[2603.05031] AegisUI: Behavioral Anomaly Detection for Structured User Interface Protocols in AI Agent Systems

Computer Science > Artificial Intelligence arXiv:2603.05031 (cs) [Submitted on 5 Mar 2026] Title:AegisUI: Behavioral Anomaly Detection for Structured User Interface Protocols in AI Agent Systems Authors:Mohd Safwan Uddin, Saba Hajira View a PDF of the paper titled AegisUI: Behavioral Anomaly Detection for Structured User Interface Protocols in AI Agent Systems, by Mohd Safwan Uddin and 1 other authors View PDF HTML (experimental) Abstract:AI agents that build user interfaces on the fly assembling buttons, forms, and data displays from structured protocol payloads are becoming common in production systems. The trouble is that a payload can pass every schema check and still trick a user: a button might say "View invoice" while its hidden action wipes an account, or a display widget might quietly bind to an internal salary field. Current defenses stop at syntax; they were never built to catch this kind of behavioral mismatch. We built AegisUI to study exactly this gap. The framework generates structured UI payloads, injects realistic attacks into them, extracts numeric features, and benchmarks anomaly detectors end-to-end. We produced 4000 labeled payloads (3000 benign, 1000 malicious) spanning five application domains and five attack families: phishing interfaces, data leakage, layout abuse, manipulative UI, and workflow anomalies. From each payload we extracted 18 features covering structural, semantic, binding, and session dimensions, then compared three detectors: Isolati...