RECUR: Resource Exhaustion Attack via Recursive-Entropy Guided Counterfactual Utilization and Reflection

TL;DR

This paper introduces RECUR, a novel attack method that exploits recursive entropy to cause resource exhaustion in large reasoning models by increasing output length and reducing throughput, highlighting safety issues in inference processes.

Contribution

It presents Recursive Entropy as a metric for assessing reflection risks and proposes RECUR, a new attack leveraging counterfactual questions to expose vulnerabilities in LRMs.

Findings

Recursive entropy decreases under normal inference

RECUR increases output length by up to 11x

RECUR reduces throughput by 90%

Abstract

Large Reasoning Models (LRMs) employ reasoning to address complex tasks. Such explicit reasoning requires extended context lengths, resulting in substantially higher resource consumption. Prior work has shown that adversarially crafted inputs can trigger redundant reasoning processes, exposing LRMs to resource-exhaustion vulnerabilities. However, the reasoning process itself, especially its reflective component, has received limited attention, even though it can lead to over-reflection and consume excessive computing power. In this paper, we introduce Recursive Entropy to quantify the risk of resource consumption in reflection, thereby revealing the safety issues inherent in inference itself. Based on Recursive Entropy, we introduce RECUR, a resource exhaustion attack via Recursive Entropy guided Counterfactual Utilization and Reflection. It constructs counterfactual questions to verify the inherent flaws and risks of LRMs. Extensive experiments demonstrate that, under benign inference, recursive entropy exhibits a pronounced decreasing trend. RECUR disrupts this trend, increasing the output length by up to 11x and decreasing throughput by 90%. Our work provides a new perspective on robust reasoning.