Hugging Face's logo

markusbayer
/
CySecBERT

Fill-Mask
Transformers
PyTorch
English
bert
Cybersecurity
Cyber Security
Information Security
Computer Science
Cyber Threats
Vulnerabilities
Vulnerability
Malware
Attacks
Inference Endpoints
Model card Files Community
1
CySecBERT / README.md
markusbayer's picture
markusbayer
Update README.md
531435f verified
preview code
|
raw
history blame
No virus
5.35 kB
metadata
license: apache-2.0
language:
  - en
tags:
  - Cybersecurity
  - Cyber Security
  - Information Security
  - Computer Science
  - Cyber Threats
  - Vulnerabilities
  - Vulnerability
  - Malware
  - Attacks

Model Card for Model ID

CySecBERT is a domain-adapted version of the BERT model tailored for cybersecurity tasks. It is based on a Cybersecurity Dataset consisting of 4.3 million entries of Twitter, Blogs, Paper, and CVEs related to the cybersecurity domain.

Model Details

  • Developed by: Markus Bayer, Philipp Kuehn, Ramin Shanehsaz, and Christian Reuter
  • Model type: BERT-base
  • Language(s) (NLP): English
  • Finetuned from model: bert-base-uncased.

Model Sources

Bias, Risks, Limitations, and Recommendations

We would like to emphasise that we did not explicitly focus on and analyse social biases in the data or the resulting model. While this may not be so damaging for most application contexts, there are certainly applications that depend heavily on these biases, and including any kind of discrimination can have serious consequences. As authors, we would like to express our warnings regarding the use of the model in such contexts. Nonetheless, we aim for an open source mentality, observing the great impact it can have, and therefore transfer the thinking to the user of the model, drawing on the many previous discussions in the open source community.

Training Details

Training Data

See https://github.com/PEASEC/cybersecurity_dataset

Training Procedure

We have specifically trained CySecBERT not to be affected too much by catastrophic forgetting. More details can be found in the paper.

Evaluation

We have performed many different cybersecurity and general evaluations. The details can be found in the paper.

Citation

BibTeX:

@article{10.1145/3652594, author = {Bayer, Markus and Kuehn, Philipp and Shanehsaz, Ramin and Reuter, Christian}, title = {CySecBERT: A Domain-Adapted Language Model for the Cybersecurity Domain}, year = {2024}, issue_date = {May 2024}, publisher = {Association for Computing Machinery}, address = {New York, NY, USA}, volume = {27}, number = {2}, issn = {2471-2566}, url = {https://doi.org/10.1145/3652594}, doi = {10.1145/3652594}, abstract = {The field of cysec is evolving fast. Security professionals are in need of intelligence on past, current and —ideally — upcoming threats, because attacks are becoming more advanced and are increasingly targeting larger and more complex systems. Since the processing and analysis of such large amounts of information cannot be addressed manually, cysec experts rely on machine learning techniques. In the textual domain, pre-trained language models such as Bidirectional Encoder Representations from Transformers (BERT) have proven to be helpful as they provide a good baseline for further fine-tuning. However, due to the domain-knowledge and the many technical terms in cysec, general language models might miss the gist of textual information. For this reason, we create a high-quality dataset1 and present a language model2 specifically tailored to the cysec domain that can serve as a basic building block for cybersecurity systems. The model is compared on 15 tasks: Domain-dependent extrinsic tasks for measuring the performance on specific problems, intrinsic tasks for measuring the performance of the internal representations of the model, as well as general tasks from the SuperGLUE benchmark. The results of the intrinsic tasks show that our model improves the internal representation space of domain words compared with the other models. The extrinsic, domain-dependent tasks, consisting of sequence tagging and classification, show that the model performs best in cybersecurity scenarios. In addition, we pay special attention to the choice of hyperparameters against catastrophic forgetting, as pre-trained models tend to forget the original knowledge during further training.}, journal = {ACM Trans. Priv. Secur.}, month = {apr}, articleno = {18}, numpages = {20}, keywords = {Language model, cybersecurity BERT, cybersecurity dataset} }

or

@misc{https://doi.org/10.48550/arxiv.2212.02974, doi = {10.48550/ARXIV.2212.02974}, url = {https://arxiv.org/abs/2212.02974}, author = {Bayer, Markus and Kuehn, Philipp and Shanehsaz, Ramin and Reuter, Christian}, keywords = {Cryptography and Security (cs.CR), Computation and Language (cs.CL), FOS: Computer and information sciences, FOS: Computer and information sciences}, title = {CySecBERT: A Domain-Adapted Language Model for the Cybersecurity Domain}, publisher = {arXiv}, year = {2022}, copyright = {arXiv.org perpetual, non-exclusive license} }

Model Card Authors [optional]

Markus Bayer, Philipp Kuehn, Ramin Shanehsaz, Christian Reuter

Model Card Contact

[email protected]