Excessive Queries - AI Security Technique
AI Security TechniqueAdversaries may send an excessive number of otherwise normal or low-complexity queries to an AI system with the goal of overwhelming its capacity and increasing operating costs. The attacker can automate high-volume request generation, exploiting rate limits, autoscaling policies, and pay-per-use billing models to drive sustained resource consumption without relying on specially crafted, computationally expensive...
Overview
A source-backed snapshot of this AI security technique.
Adversaries may send an excessive number of otherwise normal or low-complexity queries to an AI system with the goal of overwhelming its capacity and increasing operating costs.
The attacker can automate high-volume request generation, exploiting rate limits, autoscaling policies, and pay-per-use billing models to drive sustained resource consumption without relying on specially crafted, computationally expensive inputs. This behavior can also lead to increased latency, request queuing, and service degradation or unavailability for legitimate users, as the system struggles to process the inflated traffic.
Technique details
Identifiers, maturity, and source taxonomy for this technique.
- ATLAS ID
- AML.T0034.000
- Maturity
- feasible
- Priority score
- 10
Attack flow
How to read the public records connected to this technique.
Impact
Why this technique may deserve attention in the current dataset.
- Evidence levelfeasible
- Mapped defenses0 ATLAS mitigation records
- Public examples0 linked case study records
- Research risks0 related MIT AI Risk records above the confidence threshold
- Vulnerabilities0 linked CVE records
Mitigations
Defenses that may help against this attack.
Case studies
Examples from public reports and exercises.
Source evidence
Original public records and references for this page.
Original source
Original source links
Open the public records and source datasets used for this page.
