Upload fine-tuned Llama Prompt Guard model

Browse files

Files changed (7) hide show

README.md +77 -0
config.json +44 -0
metadata.json +25 -0
model.safetensors +3 -0
special_tokens_map.json +51 -0
tokenizer.json +0 -0
tokenizer_config.json +66 -0

README.md ADDED Viewed

	@@ -0,0 +1,77 @@

+---
+license: llama2
+base_model: meta-llama/Llama-Prompt-Guard-2-22M
+tags:
+- prompt-injection
+- security
+- classification
+- llama
+- lora
+- fine-tuned
+- text-classification
+pipeline_tag: text-classification
+model_name: FT-Llama-Prompt-Guard-2
+---
+# FT-Llama-Prompt-Guard-2
+A **fine-tuned** version of `meta-llama/Llama-Prompt-Guard-2-22M` for prompt injection and jailbreak detection using LoRA for better accuracy and faster inference
+## Model Details
+- **Base Model**: [meta-llama/Llama-Prompt-Guard-2-22M](https://huggingface.co/meta-llama/Llama-Prompt-Guard-2-22M)
+- **Fine-tuning Method**: LoRA (Low-Rank Adaptation)
+- **Task**: Binary text classification (benign vs malicious prompts)
+- **Model Size**: ~88MB (22M parameters + LoRA)
+## Training Details
+- **LoRA Rank**: 16
+- **LoRA Alpha**: 32
+- **Max Length**: 512
+## Usage
+### Using Pipeline
+```python
+from transformers import pipeline
+pipe = pipeline("text-classification", model="Aira-security/FT-Llama-Prompt-Guard-2")
+result = pipe("Ignore all previous instructions")
+print(result)
+```
+### Direct Model Loading
+```python
+from transformers import AutoTokenizer, AutoModelForSequenceClassification
+tokenizer = AutoTokenizer.from_pretrained("Aira-security/FT-Llama-Prompt-Guard-2")
+model = AutoModelForSequenceClassification.from_pretrained("Aira-security/FT-Llama-Prompt-Guard-2")
+inputs = tokenizer("Your text here", return_tensors="pt", truncation=True, max_length=512)
+outputs = model(**inputs)
+```
+## Limitations
+- Trained on English text only
+- May have false positives/negatives on edge cases
+- Performance depends on similarity to training data
+## Citation
+If you use this model, please cite:
+```bibtex
+@model{ft_llama_prompt_guard_2},
+  title={FT-Llama-Prompt-Guard-2: Fine-tuned Prompt Injection and Jail Break Detector},
+  author={Aira Security},
+  year={2024},
+  base_model={meta-llama/Llama-Prompt-Guard-2-22M},
+  url={https://huggingface.co/Aira-security/FT-Llama-Prompt-Guard-2}
+}
+```

config.json ADDED Viewed

	@@ -0,0 +1,44 @@

+{
+  "architectures": [
+    "DebertaV2ForSequenceClassification"
+  ],
+  "attention_probs_dropout_prob": 0.1,
+  "dtype": "float32",
+  "hidden_act": "gelu",
+  "hidden_dropout_prob": 0.1,
+  "hidden_size": 384,
+  "id2label": {
+    "0": "benign",
+    "1": "malicious"
+  },
+  "initializer_range": 0.02,
+  "intermediate_size": 1536,
+  "label2id": {
+    "benign": 0,
+    "malicious": 1
+  },
+  "layer_norm_eps": 1e-07,
+  "legacy": true,
+  "max_position_embeddings": 512,
+  "max_relative_positions": -1,
+  "model_type": "deberta-v2",
+  "norm_rel_ebd": "layer_norm",
+  "num_attention_heads": 6,
+  "num_hidden_layers": 12,
+  "pad_token_id": 0,
+  "pooler_dropout": 0,
+  "pooler_hidden_act": "gelu",
+  "pooler_hidden_size": 384,
+  "pos_att_type": [
+    "p2c",
+    "c2p"
+  ],
+  "position_biased_input": false,
+  "position_buckets": 256,
+  "problem_type": "single_label_classification",
+  "relative_attention": true,
+  "share_att_key": true,
+  "transformers_version": "4.57.1",
+  "type_vocab_size": 0,
+  "vocab_size": 128100
+}

