模型推論成本放大攻擊
Operation & Monitoring
Risk Description
Attackers craft inputs using specific token combinations or context lengths to trigger worst-case inference paths, dramatically increasing per-inference computational cost. Unlike traditional DDoS relying on request volume, cost amplification attacks cause enormous resource consumption with few requests. For pay-per-use AI services, this can result in sudden massive bills.
Framework Mappings
iso 23894R2
tw principle資安與安全
tw risk type技術設計缺陷(Technical Design Flaw)
Controls English translation pending
- 推論成本上限
- 異常計費警報
Implementation Steps English translation pending
- 設定每次推論的計算時間和 token 數量上限
- 部署異常計費警報系統,偵測突發性的成本增加
- 實施每使用者/每 API key 的成本配額限制
- 對異常高成本的請求模式進行自動分析和封鎖