APromptRiskDBThreat intelligence atlas
AI Security Technique

Resource-Intensive Queries - AI Security Technique

Adversaries may craft inputs specifically designed to increase the compute resources required for processing. For generative AI models, adversaries may use long input sequences, requests for extremely long outputs, or prompts that require complex reasoning as strategies for increasing compute costs [1]. For vision and language models, "sponge examples" [2] can be used to maximize energy consumption a...

View mitigationsRead context
AI Security Techniquefeasible

Record summary

A quick snapshot of what this page covers.

Tactics0Attacker goals connected to this method.
Mitigations0Defenses that may help against this attack.
AI risks4Research-backed risks connected to this topic.

Attack context

How this AI attack works in practice.

Adversaries may craft inputs specifically designed to increase the compute resources required for processing.

For generative AI models, adversaries may use long input sequences, requests for extremely long outputs, or prompts that require complex reasoning as strategies for increasing compute costs [1]. For vision and language models, "sponge examples" [2] can be used to maximize energy consumption and decision latency. Utilizing fewer resource-intensive queries instead of simply flooding the model with excessive queries may be more difficult to detect and block or limit.

References

  1. [1] https://genai.owasp.org/resource/owasp-top-10-for-llm-applications-2025/
  2. [2] https://arxiv.org/abs/2006.03463
ATLAS ID
AML.T0034.001
Priority score
10
Maturity: feasible

Mitigations

Defenses that may help against this attack.

No connected defenses. No defense is connected to this attack in the current data.

Case studies

Examples from public reports and exercises.

No case studies found. No public example is connected to this attack in the current data.

Related risks

Research-backed risks connected to this topic.

Overhead Attacks

Confidence: 0.55
Domain2. Privacy & SecuritySubdomain2.2 > AI system security vulnerabilities and attacks

"Overhead attacks [146] are also named energy-latency attacks. For example, an adversary can design carefully crafted sponge examples to maximize energy consumption in an AI system. Therefore, overhead attacks could a...

Environmental and socioeconomic harms

Confidence: 0.54
Domain6. Socioeconomic and EnvironmentalSubdomain6.6 > Environmental harm

"At a time of increasing climate urgency, energy consumption and the carbon footprint of AI applications are also matters of ethics and responsibility [68]. As with other energy-intensive technologies like proof-of-wo...

Environmental harms from operating LMs

Confidence: 0.54
Domain6. Socioeconomic and EnvironmentalSubdomain6.6 > Environmental harm

"LMs (and AI more broadly) can have an environmental impact at different levels, including: (1) direct impacts from the energy used to train or operate the LM, (2) secondary impacts due to emissions from LM-based appl...

Resource acquisition propensity

Confidence: 0.53
Domain7. AI System Safety, Failures, & LimitationsSubdomain7.1 > AI pursuing its own goals in conflict with human goals or values

"Exhibits behavioral patterns of actively seeking and controlling more computational resources, data, economic resources or physical resources to enhance its own capabilities and action scope, may develop complex stra...

Related CVEs

Known software flaws linked to this context.

No related CVEs. No software flaw is connected to this attack in the current data.

Source

Where this page information comes from.