Multi-dimensional Prompt Expansion: Black-Box DoS Attacks on Multi-agent LLMs
摘要
As an emerging research direction in the field of artificial intelligence, the large language model multi-agent systems (LLM-MAS) demonstrate vast application prospects and developmental potential. However, the open services of LLM-MAS are vulnerable to external threats, especially large language model denial-of-service (DoS) attacks. These attacks aim to degrade service performance and cause resource crashes by generating malicious inputs to exhaust the computational resources of LLM-MAS. In this paper, a red-team DoS generation method suitable for the black-box environment is proposed. The Multi-Dimensional Prompt Expansion (MDPE) Attack is generated by decomposing the initial prompt into a tree structure for domain-specific segmentation and semantic expansion. It employs feedback-based iterative optimization and further injects deceptive length constraints. Experiments demonstrate that our method significantly expands the response content length and prolongs service latency in LLM-MAS, compared to benign queries and baseline approaches. The study investigates the GPU resource consumption and service throughput of this attack in real-world deployments, while validating its transferability and stealthiness across different large language models. Ablation experiments further analyze the contribution of key components to the overall attack performance.