selfconstruct3d commited on
Commit
ee43310
·
verified ·
1 Parent(s): 2b06a79

Update README.md

Browse files
Files changed (1) hide show
  1. README.md +94 -128
README.md CHANGED
@@ -1,199 +1,165 @@
1
  ---
2
  library_name: transformers
3
- tags: []
 
 
 
 
4
  ---
5
 
6
- # Model Card for Model ID
7
-
8
- <!-- Provide a quick summary of what the model is/does. -->
9
-
10
 
 
11
 
12
  ## Model Details
13
 
14
  ### Model Description
15
 
16
- <!-- Provide a longer summary of what this model is. -->
17
-
18
- This is the model card of a 🤗 transformers model that has been pushed on the Hub. This model card has been automatically generated.
19
 
20
- - **Developed by:** [More Information Needed]
21
- - **Funded by [optional]:** [More Information Needed]
22
- - **Shared by [optional]:** [More Information Needed]
23
- - **Model type:** [More Information Needed]
24
- - **Language(s) (NLP):** [More Information Needed]
25
- - **License:** [More Information Needed]
26
- - **Finetuned from model [optional]:** [More Information Needed]
27
 
28
- ### Model Sources [optional]
29
 
30
- <!-- Provide the basic links for the model. -->
31
-
32
- - **Repository:** [More Information Needed]
33
- - **Paper [optional]:** [More Information Needed]
34
- - **Demo [optional]:** [More Information Needed]
35
 
36
  ## Uses
37
 
38
- <!-- Address questions around how the model is intended to be used, including the foreseeable users of the model and those affected by the model. -->
39
-
40
  ### Direct Use
41
 
42
- <!-- This section is for the model use without fine-tuning or plugging into a larger ecosystem/app. -->
43
-
44
- [More Information Needed]
45
 
46
- ### Downstream Use [optional]
47
 
48
- <!-- This section is for the model use when fine-tuned for a task, or when plugged into a larger ecosystem/app -->
49
-
50
- [More Information Needed]
51
 
52
  ### Out-of-Scope Use
53
 
54
- <!-- This section addresses misuse, malicious use, and uses that the model will not work well for. -->
55
-
56
- [More Information Needed]
57
 
58
  ## Bias, Risks, and Limitations
59
 
60
- <!-- This section is meant to convey both technical and sociotechnical limitations. -->
61
-
62
- [More Information Needed]
63
 
64
  ### Recommendations
65
 
66
- <!-- This section is meant to convey recommendations with respect to the bias, risk, and technical limitations. -->
67
-
68
- Users (both direct and downstream) should be made aware of the risks, biases and limitations of the model. More information needed for further recommendations.
69
 
70
  ## How to Get Started with the Model
71
 
72
- Use the code below to get started with the model.
73
-
74
- [More Information Needed]
75
-
76
- ## Training Details
77
-
78
- ### Training Data
79
 
80
- <!-- This should link to a Dataset Card, perhaps with a short stub of information on what the training data is all about as well as documentation related to data pre-processing or additional filtering. -->
81
-
82
- [More Information Needed]
83
-
84
- ### Training Procedure
85
 
86
- <!-- This relates heavily to the Technical Specifications. Content here should link to that section when it is relevant to the training procedure. -->
 
87
 
88
- #### Preprocessing [optional]
 
 
89
 
90
- [More Information Needed]
 
 
 
91
 
 
 
92
 
93
- #### Training Hyperparameters
94
 
95
- - **Training regime:** [More Information Needed] <!--fp32, fp16 mixed precision, bf16 mixed precision, bf16 non-mixed precision, fp16 non-mixed precision, fp8 mixed precision -->
96
 
97
- #### Speeds, Sizes, Times [optional]
98
 
99
- <!-- This section provides information about throughput, start/end time, checkpoint size if relevant, etc. -->
100
 
101
- [More Information Needed]
 
 
 
102
 
103
  ## Evaluation
104
 
105
- <!-- This section describes the evaluation protocols and provides the results. -->
106
-
107
  ### Testing Data, Factors & Metrics
108
 
109
- #### Testing Data
110
-
111
- <!-- This should link to a Dataset Card if possible. -->
112
-
113
- [More Information Needed]
114
-
115
- #### Factors
116
-
117
- <!-- These are the things the evaluation is disaggregating by, e.g., subpopulations or domains. -->
118
-
119
- [More Information Needed]
120
-
121
- #### Metrics
122
-
123
- <!-- These are the evaluation metrics being used, ideally with a description of why. -->
124
-
125
- [More Information Needed]
126
 
