Agent-Event-Coder (AEC) Paradigm

Updated 24 November 2025

AEC is a framework that represents and encodes agent-event interactions using formal schemas and multi-agent LLM pipelines.
It enables zero-shot event extraction, covert communication protocols, and agent system discovery through structured validation and deterministic verification.
Empirical evaluations demonstrate significant improvements in extraction accuracy, protocol capacity, and process mining quality across diverse datasets.

The Agent-Event-Coder (AEC) paradigm encompasses a set of methodologies and architectures for representing, analyzing, and transforming agent-event interactions into structured, executable, or analyzable forms. The AEC framework is pivotal in three distinct but increasingly convergent research areas: (1) zero-shot event extraction using multi-agent LLM systems, (2) covert communication protocols for multi-agent environments, and (3) automated discovery of agent systems from event logs. Across these domains, AEC systems formalize events, agents, and their interactions, typically encoding them for deterministic processing, rigorous analysis, or security-preserving protocol design.

1. Multi-Agent Programming for Zero-Shot Event Extraction

Zero-shot event extraction (ZSEE) requires LLMs to extract event triggers and arguments of previously unseen types, guided exclusively by formal schema descriptions. Standard prompting approaches yield incomplete, poorly structured outputs prone to schema violations. The Agent-Event-Coder (AEC) (Guo et al., 17 Nov 2025) addresses this by decomposing ZSEE into a pipeline of four specialized LLM agents:

Retrieval Agent: Grounds abstract schema roles by producing exemplar sentences, facilitating trigger disambiguation and argument specification.
Planning Agent: Ranks candidate (trigger, event_type) hypotheses with confidence scores and natural language rationales.
Coding Agent: Converts top-ranked hypotheses into executable Python objects conforming to a Pydantic schema reflecting the event specification.
Verification Agent: Applies a deterministic test suite—semantic, type, structure—to validate extractions. Diagnostic errors drive code-patching or backtracking.

Event schemas are compiled into executable Pydantic classes, for instance:

class EventSchema(BaseModel):
    event_type: str
    trigger: str
    arguments: Dict[str, List[str]]

The iterative dual-loop search (hypothesis selection, code patching) ensures outputs are both semantically and structurally compliant. Deterministic schema enforcement, rather than heuristic constraints, enables systematic, reproducible output validation.

Empirical evaluation demonstrates consistent improvements over strongest zero-shot baselines on datasets such as FewEvent, ACE-2005, GENIA, SPEED, and CASIE, using Llama3, Qwen2.5, and GPT models. The most significant gains (up to 9.9 micro-F1 TI, 10 micro-F1 TC drop on ablation) are attributed to the Verification Agent. Key limitations include increased latency and dependency on schema specification clarity. This architecture establishes interpretability and reliability for LLM-based information extraction and is extensible to related structured prediction tasks.

2. Formalization in Covert Event Communication Protocols

Within security and privacy research focused on the Internet of Agents (IoA), the AEC designates the composition of agent actions and events into covert communication channels (Huang et al., 4 Aug 2025). Here, the Covert Event Channel is modeled as a triple:

Storage Channel: Leverages event payloads (a_data) to encode information indistinguishable from natural content.
Timing Channel: Encodes bits via strategic selection of timestamps, constrained by plausible agent response-time distributions.
Behavioral Channel: Modulates agent action types (a_type) to encode information while conforming to contextually plausible agent behaviors.

Formally, each atomic event is $e = (ag, act, t)$ , where $ag$ is agent, $act = (a_type, a_data)$ is the action tuple, and $t$ is time. Secure embedding and decoding schemes such as $\operatorname{Encode}(k, M, T_{<i}, st_S, i-1)$ and $\operatorname{Decode}(k, T)$ ensure statistical and intent-level imperceptibility under adversarial analysis.

The ΠCCAP protocol implements these principles in a rigorously tested system, with empirical performance ( $\text{EBPR} \approx 60\text{–}90$ bits/round) and failure rates negligible even for strong LLM-based and statistical detectors. The unified covert header format and layered encoding across storage, timing, and behavioral axes collectively achieve high capacity and robust undetectability.

