, and J. Suomalainen, “Security in intent-based networking: Challenges and solutions,” inIEEE Conf. on Standards for Comm. and Networking (CSCN), 2023, pp. 296–301

    work page 2023

  6. [6]

    An integrated security service system for 5G networks using an I2NSF framework,

    Y . Ahn, J. Jeong, and Y . Kim, “An integrated security service system for 5G networks using an I2NSF framework,” IETF Internet-Draft, Work in Progress draft-ahn-opsawg-5g-security-i2nsf-framework-00, July 2025

    work page 2025

  7. [7]

    Intent-based network configuration using large language models,

    N. Tu, S. Nam, and J. W.-K. Hong, “Intent-based network configuration using large language models,”Int. Jour. of Network Management, vol. 35, no. 1, p. e2313, 2025

    work page 2025

  8. [8]

    Toward edge general intelligence with agentic ai and agentification: Concepts, technologies, and future directions,

    R. Zhang, G. Liu, Y . Liu, C. Zhao, J. Wang, Y . Xu, D. Niyato, J. Kang, Y . Li, S. Mao, S. Sun, X. Shen, and D. I. Kim, “Toward edge general intelligence with agentic ai and agentification: Concepts, technologies, and future directions,”IEEE Comm. Surveys & Tutorials, vol. 28, pp. 4285–4318, 2026

    work page 2026

  9. [9]

    Service assurance for intent-based networking architecture,

    B. Claise, J. Quilbeuf, D. Lopez, D. V oyer, and T. Arumugam, “Service assurance for intent-based networking architecture,” Internet Engineering Task Force (IETF), RFC 9417, July 2023, informational RFC

    work page 2023

  10. [10]

    Mitigating DDoS attacks using SDN-based network security measures,

    S. E. Vadakkethil Somanathan Pillai and K. Polimetla, “Mitigating DDoS attacks using SDN-based network security measures,” inInt. Conf. on Integrated Circuits and Comm. Systems (ICICACS), 2024, pp. 1–7

    work page 2024

  11. [11]

    A deterministic approach for extracting network security intents,

    R. H. Ribeiro, A. S. Jacobs, L. Zembruzki, R. Parizotto, E. J. Scheid, A. E. Schaeffer-Filho, L. Z. Granville, and B. Stiller, “A deterministic approach for extracting network security intents,”Computer Networks, vol. 214, p. 109109, 2022

    work page 2022

  12. [12]

    Agile- 6g: Agentic ai for autonomous management of 6g network/application services,

    A. Antonopoulos, E. Kartsakli, N. Bartzoudis, D. Brodimas, D. Vukobra- tovic, D. Tsolkas, F. Diego, G. Roumelas, and L. Tomaszewski, “Agile- 6g: Agentic ai for autonomous management of 6g network/application services,”IEEE Network, pp. 1–9, 2025

    work page 2025

  13. [13]

    A-core: A novel framework of agentic ai in the 6g core network,

    W. Tong, W. Huo, T. Lejkin, J. Penhoat, C. Peng, C. Pereira, F. Wang, S. Wu, L. Yang, and Y . Shi, “A-core: A novel framework of agentic ai in the 6g core network,” inIEEE Int. Conf. on Comm. Workshops (ICC Workshops), 2025, pp. 1104–1109

    work page 2025

  14. [14]

    Toward agentic ai networking in 6g: A generative foundation model-as-agent approach,

    Y . Xiao, G. Shi, and P. Zhang, “Toward agentic ai networking in 6g: A generative foundation model-as-agent approach,”IEEE Comm. Magazine, vol. 63, no. 9, pp. 68–69, 2025

    work page 2025

  15. [15]

    AGORAN: An agentic open marketplace for 6G RAN automation,

    I. Chatzistefanidis, N. Nikaein, A. Leone, A. Maatouk, L. Tassiulas, R. Morabito, I. Pitsiorlas, and M. Kountouris, “AGORAN: An agentic open marketplace for 6G RAN automation,”Computer Networks, vol. 275, p. 111927, 2026

    work page 2026

  16. [16]

    Intent-based infrastructure and service orchestration using agentic-ai,

    D. Brodimas, A. Birbas, D. Kapolos, and S. Denazis, “Intent-based infrastructure and service orchestration using agentic-ai,”IEEE Open Journal of the Comm. Society, vol. 6, p. 7150 – 7168, 2025

    work page 2025

  17. [17]

