From 53%% to 90%%: How an Auto-Healing AI Swarm Learned to Defend Itself
Over four iterations and 200+ adversarial wargame rounds, a local AI swarm's defense rate evolved from 53% to 90% without hardware changes, cloud dependencies, or increased VRAM usage. The system, running on a single RTX 5070 (12GB VRAM), used a 'Defender Vanguard' prompt injection technique to teach small models attacker thinking, and an auto-healing system that extracts vaccines from breaches. Cloud-scale attacker models (DeepSeek-V3.2 at 671B params, Qwen 3.5 at 397B, Gemma 4 at 31B) initially breached the 8-agent local swarm at will, with defenders mostly 1.2B parameter models. Initial defense rate was 53%. Problems identified included a missing auditor model (llama-tulu3-8b) in the Ollama registry, causing silent failures. Swapping to DeepSeek-Coder-V2 16B (202.9 TPS, 8ms TTFT) jumped auditor detection rate from 62% to 88%, halving DeepSeek-V3.2's breach rate from 78% to 45%.
Demonstrates that small, local models can defend against large cloud models with clever techniques.