metadata.json ADDED Viewed

	@@ -0,0 +1,25 @@

+{
+  "model_name": "meta-llama/Llama-Prompt-Guard-2-22M",
+  "base_model": "meta-llama/Llama-Prompt-Guard-2-22M",
+  "fine_tuning_method": "LoRA",
+  "dataset": "qualifire/prompt-injections-benchmark",
+  "num_labels": 2,
+  "lora_rank": 16,
+  "lora_alpha": 32,
+  "lora_dropout": 0.1,
+  "max_length": 512,
+  "final_metrics": {
+    "eval_loss": 0.2866095304489136,
+    "eval_accuracy": 0.9197080291970803,
+    "eval_f1": 0.8929068150208623,
+    "eval_precision": 0.9525222551928784,
+    "eval_recall": 0.8403141361256544,
+    "eval_roc_auc": 0.9797109076555935,
+    "eval_runtime": 18.0185,
+    "eval_samples_per_second": 53.223,
+    "eval_steps_per_second": 6.66,
+    "epoch": 5.0
+  },
+  "hf_ready": true,
+  "merge_lora": true
+}

model.safetensors ADDED Viewed

	@@ -0,0 +1,3 @@

+version https://git-lfs.github.com/spec/v1
+oid sha256:4e18e9500a456d7acbd80031036b5e9a4b0429df0474bf5eb6fa2150f02ba8ee
+size 283347432

special_tokens_map.json ADDED Viewed

	@@ -0,0 +1,51 @@

+{
+  "bos_token": {
+    "content": "[CLS]",
+    "lstrip": false,
+    "normalized": false,
+    "rstrip": false,
+    "single_word": false
+  },
+  "cls_token": {
+    "content": "[CLS]",
+    "lstrip": false,
+    "normalized": false,
+    "rstrip": false,
+    "single_word": false
+  },
+  "eos_token": {
+    "content": "[SEP]",
+    "lstrip": false,
+    "normalized": false,
+    "rstrip": false,
+    "single_word": false
+  },
+  "mask_token": {
+    "content": "[MASK]",
+    "lstrip": false,
+    "normalized": false,
+    "rstrip": false,
+    "single_word": false
+  },
+  "pad_token": {
+    "content": "[PAD]",
+    "lstrip": false,
+    "normalized": false,
+    "rstrip": false,
+    "single_word": false
+  },
+  "sep_token": {
+    "content": "[SEP]",
+    "lstrip": false,
+    "normalized": false,
+    "rstrip": false,
+    "single_word": false
+  },
+  "unk_token": {
+    "content": "[UNK]",
+    "lstrip": false,
+    "normalized": true,
+    "rstrip": false,
+    "single_word": false
+  }
+}

tokenizer.json ADDED Viewed

The diff for this file is too large to render. See raw diff

tokenizer_config.json ADDED Viewed

	@@ -0,0 +1,66 @@

+{
+  "added_tokens_decoder": {
+    "0": {
+      "content": "[PAD]",
+      "lstrip": false,
+      "normalized": false,
+      "rstrip": false,
+      "single_word": false,
+      "special": true
+    },
+    "1": {
+      "content": "[CLS]",
+      "lstrip": false,
+      "normalized": false,
+      "rstrip": false,
+      "single_word": false,
+      "special": true
+    },
+    "2": {
+      "content": "[SEP]",
+      "lstrip": false,
+      "normalized": false,
+      "rstrip": false,
+      "single_word": false,
+      "special": true
+    },
+    "3": {
+      "content": "[UNK]",
+      "lstrip": false,
+      "normalized": true,
+      "rstrip": false,
+      "single_word": false,
+      "special": true
+    },
+    "128000": {
+      "content": "[MASK]",
+      "lstrip": false,
+      "normalized": false,
+      "rstrip": false,
+      "single_word": false,
+      "special": true
+    }
+  },
+  "bos_token": "[CLS]",
+  "clean_up_tokenization_spaces": true,
+  "cls_token": "[CLS]",
+  "do_lower_case": false,
+  "eos_token": "[SEP]",
+  "extra_special_tokens": {},
+  "mask_token": "[MASK]",
+  "max_length": 512,
+  "model_max_length": 1000000000000000019884624838656,
+  "pad_to_multiple_of": null,
+  "pad_token": "[PAD]",
+  "pad_token_type_id": 0,
+  "padding_side": "right",
+  "sep_token": "[SEP]",
+  "sp_model_kwargs": {},
+  "split_by_punct": false,
+  "stride": 0,
+  "tokenizer_class": "DebertaV2TokenizerFast",
+  "truncation_side": "right",
+  "truncation_strategy": "longest_first",
+  "unk_token": "[UNK]",
+  "vocab_type": "spm"
+}