    Maestro: Llm-driven collaborative automation of intent-based 6g networks,

    I. Chatzistefanidis, A. Leone, and N. Nikaein, “Maestro: Llm-driven collaborative automation of intent-based 6g networks,”IEEE Networking Letters, vol. 6, no. 4, p. 227 – 231, 2024

    work page 2024

  18. [18]

    Dmo-gpt: An intent- driven framework for distributed 6g management and orchestration,

    A. Mekrache, A. Ksentini, and C. Verikoukis, “Dmo-gpt: An intent- driven framework for distributed 6g management and orchestration,” IEEE Comm. Magazine, vol. 64, no. 1, p. 48 – 54, 2026

    work page 2026

  19. [19]

    Next-generation 6G network management with OSS-GPT,

    ——, “Next-generation 6G network management with OSS-GPT,” 2025, p. 158 – 160

    work page 2025

  20. [20]

    Intent-driven network management with multi-agent LLMs: The confucius framework,

    Z. Wang, S. Lin, G. Yan, S. Ghorbani, M. Yu, J. Zhou, N. Hu, L. Baruah, S. Peters, S. Kamath, J. Yang, and Y . Zhang, “Intent-driven network management with multi-agent LLMs: The confucius framework,” in Proc. of the ACM SIGCOMM, ser. SIGCOMM ’25. Association for Computing Machinery, 2025, p. 347–362

    work page 2025

  21. [21]

    Edair: An efficient distributed ai agent architecture for multi-domain intent resolution,

    P. Martinez-Julia, V . P. Kafle, and H. Asaeda, “Edair: An efficient distributed ai agent architecture for multi-domain intent resolution,” inNOMS 2025-2025 IEEE Network Operations and Management Symposium, 2025, pp. 1–7

    work page 2025

  22. [22]

    Arm: Autonomous remediation & management with llm agents for intent- driven control,

    V . Avgerinos, K. Ramantas, L. Alonso, and C. Verikoukis, “Arm: Autonomous remediation & management with llm agents for intent- driven control,”IEEE Internet of Things Journal, 2025

    work page 2025

  23. [23]

    A distributed ai system for improving single-domain network intent resolution,

    P. Martinez-Julia, V . P. Kafle, and H. Asaeda, “A distributed ai system for improving single-domain network intent resolution,” 2025, p. 1 – 8

    work page 2025

  24. [24]

    Klonetai: Automating (com)2nets management with human language intents,

    Q. Li, Y . Xiong, Z. Li, C. Ma, H. Yu, G. Sun, L. Luo, and Z. Zhang, “Klonetai: Automating (com)2nets management with human language intents,”IEEE Network, vol. 39, no. 3, p. 12 – 19, 2025

    work page 2025

  25. [25]

    An agentic approach for dynamic software-defined network management using large language models,

    A. S. Araujo, J. M. O. das Mercês, R. L. da Silva, A. V . de Alencar, I. F. Passos, T. F. Meneses, M. P. Sousa, M. C. Dias, and D. F. Santos, “An agentic approach for dynamic software-defined network management using large language models,” 2024

    work page 2024

  26. [26]

    Use Cases and Practices for Intent-Based Networking,

    K. Yao, D. Chen, J. P. Jeong, Q. Wu, C. Yang, L. M. Contreras, and G. Fioccola, “Use Cases and Practices for Intent-Based Networking,” Internet Engineering Task Force, Internet-Draft draft-irtf-nmrg-ibn- usecases-02, Nov. 2025, work in Progress. [Online]. Available: https://datatracker.ietf.org/doc/draft-irtf-nmrg-ibn-usecases/02/

    work page 2025

  27. [27]

    Stratus: A multi-agent system for autonomous reliability engineering of modern clouds,

    Y . Chen, J. Pan, J. Clark, Y . Su, N. Zheutlin, B. Bhavya, R. Arora, Y . Deng, S. Jha, and T. Xu, “Stratus: A multi-agent system for autonomous reliability engineering of modern clouds,” inProc. of the Annual Conf. on Neural Information Processing Systems, 2025

    work page 2025