Chapter 8. Don’t Lose Your Wallet

Beware of little expenses; a small leak will sink a great ship.

Benjamin Franklin

This chapter will explore denial-of-service (DoS), denial-of-wallet (DoW), and model cloning attacks, examining the similarities and differences between these attack types. Despite the divergent outcomes—from service disruption and financial loss to the unauthorized duplication of your intellectual property—these three attack vectors exploit similar vulnerabilities within the application. By exploring these threats side-by-side, you’ll understand the protective measures to thwart such attacks.

The term DoS has become synonymous with the disruption of online services. A DoS attack is an intentional effort to make a computer system, network, or application unavailable to its intended users, typically by overwhelming the app with requests. Historically, these attacks have targeted various online services, from financial institutions to social media platforms, causing significant operational disruptions and economic losses. As we dig deeper into the era of advanced computing and AI, the implications of DoS attacks have extended to more sophisticated technologies, including LLMs.

While LLMs are not immune to traditional cybersecurity threats, their unique characteristics can make them highly vulnerable to DoS attacks, and such attacks can have unique and severe consequences. Today, DoS attacks are not merely about disrupting service availability; they extend to exploiting ...