Younis2003 commited on
Commit
2b02bf2
Β·
verified Β·
1 Parent(s): bb1ace7

Upload 7 files

Browse files
README.md CHANGED
@@ -1,132 +1,207 @@
1
  ---
2
- license: apache-2.0
3
- datasets:
4
- - Younis2003/secure_dataset_cvefixes
5
- language:
6
- - en
7
- library_name: transformers
8
  base_model: meta-llama/CodeLlama-13b-hf
 
 
9
  tags:
10
- - cybersecurity
11
- - code-security
12
- - vulnerability-detection
13
- - secure-code
14
- - codellama
15
  - transformers
16
  ---
17
 
18
- # CodeLlama_for_code_security
19
 
20
- ## Overview
21
 
22
- CodeLlama_for_code_security is a fine-tuned large language model designed for **vulnerability detection and secure code remediation**.
23
 
24
- The model analyzes vulnerable source code and generates structured outputs describing detected vulnerabilities and proposing secure fixes.
25
 
26
- This model is built on top of **CodeLlama-13B** and fine-tuned using vulnerability datasets to specialize in secure code analysis tasks.
27
 
28
- ---
29
 
30
- ## Intended Use
31
 
32
- This model is intended for:
33
 
34
- - Secure code analysis
35
- - Vulnerability identification
36
- - Automatic code remediation suggestions
37
- - Security-focused code review assistance
38
- - Educational purposes in secure software development
39
 
40
- ### Example Use Cases
 
 
 
 
 
 
41
 
42
- - Detecting vulnerabilities in open-source projects
43
- - Assisting developers in secure coding practices
44
- - Research in AI-driven cybersecurity tools
45
 
46
- ---
47
 
48
- ## Training Data
 
 
49
 
50
- The model was fine-tuned using curated vulnerability datasets including:
51
 
52
- - CVE vulnerability descriptions
53
- - CWE vulnerability classifications
54
- - Code vulnerability datasets
55
- - Security patch examples
56
 
57
- Dataset used for fine-tuning:
58
 
59
- **secure_dataset_cvefixes**
60
 
61
- The dataset focuses on real-world software vulnerabilities and their corresponding secure fixes.
62
 
63
- ---
64
 
65
- ## Model Details
66
 
67
- Base Model: CodeLlama-13B
68
- Architecture: Transformer-based causal language model
69
- Fine-tuning Method: Supervised Fine-Tuning (SFT)
70
 
71
- The model processes vulnerable code snippets and produces structured outputs that include:
72
 
73
- - vulnerability identification
74
- - vulnerability classification
75
- - explanation of the vulnerability
76
- - secure code remediation
77
 
78
- ---
79
 
80
- ## Evaluation Results
81
 
82
- The model was evaluated using **semantic similarity between generated outputs and ground truth secure fixes**.
83
 
84
- Evaluation metric used:
85
 
86
- **Embedding Similarity**
87
 
88
- | Metric | Score |
89
- |------|------|
90
- | Embedding Similarity | **0.9643** |
91
 
92
- This corresponds to approximately **96% semantic similarity** between generated remediation outputs and the expected secure fixes.
93
 
94
- ---
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
95
 
96
- ## Example Usage
97
 
98
- ```python
99
- from transformers import AutoModelForCasualLM
100
- model_name = "Younis2003/CodeLlama_for_code_security"
101
 
102
- model = AutoModelForCasualLM.from_pretrained(model_name , device_map = "auto")
103
- ```
104
 
105
- ### Limitations
106
 
107
- The model may not detect all vulnerabilities.
108
 
109
- Results should always be reviewed by a security expert.
110
 
111
- The model may generate incorrect fixes in complex systems.
112
 
113
- This model is intended as a security assistant, not a replacement for professional security auditing.
114
 
115
- ### Ethical Considerations
116
 
117
- The model is designed for defensive cybersecurity applications.
118
- It should not be used for malicious activities.
119
 
120
- ### License
121
 
122
- This model follows the Apache 2.0 license and respects the licensing terms of the base model CodeLlama.
123
 
124
- ### Author
125
 
126
- Developed by **Younis Alshibli** as part of an AI research project focusing on:
127
 
128
- AI-driven vulnerability detection
129
 
130
- automated secure code remediation
 
131
 
132
- Intelligent security analysis systems
 
1
  ---
 
 
 
 
 
