Mar 10, 2025
Feature-based analysis of cooperation-relevant behaviour in Prisoner’s Dilemma
Perusha Moodley, Ana Kapros, Maria Kapros
We hypothesise that internal-based model probing and editing might provide higher signal in multi-agent settings. We implement a small simulation of Prisoner’s Dilemma to probe for cooperation-relevant properties. Our experiments demonstrate that feature-based steering highlights deception-relevant features and does so more strongly than prompt-based steering.
Natalia Perez-Campanero
The project applies feature-based steering to multi-agent systems, bridging a gap between single-agent steering and MA safety. It explicitly defines and explores risks like deception, defection, and misalignment in MA systems, aligning with existing frameworks, and demonstrates that feature-based steering outperforms prompting for detecting deception-relevant properties, suggesting MI tools could enhance monitoring systems. The results currently rely on qualitative analysis of activation scores - I would recommend introducing at least statistical significance testing if not more thorough quantitative analysis. The threat model focuses narrowly on PD dynamics - it might have been good to discuss how the findings might extend to real-world scenarios (e.g., collusion in financial markets). To expand on the work, it might be interesting to compare feature steering against other methods - such as gradient-based methods like linear probes- to validate efficacy.
Zainab Majid
An impressive amount of work completed in the hackathon - well done! Very interesting project direction grounded in a clear understanding of the present literature, and key limitations are explicitly addressed. AI safety challenges regarding multi-agent risks are called out specifically, I'd suggest putting in some thought into mitigation strategies as well. Moving forwards, I'd be excited to see any of the referenced extensions implemented. Overall - great idea and execution!
Myra Deng
Really interesting problem and thorough explanation of the different threat models/risks from this MA setup. I would have liked to see more rigorous experimental design for evaluating steering vs. baselines like prompting, e.g. by defining a benchmark metric that would be more easily comparable across the settings (vs. raw activation score). It would also be cool to follow up with practical strategies for how these techniques scale to more complex environments / deployment scenarios.
Cite this work
@misc {
title={
Feature-based analysis of cooperation-relevant behaviour in Prisoner’s Dilemma
},
author={
Perusha Moodley, Ana Kapros, Maria Kapros
},
date={
3/10/25
},
organization={Apart Research},
note={Research submission to the research sprint hosted by Apart.},
howpublished={https://apartresearch.com}
}
