RepetitionCurse: DoS Attacks on MoE LLMs
Published:Dec 30, 2025 05:24
•1 min read
•ArXiv
Analysis
This paper highlights a critical vulnerability in Mixture-of-Experts (MoE) large language models (LLMs). It demonstrates how adversarial inputs can exploit the routing mechanism, leading to severe load imbalance and denial-of-service (DoS) conditions. The research is significant because it reveals a practical attack vector that can significantly degrade the performance and availability of deployed MoE models, impacting service-level agreements. The proposed RepetitionCurse method offers a simple, black-box approach to trigger this vulnerability, making it a concerning threat.
Key Takeaways
- •MoE LLMs are vulnerable to DoS attacks due to routing imbalances.
- •Adversarial prompts can force all tokens to be routed to a small subset of experts.
- •RepetitionCurse is a simple, black-box method to exploit this vulnerability.
- •The attack significantly increases inference latency and degrades service availability.
Reference
“Out-of-distribution prompts can manipulate the routing strategy such that all tokens are consistently routed to the same set of top-$k$ experts, which creates computational bottlenecks.”