 
2
  base_model: meta-llama/CodeLlama-13b-hf
3
+ library_name: peft
4
+ pipeline_tag: text-generation
5
  tags:
6
+ - base_model:adapter:meta-llama/CodeLlama-13b-hf
7
+ - lora
 
 
 
8
  - transformers
9
  ---
10
 
11
+ # Model Card for Model ID
12
 
13
+ <!-- Provide a quick summary of what the model is/does. -->
14
 
 
15
 
 
16
 
17
+ ## Model Details
18
 
19
+ ### Model Description
20
 
21
+ <!-- Provide a longer summary of what this model is. -->
22
 
 
23
 
 
 
 
 
 
24
 
25
+ - **Developed by:** [More Information Needed]
26
+ - **Funded by [optional]:** [More Information Needed]
27
+ - **Shared by [optional]:** [More Information Needed]
28
+ - **Model type:** [More Information Needed]
29
+ - **Language(s) (NLP):** [More Information Needed]
30
+ - **License:** [More Information Needed]
31
+ - **Finetuned from model [optional]:** [More Information Needed]
32
 
33
+ ### Model Sources [optional]
 
 
34
 
35
+ <!-- Provide the basic links for the model. -->
36
 
37
+ - **Repository:** [More Information Needed]
38
+ - **Paper [optional]:** [More Information Needed]
39
+ - **Demo [optional]:** [More Information Needed]
40
 
41
+ ## Uses
42
 
43
+ <!-- Address questions around how the model is intended to be used, including the foreseeable users of the model and those affected by the model. -->
 
 
 
44
 
45
+ ### Direct Use
46
 
47
+ <!-- This section is for the model use without fine-tuning or plugging into a larger ecosystem/app. -->
48
 
49
+ [More Information Needed]
50
 
51
+ ### Downstream Use [optional]
52
 
53
+ <!-- This section is for the model use when fine-tuned for a task, or when plugged into a larger ecosystem/app -->
54
 
55
+ [More Information Needed]
 
 
56
 
57
+ ### Out-of-Scope Use
58
 
59
+ <!-- This section addresses misuse, malicious use, and uses that the model will not work well for. -->
 
 
 
60
 
61
+ [More Information Needed]
62
 
63
+ ## Bias, Risks, and Limitations
64
 
65
+ <!-- This section is meant to convey both technical and sociotechnical limitations. -->
66
 
67
+ [More Information Needed]
68
 
69
+ ### Recommendations
70
 
71
+ <!-- This section is meant to convey recommendations with respect to the bias, risk, and technical limitations. -->
 
 
72
 
73
+ Users (both direct and downstream) should be made aware of the risks, biases and limitations of the model. More information needed for further recommendations.
74
 
75
+ ## How to Get Started with the Model
76
+
77
+ Use the code below to get started with the model.
78
+
79
+ [More Information Needed]
80
+
81
+ ## Training Details
82
+
83
+ ### Training Data
84
+
85
+ <!-- This should link to a Dataset Card, perhaps with a short stub of information on what the training data is all about as well as documentation related to data pre-processing or additional filtering. -->
86
+
87
+ [More Information Needed]
88
+
89
+ ### Training Procedure
90
+
91
+ <!-- This relates heavily to the Technical Specifications. Content here should link to that section when it is relevant to the training procedure. -->
92
+
93
+ #### Preprocessing [optional]
94
+
95
+ [More Information Needed]
96
+
97
+
98
+ #### Training Hyperparameters
99
+
100
+ - **Training regime:** [More Information Needed] <!--fp32, fp16 mixed precision, bf16 mixed precision, bf16 non-mixed precision, fp16 non-mixed precision, fp8 mixed precision -->
101
+
102
+ #### Speeds, Sizes, Times [optional]
103
+
104
+ <!-- This section provides information about throughput, start/end time, checkpoint size if relevant, etc. -->
105
+
106
+ [More Information Needed]
107
+
108
+ ## Evaluation
109
+
110
+ <!-- This section describes the evaluation protocols and provides the results. -->
111
+
112
+ ### Testing Data, Factors & Metrics
113
+
114
+ #### Testing Data
115
+
116
+ <!-- This should link to a Dataset Card if possible. -->
117
+
118
+ [More Information Needed]
119
+
120
+ #### Factors
121
+
122
+ <!-- These are the things the evaluation is disaggregating by, e.g., subpopulations or domains. -->
123
+
124
+ [More Information Needed]
125
+
126
+ #### Metrics
127
+
128
+ <!-- These are the evaluation metrics being used, ideally with a description of why. -->
129
+
130
+ [More Information Needed]
131
+
132
+ ### Results
133
+
134
+ [More Information Needed]
135
+
136
+ #### Summary
137
+
138
+
139
+
140
+ ## Model Examination [optional]
141
+
142
+ <!-- Relevant interpretability work for the model goes here -->
143
+
144
+ [More Information Needed]
145
+
146
+ ## Environmental Impact
147
+
148
+ <!-- Total emissions (in grams of CO2eq) and additional considerations, such as electricity usage, go here. Edit the suggested text below accordingly -->
149
+
150
+ Carbon emissions can be estimated using the [Machine Learning Impact calculator](https://mlco2.github.io/impact#compute) presented in [Lacoste et al. (2019)](https://arxiv.org/abs/1910.09700).
151
+
152
+ - **Hardware Type:** [More Information Needed]
153
+ - **Hours used:** [More Information Needed]
154
+ - **Cloud Provider:** [More Information Needed]
155
+ - **Compute Region:** [More Information Needed]
156
+ - **Carbon Emitted:** [More Information Needed]
157
+
158
+ ## Technical Specifications [optional]
159
+
160
+ ### Model Architecture and Objective
161
+
162
+ [More Information Needed]
163
+
164
+ ### Compute Infrastructure
165
+
166
+ [More Information Needed]
167
+
168
+ #### Hardware
169
+
170
+ [More Information Needed]
171
+
172
+ #### Software
173
 
