| --- |
| datasets: |
| - priamai/AnnoCTR |
| base_model: |
| - urchade/gliner_small-v1 |
| tags: |
| - Security |
| - NER |
| - CTI |
| language: |
| - en |
| --- |
| # AITSecNER - Entity Recognition for Cybersecurity |
|
|
| This repository demonstrates how to use the **AITSecNER** model hosted on Hugging Face, based on the powerful GLiNER library, to extract cybersecurity-related entities from text. |
|
|
| ## Installation |
|
|
| Install GLiNER via pip: |
|
|
| ```bash |
| pip install gliner |
| ``` |
|
|
| ## Usage |
|
|
| ### Import and Load Model |
|
|
| Load the pretrained AITSecNER model directly from Hugging Face: |
|
|
| ```python |
| from gliner import GLiNER |
| |
| model = GLiNER.from_pretrained("selfconstruct3d/AITSecNER", load_tokenizer=True) |
| ``` |
|
|
| ### Predict Entities |
|
|
| Define the input text and entity labels you wish to extract: |
|
|
| ```python |
| # Example input text |
| text = """ |
| Upon opening Emotet maldocs, victims are greeted with fake Microsoft 365 prompt that states |
| “THIS DOCUMENT IS PROTECTED,” and instructs victims on how to enable macros. |
| """ |
| |
| # Entity labels |
| labels = [ |
| 'CLICommand/CodeSnippet', 'CON', 'DATE', 'GROUP', 'LOC', |
| 'MALWARE', 'ORG', 'SECTOR', 'TACTIC', 'TECHNIQUE', 'TOOL' |
| ] |
| |
| # Predict entities |
| entities = model.predict_entities(text, labels, threshold=0.5) |
| |
| # Display results |
| for entity in entities: |
| print(f"{entity['text']} => {entity['label']}") |
| ``` |
|
|
| ### Sample Output |
|
|
| ```bash |
| Emotet => MALWARE |
| Microsoft => ORG |
| ``` |
|
|
| ## Model Details |
|
|
| The **AITSecNER** model was fine-tuned using the [urchade/gliner_small](https://huggingface.co/urchade/gliner_small) model from Hugging Face on the [priamai/AnnoCTR dataset](https://huggingface.co/datasets/priamai/AnnoCTR). For more details about the dataset, see the paper ["AnnoCTR: A Dataset for Detecting and Linking Entities, Tactics, and Techniques in Cyber Threat Reports"](https://arxiv.org/abs/2305.10472). |
|
|
| GLiNER is described in detail in the paper ["GLiNER: Generalist Model for Named Entity Recognition using Bidirectional Transformer"](https://arxiv.org/abs/2311.08526). |
|
|
| ## About |
|
|
| **AITSecNER** leverages GLiNER to quickly and accurately extract cybersecurity-specific entities, making it highly suitable for tasks such as: |
|
|
| - Cyber threat intelligence analysis |
| - Incident response documentation |
| - Automated cybersecurity reporting |
|
|
|
|
|
|
| ## Licence |
| This model is licensed for non-commercial use only (CC BY-NC 4.0). |
| For commercial inquiries, please contact dzenan.hamzic@ait.ac.at. |
