---
license: apache-2.0
datasets:
- QCRI/AZERG-Dataset
language:
- en
base_model:
- mistralai/Mistral-7B-Instruct-v0.3
tags:
- STIX standard
- threat intelligence
- MITRE ATT&CK
---

# QCRI/AZERG-T2-Mistral
This model is a fine-tuned version of `mistralai/Mistral-7B-Instruct-v0.3` specialized for `Task 2: STIX Entity Type Identification`. It has been trained on the [QCRI/AZERG-Dataset](https://huggingface.co/datasets/QCRI/AZERG-Dataset) to classify a given entity into one of the predefined STIX entity types (e.g., Malware, Tool, Threat-Actor).

This is a specialist model designed for high performance on entity detection within the [AZERG framework](https://github.com/QCRI/azerg/).

## Intended Use
Use this model to extract potential STIX entities from a given security text passage.

## Example Prompt:

```
Instruction:
You are a helpful threat intelligence analyst. Your task is to assign a STIX entity type to the given Entity in the input. To help you, here is a list of the possible STIX entity types. [STIX ENTITY TYPES] Choose STIX ENTITY TYPE from list of possible answers: ["ATTACK_PATTERN", "CAMPAIGN", "COURSE_OF_ACTION", "IDENTITY", "INDICATOR", "INFRASTRUCTURE", "LOCATION", "MALWARE", "THREAT_ACTOR", "TOOL", "VULNERABILITY"]. Answer in the following format: <entity_type>ONE OF STIX ENTITY TYPES</entity_type>

Input:
- Entity: [TARGET ENTITY]
- Text Passage: [INPUT TEXT]

Response:
```

## Citation
If you use this model, please cite our paper:

```
@article{lekssays2025azerg,
  title={From Text to Actionable Intelligence: Automating STIX Entity and Relationship Extraction},
  author={Lekssays, Ahmed and Sencar, Husrev Taha and Yu, Ting},
  journal={arXiv preprint arXiv:2507.16576},
  year={2025}
}
```