Excessive Queries
This technique is theoretically possible but has not been publicly demonstrated.
Adversaries may send an excessive number of otherwise normal or low-complexity queries to an AI system with the goal of overwhelming its capacity and increasing operating costs.
The attacker can automate high-volume request generation, exploiting rate limits, autoscaling policies, and pay-per-use billing models to drive sustained resource consumption without relying on specially crafted, computationally expensive inputs. This behavior can also lead to increased latency, request queuing, and service degradation or unavailability for legitimate users, as the system struggles to process the inflated traffic.