Adversarial Query Restriction and Cost Governance

Tier 1 MODEL
ISO Clause 8 NIST MG-3 OWASP LLM10 OWASP ASI01

What This Requires

Implement rate limiting, quota management, and anomaly detection controls to prevent excessive or adversarial use of AI model endpoints. Controls must protect against denial-of-service attacks targeting model availability, denial-of-wallet attacks targeting financial resources, and abuse patterns that degrade service quality for legitimate users.

Why It Matters

AI inference costs scale directly with usage volume, and a single compromised API key or abusive user can generate thousands of dollars in compute charges within minutes. Denial-of-wallet attacks exploit the pay-per-token pricing model of cloud AI services to inflict financial damage, while sustained high-volume queries can exhaust rate limits and degrade availability for the entire organization.

How To Implement

Rate Limiting and Quotas

Implement per-user, per-application, and per-API-key rate limits at the API gateway level. Set daily and monthly token consumption quotas with automatic enforcement (soft warnings at 80%, hard cutoff at 100%). Configure burst limits to prevent short-duration high-volume attacks.

Cost Monitoring and Alerting

Deploy real-time cost monitoring dashboards that track AI spend by user, department, application, and model. Configure alerts at 50%, 75%, and 90% of budget thresholds. Implement automatic circuit breakers that suspend non-critical AI services when spend exceeds emergency thresholds.

Anomaly Detection

Establish baseline usage patterns per user and application. Deploy anomaly detection that flags deviations exceeding two standard deviations from the baseline (unusual hours, sudden volume spikes, atypical prompt lengths). Route anomalies to the security operations team for investigation.

Abuse Response Procedures

Define escalation procedures for confirmed abuse: immediate key revocation for compromised credentials, user suspension for policy violations, and vendor notification for platform-level attacks. Document recovery procedures including cost dispute processes with AI vendors.

Evidence & Audit

  • API gateway rate limiting and quota configuration records
  • Real-time cost monitoring dashboard screenshots or access records
  • Budget threshold alert configuration and triggered alert logs
  • Anomaly detection baseline definitions and flagged event records
  • Circuit breaker configuration and activation logs
  • Abuse investigation and response records
  • Monthly AI cost reports by user, department, and application

Related Controls

Adversarial Input Defense Continuous AI Monitoring AI Asset Inventory