Hugging Face's logo

caffeinatedcherrychic
/
mistral-based-NIDS-old

TensorBoard
Safetensors
Model card Files Metrics Community
Edit model card
YAML Metadata Warning: empty or missing yaml metadata in repo card (https://huggingface.co/docs/hub/model-cards#model-card-metadata)

Mistral based NIDS

This repository contains an implementation of a Network Intrusion Detection System (NIDS) based on the Mistral Large Language Model (LLM). The system is designed to detect and classify network attacks using natural language processing techniques.

Overview

  • LLM:
    • The NIDS is built using the Mistral LLM, a powerful language model that enables the system to understand and analyze network traffic logs.
    • Another LLM, Llama2, was fine-tuned and the performance of the two were compared. The link to my implementation of Llama2-based can be found here.
  • Dataset: The system is trained and evaluated on the CIDDS dataset, which includes various types of network attacks such as DoS, PortScan, Brute Force, and PingScan.
  • Training: The LLM is fine-tuned on the CIDDS dataset after it was pre-processed using the NTFA tool to learn the patterns and characteristics of different network attacks.
  • Inference: The trained model is used to classify network traffic logs in real-time, identifying potential attacks and generating alerts.

Results

The mistral-based NIDS achieves a higher detection rate with lower false positives, demonstrating the effectiveness of using LLMs for network intrusion detection. With access to computational resources for longer periods, It's performance could further be improved.

Downloads last month
2
Inference API
Unable to determine this model's library. Check the docs .