Large Language Models (LLMs) have demonstrated remarkable performance across diverse tasks. LLMs continue to be vulnerable to external threats, particularly Denial-of-Service (DoS) attacks. Specifically, LLM-DoS attacks aim to exhaust computational resources and block services. However, prior works tend to focus on performing white-box attacks, overlooking black-box settings. In this work, we propose an automated algorithm designed for black-box LLMs, called Auto-Generation for LLM-DoS Attack (AutoDoS). AutoDoS introduces DoS Attack Tree and optimizes the prompt node coverage to enhance effectiveness under black-box conditions. Our method can bypass existing defense with enhanced stealthiness via semantic improvement of prompt nodes. Furthermore, we reveal that implanting Length Trojan in Basic DoS Prompt aids in achieving higher attack efficacy. Experimental results show that AutoDoS amplifies service response latency by over 250 $\times \uparrow$, leading to severe resource consumption in terms of GPU utilization and memory usage. Our code is available at \url{https://github.com/shuita2333/AutoDoS}.

翻译：大语言模型（LLMs）在多样化任务中展现出卓越性能，但其仍易受到外部威胁，尤其是拒绝服务（DoS）攻击。具体而言，LLM-DoS攻击旨在耗尽计算资源并阻断服务。然而，现有研究多集中于白盒攻击场景，忽视了黑盒环境。本文提出一种面向黑盒LLMs的自动化算法，称为LLM-DoS自动攻击（AutoDoS）。该方法引入DoS攻击树，并通过优化提示节点覆盖率以提升黑盒条件下的攻击效能。我们提出的方法能通过对提示节点进行语义优化增强隐蔽性，从而绕过现有防御机制。此外，我们发现通过在基础DoS提示中植入长度木马有助于实现更高的攻击效力。实验结果表明，AutoDoS可使服务响应延迟扩大超过250$\times \uparrow$，导致GPU利用率与内存占用方面的严重资源消耗。代码已发布于\url{https://github.com/shuita2333/AutoDoS}。