3. Discovery of Agent Systems from Event Data

Agent-Event-Coder in the context of process mining (Tour et al., 2022) denotes algorithms that reconstruct agent-system models from event logs. The Agent Miner procedure follows these core steps:

Agent Trace Partitioning: Groups events into maximal subsequences (agent traces) of contiguous actions sharing the same agent within a single process instance.
Interaction Log Construction: From each agent trace, selects first events to summarize handovers, producing logs labeled by agent types.
Agent Behavior Log Construction: Aggregates all agent-specific events, renamed with (agent, activity) for behavioral profile mining.
Model Discovery and Synthesis: Leverages established process mining algorithms (INDA for global interactions, ANDA for individual agents) to build agent nets (transition models per agent) and interaction nets (handover models). The final system model is composed by substituting agent nets into the interaction net and applying net reductions.

Clustering of behavioral profiles, based on directly-follows graphs (DFGs) and similarity metrics, allows mapping of low-level resource identifiers to high-level agent types. The overall approach offers competitive or superior model quality (as measured by fitness/recall, precision, model size) on several real-world datasets compared to activity-only or agent+activity baselines. Typical complexity is linearithmic in event count for preprocessing and clustering, with polynomial overhead for the mining algorithms themselves.

4. Formal Representations and Verification

AEC systems characteristically rely on explicit formalization of event, agent, and interaction structures:

Event schemas as executable class (Python, Pydantic) definitions ensure schema compliance is machine-checked and human-readable.
Agent system models comprise sets of agent types, interaction edges, and per-agent behavior models (often as Petri nets or similar transition systems).
Covert channels formalize event content, timing, and action distribution in a manner analyzable for capacity, privacy, and robustness guarantees.

Verification in these contexts is deterministic and multi-faceted:

Semantic: Trigger and event content corresponds to in-text evidence or conforming agent activity.
Typing: Arguments and payloads are serialized and parsed according to stated schemas.
Structural: Extractions or logs are required to be valid as class instances or well-formed nets.

Systematic feedback (error diagnostics, code patching) is used for iterative refinement and validation.

5. Empirical Results and Practical Implications

Empirical findings across the three major AEC paradigms include:

Context	Key Metric	Result/Range
ZSEE (FewEvent, ACE)	TI/TC gain over baseline (micro-F1)	+3–5 / +4–6 (general); +2–4 AI/AC where schemas are richer
ZSEE (ablation)	TI/TC drop w/o Verification Agent	–9.9 / –10 (largest observed drop)
Covert comms (ΠCCAP)	Effective bits/round (EBPR)	60–90 (vs. 56/sentence in prior art); fail to be detected (AUC 0.503, LLM judge 1/5)
Agent Mining (BPIC2015)	AM(MAS) net size, recall, precision	122, 0.95, 0.34 (better/smaller than baseline 199, 0.95, 0.35)

AEC frameworks deliver not only stronger empirical performance but also increased interpretability and formal correctness. Nonetheless, challenges remain: The code-centric LLM approach incurs higher latency, covert protocols must carefully simulate naturalistic distributions, and agent mining results depend critically on the informativeness of agent identifiers.

6. Limitations and Future Research

Prominent limitations across AEC applications include:

Latency and Cost: Multi-agent orchestration, hypothesis backtracking, and iterative feedback loops increase computational demands, limiting throughput and scalability.
Dependence on Input Clarity: Schema clarity (ZSEE), action distributions (covert channels), and agent labeling quality (process mining) are bottlenecks.
Extraction Heuristics: For ZSEE, argument extraction beyond minimal heuristics remains an open problem.

Foregrounded future directions are:

Incorporating retrieval-augmentation, hypothesis pruning, and tighter agent integration for LLM AEC systems.
Extending covert channel designs to further dimensions and attacking more sophisticated adversarial models.
Broader integration and automation in agent mining, including richer clustering and model synthesis, as well as extending AEC paradigms to structured-prediction tasks beyond event extraction.

The AEC paradigm, by constructing explicit agent-event interfaces and codifications, underpins systematic advances in both information extraction and agent modeling, as well as advances in communication security and machine-processable process discovery.