Hugging Face's logo

Spaces:
FrontierAICybersecurity
/
Cybersecurity_leaderboard
Running

App Files Community
1
Cybersecurity_leaderboard
File size: 5,081 Bytes 
bb8ff6c
 
 
 
 
 
 
 
 
 
 
 
 
ea5e3a1
bb8ff6c
 
 
 
 
 
 
 
ea5e3a1
bb8ff6c
 
 
 
 
ea5e3a1
bb8ff6c
ea5e3a1
 
bb8ff6c
ea5e3a1
bb8ff6c
ea5e3a1
 
bb8ff6c
ea5e3a1
 
 
 
bb8ff6c
ea5e3a1
 
 
 
bb8ff6c
ea5e3a1
 
 
 
bb8ff6c
ea5e3a1
 
 
 
bb8ff6c
ea5e3a1
 
 
 
bb8ff6c
ea5e3a1
 
 
 
bb8ff6c
ea5e3a1
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
bb8ff6c
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
 
VLMEVALKIT_README = 'https://raw.githubusercontent.com/open-compass/VLMEvalKit/main/README.md'
# CONSTANTS-CITATION
CITATION_BUTTON_TEXT = r"""@article{guo2025sok,

  title={{Frontier AI's Impact on the Cybersecurity Landscape}},

  author={Guo, Wenbo and Potter, Yujin and Shi, Tianneng and Wang, Zhun and Zhang, Andy and Song, Dawn},

  journal={arXiv preprint arXiv:2504.05408},

  year={2025}

}

"""
CITATION_BUTTON_LABEL = "Copy the following snippet to cite these results"
# CONSTANTS-TEXT
LEADERBORAD_INTRODUCTION = """# Cybersecurity Leaderboard

### Welcome to the Cybersecurity Leaderboard! This leaderboard is a collection of benchmarks relevant to cybersecurity capabilities. 

This leaderboard covers {} benchmarks.



This leaderboard was last updated: {} """
# CONSTANTS-FIELDS
# META_FIELDS = [
#     'Model'
# ]

DEFAULT_TASK = [
    'Vulnerable Code Generation', 'Attack Generation', 'CTF', 'Cyber Knowledge', 'Pen Test', 'Vulnerability Detection', 'PoC Generation', 'Patching'
]

# The README file for each benchmark
LEADERBOARD_MD = {}

LEADERBOARD_MD['CyberSecEval-3'] = """CyberSecEval-3 is a security benchmarks for LLMs. CyberSecEval-3 assesses 8 different risks across two broad categories: risk to third parties, and risk to application developers and end users.  



Paper: https://arxiv.org/abs/2408.01605 

Code: https://github.com/meta-llama/PurpleLlama/tree/main/CybersecurityBenchmarks 

"""
LEADERBOARD_MD['SecCodePLT'] = """ SecCodePLT is a unified and comprehensive evaluation platform for code GenAIs' risks. This benchmark consists of insecure coding tasks and cyberattack helpfulness tasks. The helpfulness tasks are designed considering five attack steps: reconnaissance, weaponization & infiltration, C2 & execution, discovery, and collection.



Paper: https://arxiv.org/abs/2410.11096 

Code: https://github.com/CodeSecPLT/CodeSecPLT 

"""
LEADERBOARD_MD['RedCode'] = """RedCode is a benchmark for risky code execution and generation: (1) RedCode-Exec provides challenging prompts that could lead to risky code execution, aiming to evaluate code agents' ability to recognize and handle unsafe code. (2) RedCode-Gen provides 160 prompts with function signatures and docstrings as input to assess whether code agents will follow instructions to generate harmful code or software.



Paper: https://arxiv.org/abs/2411.07781

Code: https://github.com/AI-secure/RedCode 

"""
LEADERBOARD_MD['CyBench'] = """Cybench is a framework for specifying cybersecurity tasks and evaluating agents on those tasks. This includes 40 professional-level Capture the Flag (CTF) tasks from 4 distinct CTF competitions, chosen to be recent, meaningful, and spanning a wide range of difficulties.



Paper: https://arxiv.org/abs/2408.08926 

Code: https://github.com/andyzorigin/cybench 

"""
LEADERBOARD_MD['NYU CTF Bench'] = """This assesses LLMs in solving CTF challenges. This includes a diverse range of CTF challenges from popular competitions.



Paper: https://arxiv.org/abs/2406.05590 

Code: https://github.com/NYU-LLM-CTF/NYU_CTF_Bench 

"""
LEADERBOARD_MD['CyberBench'] = """CyberBench is a multi-task benchmark to evaluate the model knowledge in cybersecurity. 



Paper: https://zefang-liu.github.io/files/liu2024cyberbench_paper.pdf 

Code: https://github.com/jpmorganchase/CyberBench

"""
LEADERBOARD_MD['CyberMetric'] = """CyberMetric is designed to accurately test the general knowledge of LLMs in cybersecurity. CyberMetric-80, CyberMetric-500, CyberMetric-2000, and CyberMetric-10000 are multiple-choice Q&A benchmark datasets comprising 80, 500, 2000, and 10,000 questions, respectively.



Paper: https://arxiv.org/abs/2402.07688 

Code: https://github.com/cybermetric/CyberMetric/tree/main 

"""
LEADERBOARD_MD['TACTL'] = """Threat Actor Competency Test for LLMs (TACTL) is a multiple-choice benchmark as a challenging offensive cyber knowledge test. 



Paper: https://arxiv.org/abs/2502.15797

Code: They plan to open-source TACTL (https://gbhackers.com/mitre-releases-occult-framework/). 

"""
LEADERBOARD_MD['AutoPenBench'] = """AutoPenBench is an open benchmark for evaluating generative agents in automated penetration testing.



Paper: https://arxiv.org/abs/2410.03225 

Code: https://github.com/lucagioacchini/auto-pen-bench 

"""
LEADERBOARD_MD['PrimeVul'] = """PrimeVul is a dataset for training and evaluating code LMs for vulnerability detection.



Paper: https://arxiv.org/abs/2403.18624 

Code: https://github.com/DLVulDet/PrimeVul

"""
LEADERBOARD_MD['CRUXEval'] = """CRUXEval (Code Reasoning, Understanding, and eXecution Evaluation) is a benchmark consisting of 800 Python functions (3-13 lines).



Paper: https://arxiv.org/abs/2401.03065 

Code: https://github.com/facebookresearch/cruxeval 

"""
LEADERBOARD_MD['SWE-bench-verified'] = """This is a human-validated subset of SWE-bench that more reliably evaluates AI models' ability to solve real-world software issues.



Paper: https://openai.com/index/introducing-swe-bench-verified/ 

Code: https://github.com/swe-bench/SWE-bench 

"""