127
  ### Results
128
 
129
- [More Information Needed]
 
 
 
130
 
131
- #### Summary
132
 
 
133
 
 
 
134
 
135
- ## Model Examination [optional]
136
-
137
- <!-- Relevant interpretability work for the model goes here -->
138
-
139
- [More Information Needed]
140
-
141
- ## Environmental Impact
142
-
143
- <!-- Total emissions (in grams of CO2eq) and additional considerations, such as electricity usage, go here. Edit the suggested text below accordingly -->
144
-
145
- Carbon emissions can be estimated using the [Machine Learning Impact calculator](https://mlco2.github.io/impact#compute) presented in [Lacoste et al. (2019)](https://arxiv.org/abs/1910.09700).
146
 
147
- - **Hardware Type:** [More Information Needed]
148
- - **Hours used:** [More Information Needed]
149
- - **Cloud Provider:** [More Information Needed]
150
- - **Compute Region:** [More Information Needed]
151
- - **Carbon Emitted:** [More Information Needed]
152
 
153
- ## Technical Specifications [optional]
154
 
155
- ### Model Architecture and Objective
 
 
156
 
157
- [More Information Needed]
 
 
 
158
 
159
- ### Compute Infrastructure
160
-
161
- [More Information Needed]
162
-
163
- #### Hardware
164
-
165
- [More Information Needed]
166
-
167
- #### Software
168
-
169
- [More Information Needed]
170
-
171
- ## Citation [optional]
172
-
173
- <!-- If there is a paper or blog post introducing the model, the APA and Bibtex information for that should go in this section. -->
174
-
175
- **BibTeX:**
176
-
177
- [More Information Needed]
178
 
179
- **APA:**
180
 
181
- [More Information Needed]
 
 
 
 
182
 
183
- ## Glossary [optional]
184
 
185
- <!-- If relevant, include terms and calculations in this section that can help readers understand the model or model card. -->
186
 
187
- [More Information Needed]
 
188
 
189
- ## More Information [optional]
190
 
191
- [More Information Needed]
192
 
193
- ## Model Card Authors [optional]
194
 
195
- [More Information Needed]
196
 
197
  ## Model Card Contact
198
 
199
- [More Information Needed]
 
1
  ---
2
  library_name: transformers
3
+ tags:
4
+ - cybersecurity
5
+ - mpnet
6
+ - classification
7
+ - fine-tuned
8
  ---
9
 
10
+ # Model Card for MPNet Cybersecurity Classifier
 
 
 
11
 
12
+ This is a fine-tuned MPNet model specialized for classifying cybersecurity threat groups based on textual descriptions of their tactics and techniques.
13
 
14
  ## Model Details
15
 
16
  ### Model Description
17
 
18
+ This model is a fine-tuned MPNet classifier specialized in categorizing cybersecurity threat groups based on textual descriptions of their tactics, techniques, and procedures (TTPs).
 
 
19
 
20
+ - **Developed by:** Dženan Hamzić
21
+ - **Model type:** Transformer-based classification model (MPNet)
22
+ - **Language(s) (NLP):** English
23
+ - **License:** Apache-2.0
24
+ - **Finetuned from model:** microsoft/mpnet-base (with intermediate MLM fine-tuning)
 
 
25
 
26
+ ### Model Sources
27
 
28
+ - **Base Model:** [microsoft/mpnet-base](https://huggingface.co/microsoft/mpnet-base)
 
 
 
 
29
 
30
  ## Uses
31
 
 
 
32
  ### Direct Use
33
 
34
+ This model classifies textual cybersecurity descriptions into known cybersecurity threat groups.
 
 
35
 
36
+ ### Downstream Use
37
 
38
+ Integration into Cyber Threat Intelligence platforms, SOC incident analysis tools, and automated threat detection systems.
 
 
39
 
40
  ### Out-of-Scope Use
41
 
42
+ - General language tasks unrelated to cybersecurity
43
+ - Tasks outside the cybersecurity domain
 
44
 
45
  ## Bias, Risks, and Limitations
46
 
47
+ This model specializes in cybersecurity contexts. Predictions for unrelated contexts may be inaccurate.
 
 
48
 
49
  ### Recommendations
50
 
51
+ Always verify predictions with cybersecurity analysts before using in critical decision-making scenarios.
 
