Risk
Resource Abuse
Description
Attackers or misconfigured integrations exploit AI APIs for unintended, costly, or unauthorized use (e.g., cryptocurrency mining, spam).
Example
Attacker uses API to generate spam or mine cryptocurrency using AI compute resources.
Assets Affected
Model Inference endpoint
AI platform
Mitigation
- Usage quotas
- Abuse detection
- Monitor for abnormal usage
- Restrict resource allocation
Standards Mapping
- ISO 42001: A.6.2.6, A.9.4
- OWASP Top 10 for LLM: LLM10
- NIST AI RMF: MANAGE 2.1, MEASURE 3.1
- DASF v2: MODEL SERVING 9.7