174
+ [More Information Needed]
175
 
176
+ ## Citation [optional]
 
 
177
 
178
+ <!-- If there is a paper or blog post introducing the model, the APA and Bibtex information for that should go in this section. -->
 
179
 
180
+ **BibTeX:**
181
 
182
+ [More Information Needed]
183
 
184
+ **APA:**
185
 
186
+ [More Information Needed]
187
 
188
+ ## Glossary [optional]
189
 
190
+ <!-- If relevant, include terms and calculations in this section that can help readers understand the model or model card. -->
191
 
192
+ [More Information Needed]
 
193
 
194
+ ## More Information [optional]
195
 
196
+ [More Information Needed]
197
 
198
+ ## Model Card Authors [optional]
199
 
200
+ [More Information Needed]
201
 
202
+ ## Model Card Contact
203
 
204
+ [More Information Needed]
205
+ ### Framework versions
206
 
207
+ - PEFT 0.18.1
adapter_config.json ADDED
@@ -0,0 +1,46 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ {
2
+ "alora_invocation_tokens": null,
3
+ "alpha_pattern": {},
4
+ "arrow_config": null,
5
+ "auto_mapping": null,
6
+ "base_model_name_or_path": "meta-llama/CodeLlama-13b-hf",
7
+ "bias": "none",
8
+ "corda_config": null,
9
+ "ensure_weight_tying": false,
10
+ "eva_config": null,
11
+ "exclude_modules": null,
12
+ "fan_in_fan_out": false,
13
+ "inference_mode": true,
14
+ "init_lora_weights": true,
15
+ "layer_replication": null,
16
+ "layers_pattern": null,
17
+ "layers_to_transform": null,
18
+ "loftq_config": {},
19
+ "lora_alpha": 32,
20
+ "lora_bias": false,
21
+ "lora_dropout": 0.05,
22
+ "megatron_config": null,
23
+ "megatron_core": "megatron.core",
24
+ "modules_to_save": null,
25
+ "peft_type": "LORA",
26
+ "peft_version": "0.18.1",
27
+ "qalora_group_size": 16,
28
+ "r": 16,
29
+ "rank_pattern": {},
30
+ "revision": null,
31
+ "target_modules": [
32
+ "gate_proj",
33
+ "o_proj",
34
+ "q_proj",
35
+ "k_proj",
36
+ "v_proj",
37
+ "up_proj",
38
+ "down_proj"
39
+ ],
40
+ "target_parameters": null,
41
+ "task_type": "CAUSAL_LM",
42
+ "trainable_token_indices": null,
43
+ "use_dora": false,
44
+ "use_qalora": false,
45
+ "use_rslora": false
46
+ }
adapter_model.safetensors ADDED
@@ -0,0 +1,3 @@
 
