RecurGuard: Runtime Monitoring for Reasoning-Token Consumption Attacks
Researchers have developed RecurGuard, a novel runtime monitoring system designed to detect and prevent denial-of-service attacks targeting large language models. These attacks exploit the models' reasoning capabilities by inducing them to consume excessive tokens on decoy tasks, leading to increased costs and no useful output. RecurGuard analyzes the model's reasoning traces in real-time, tracking signals like recurrence rate and volume growth to identify anomalous behavior and terminate generation early. Evaluations show RecurGuard effectively detects a high percentage of known attacks with a low false positive rate on standard tasks, though adaptive attacks present a remaining challenge. AI
IMPACT Introduces a new defense mechanism against sophisticated LLM attacks, potentially improving the security and reliability of AI systems.