 
52
 
53
  ## How to Get Started with the Model
54
 
55
+ ```python
56
+ from transformers import AutoTokenizer, MPNetModel
57
+ import torch
 
 
 
 
58
 
59
+ model_name = "mpnet_classification_finetuned_v2"
60
+ tokenizer = AutoTokenizer.from_pretrained(model_name)
61
+ model = MPNetModel.from_pretrained(model_name)
 
 
62
 
63
+ device = torch.device("cuda" if torch.cuda.is_available() else "cpu")
64
+ model.to(device)
65
 
66
+ # Example inference
67
+ sentence = "APT38 has used phishing emails with malicious links to distribute malware."
68
+ inputs = tokenizer(sentence, return_tensors="pt", truncation=True, padding="max_length", max_length=128).to(device)
69
 
70
+ with torch.no_grad():
71
+ outputs = model(**inputs)
72
+ cls_embedding = outputs.last_hidden_state[:, 0, :]
73
+ predicted_class = classifier_model.classifier(cls_embedding).argmax(dim=1).cpu().item()
74
 
75
+ print(f"Predicted GroupID: {predicted_class}")
76
+ ```
77
 
78
+ ## Training Details
79
 
80
+ ### Training Data
81
 
82
+ The training dataset comprises balanced textual descriptions of various cybersecurity threat groups' TTPs, augmented through synonym replacement to increase diversity.
83
 
84
+ ### Training Procedure
85
 
86
+ - Fine-tuned from: MLM fine-tuned MPNet ("mpnet_mlm_cyber_finetuned-v2")
87
+ - Epochs: 20
88
+ - Learning rate: 5e-6
89
+ - Batch size: 16
90
 
91
  ## Evaluation
92
 
 
 
93
  ### Testing Data, Factors & Metrics
94
 
95
+ - **Testing Data:** Stratified sample from original dataset.
96
+ - **Metrics:** Accuracy, Weighted F1 Score
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
97
 
98
  ### Results
99
 
100
+ | Metric | Value |
101
+ |------------------------|---------|
102
+ | Classification Accuracy (Test) | 0.7161 |
103
+ | Weighted F1 Score | [More Information Needed] |
104
 
105
+ ### Single Prediction Example
106
 
107
+ ```python
108
 
109
+ # Create explicit mapping from numeric labels to original GroupIDs
110
+ label_to_groupid = dict(enumerate(train_df["GroupID"].astype("category").cat.categories))
111
 
112
+ def predict_group(sentence):
113
+ classifier_model.eval()
114
+ encoding = tokenizer(
115
+ sentence,
116
+ truncation=True,
117
+ padding="max_length",
118
+ max_length=128,
119
+ return_tensors="pt"
120
+ )
121
+ input_ids = encoding["input_ids"].to(device)
122
+ attention_mask = encoding["attention_mask"].to(device)
123
 
124
+ with torch.no_grad():
125
+ logits = classifier_model(input_ids, attention_mask)
126
+ predicted_label = torch.argmax(logits, dim=1).cpu().item()
 
 
127
 
 
128
 
129
+ # Explicitly convert numeric label to original GroupID
130
+ predicted_groupid = label_to_groupid[predicted_label]
131
+ return predicted_groupid
132
 
133
+ sentence = "APT38 has used phishing emails with malicious links to distribute malware."
134
+ predicted_class = predict_group(sentence)
135
+ print(f"Predicted GroupID: {predicted_class}") # e.g., Predicted GroupID: G0081
136
+ ```
137
 
138
+ ## Environmental Impact
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
139
 
140
+ Carbon emissions can be estimated using the [Machine Learning Impact calculator](https://mlco2.github.io/impact#compute).
141
 
142
+ - **Hardware Type:** [To be filled by user]
143
+ - **Hours used:** [To be filled by user]
144
+ - **Cloud Provider:** [To be filled by user]
145
+ - **Compute Region:** [To be filled by user]
146
+ - **Carbon Emitted:** [To be filled by user]
147
 
148
+ ## Technical Specifications
149
 
150
+ ### Model Architecture
151
 
152
+ - MPNet architecture with classification head (768 -> 512 -> num_labels)
153
+ - Last 10 transformer layers fine-tuned explicitly
154
 
155
+ ## Environmental Impact
156
 
157
+ Carbon emissions should be estimated using the [Machine Learning Impact calculator](https://mlco2.github.io/impact#compute).
158
 
159
+ ## Model Card Authors
160
 
161
+ - Dženan Hamzić
162
 
163
  ## Model Card Contact
164
 
165
+ - [More Information Needed]