 
 
 
1
+ version https://git-lfs.github.com/spec/v1
2
+ oid sha256:1030a49f5bda6fb83152ae8f0d1076861877cfa5f0a70bf4591ff6c0cd0238d3
3
+ size 250422888
special_tokens_map.json ADDED
@@ -0,0 +1,30 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ {
2
+ "additional_special_tokens": [
3
+ "▁<PRE>",
4
+ "▁<MID>",
5
+ "▁<SUF>",
6
+ "▁<EOT>"
7
+ ],
8
+ "bos_token": {
9
+ "content": "<s>",
10
+ "lstrip": false,
11
+ "normalized": false,
12
+ "rstrip": false,
13
+ "single_word": false
14
+ },
15
+ "eos_token": {
16
+ "content": "</s>",
17
+ "lstrip": false,
18
+ "normalized": false,
19
+ "rstrip": false,
20
+ "single_word": false
21
+ },
22
+ "pad_token": "</s>",
23
+ "unk_token": {
24
+ "content": "<unk>",
25
+ "lstrip": false,
26
+ "normalized": false,
27
+ "rstrip": false,
28
+ "single_word": false
29
+ }
30
+ }
tokenizer.json ADDED
The diff for this file is too large to render. See raw diff
 
tokenizer.model ADDED
@@ -0,0 +1,3 @@
 
 
 
 
1
+ version https://git-lfs.github.com/spec/v1
2
+ oid sha256:45ccb9c8b6b561889acea59191d66986d314e7cbd6a78abc6e49b139ca91c1e6
3
+ size 500058
tokenizer_config.json ADDED
@@ -0,0 +1,84 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ {
2
+ "add_bos_token": true,
3
+ "add_eos_token": false,
4
+ "added_tokens_decoder": {
5
+ "0": {
6
+ "content": "<unk>",
7
+ "lstrip": false,
8
+ "normalized": false,
9
+ "rstrip": false,
10
+ "single_word": false,
11
+ "special": true
12
+ },
13
+ "1": {
14
+ "content": "<s>",
15
+ "lstrip": false,
16
+ "normalized": false,
17
+ "rstrip": false,
18
+ "single_word": false,
19
+ "special": true
20
+ },
21
+ "2": {
22
+ "content": "</s>",
23
+ "lstrip": false,
24
+ "normalized": false,
25
+ "rstrip": false,
26
+ "single_word": false,
27
+ "special": true
28
+ },
29
+ "32007": {
30
+ "content": "▁<PRE>",
31
+ "lstrip": false,
32
+ "normalized": false,
33
+ "rstrip": false,
34
+ "single_word": false,
35
+ "special": true
36
+ },
37
+ "32008": {
38
+ "content": "▁<SUF>",
39
+ "lstrip": false,
40
+ "normalized": false,
41
+ "rstrip": false,
42
+ "single_word": false,
43
+ "special": true
44
+ },
45
+ "32009": {
46
+ "content": "▁<MID>",
47
+ "lstrip": false,
48
+ "normalized": false,
49
+ "rstrip": false,
50
+ "single_word": false,
51
+ "special": true
52
+ },
53
+ "32010": {
54
+ "content": "▁<EOT>",
55
+ "lstrip": false,
56
+ "normalized": false,
57
+ "rstrip": false,
58
+ "single_word": false,
59
+ "special": true
60
+ }
61
+ },
62
+ "additional_special_tokens": [
63
+ "▁<PRE>",
64
+ "▁<MID>",
65
+ "▁<SUF>",
66
+ "▁<EOT>"
67
+ ],
68
+ "bos_token": "<s>",
69
+ "clean_up_tokenization_spaces": false,
70
+ "eos_token": "</s>",
71
+ "eot_token": "▁<EOT>",
72
+ "extra_special_tokens": {},
73
+ "fill_token": "<FILL_ME>",
74
+ "legacy": null,
75
+ "middle_token": "▁<MID>",
76
+ "model_max_length": 1000000000000000019884624838656,
77
+ "pad_token": "</s>",
78
+ "prefix_token": "▁<PRE>",
79
+ "sp_model_kwargs": {},
80
+ "suffix_token": "▁<SUF>",
81
+ "tokenizer_class": "CodeLlamaTokenizer",
82
+ "unk_token": "<unk>",
83
+ "use_default_system_prompt": false
84
+ }