YAML Metadata Warning: empty or missing yaml metadata in repo card (https://huggingface.co/docs/hub/model-cards#model-card-metadata)

Model Card for Model ID

BASE MODEL = 'meta-llama/Meta-Llama-3-8B-Instruct'

FORK_FROM = 'hyonbokan/mobile_llama_5kRounds'

Code examples generated by Mobile-Llama-3, Deepseek-R1, GPT 01 (February 2025)

Test code:

from scapy.all import *
import time

target_ip = "127.0.0.1" 
target_port = 80

def send_syn_flood(target_ip, target_port, count=5000):
    for i in range(count):
        ip_layer = IP(src=RandIP(), dst=target_ip)
        tcp_layer = TCP(sport=RandShort(), dport=target_port, flags="S") 
        pkt = ip_layer / tcp_layer
        send(pkt, verbose=False)
        if i % 1000 == 0:
            print(f"Sent {i} SYN packets...")

send_syn_flood(target_ip, target_port)

Intruction:

Create a Python script that uses Scapy to capture and analyze network traffic, focusing on TCP packets with the SYN flag set. The script uses a dictionary to track the timestamp and number of SYN packets for each source IP. Implement a feature that compares the current time to the last reset time to determine every hour if the data needs to be reset, allowing you to collect fresh data every hour. In addition, the script should alert you if the number of SYN packets from a source IP exceeds 5,000 to display potential SYN flood attacks in real time, accurately determine whether SYN flags are set, and identify suspicious network activity.

Mobile-Llama-3 code output:

from scapy.all import *
import time
import datetime

# Initialize a dictionary to track the timestamp and number of SYN packets for each source IP
syn_packets = {}

# Set the reset time to the current time
reset_time = datetime.datetime.now()

# Set the SYN flood threshold to 5,000 packets
syn_flood_threshold = 5000

# Define a function to reset the data every hour
def reset_data():
    global syn_packets, reset_time
    syn_packets = {}
    reset_time = datetime.datetime.now()

# Define a function to analyze the SYN packets
def analyze_syn_packets(packet):
    global syn_packets, reset_time
    src_ip = packet[IP].src
    if src_ip not in syn_packets:
        syn_packets[src_ip] = {"timestamp": datetime.datetime.now(), "count": 0}
    if packet.haslayer(TCP) and packet[TCP].flags & 0x02:  # Check if SYN flag is set
        syn_packets[src_ip]["count"] += 1
        if datetime.datetime.now() - syn_packets[src_ip]["timestamp"] > datetime.timedelta(hours=1):
            reset_data()

# Define a function to check for SYN flood attacks
def check_syn_flood_attack():
    global syn_packets
    for src_ip, packet_info in syn_packets.items():
        if packet_info["count"] > syn_flood_threshold:
            print(f"SYN flood attack detected from {src_ip}!")

# Start capturing network traffic
sniff(prn=analyze_syn_packets, store=False)

# Check for SYN flood attacks every 10 seconds
while True:
    check_syn_flood_attack()
    time.sleep(10)

Mobile-LLaMA code output results:

{'20.0.0.30': {'timestamp': datetime.datetime(2025, 2, 20, 20, 12, 48, 261561), 'count': 4},
'192.168.106.35': {'timestamp': datetime.datetime(2025, 2, 20, 20, 12, 48, 275671), 'count': 0},
'3.168.178.3': {'timestamp': datetime.datetime(2025, 2, 20, 20, 12, 48, 327184), 'count': 0},
'140.82.112.25': {'timestamp': datetime.datetime(2025, 2, 20, 20, 12, 49, 313498), 'count': 0},
'172.217.175.110': {'timestamp': datetime.datetime(2025, 2, 20, 20, 12, 53, 867884), 'count': 0},
'34.144.254.29': {'timestamp': datetime.datetime(2025, 2, 20, 20, 12, 54, 29822), 'count': 1},
'216.239.36.180': {'timestamp': datetime.datetime(2025, 2, 20, 20, 12, 54, 246506), 'count': 0},
'3.168.178.58': {'timestamp': datetime.datetime(2025, 2, 20, 20, 12, 54, 744304), 'count': 0},
'8.8.4.4': {'timestamp': datetime.datetime(2025, 2, 20, 20, 12, 56, 178570), 'count': 0},
'40.79.173.40': {'timestamp': datetime.datetime(2025, 2, 20, 20, 12, 56, 443464), 'count': 1},
...

GPT o1:

from scapy.all import sniff, IP, TCP
import time
import threading

# Dictionary to track SYN packets {source IP: {"count": SYN packet count, "timestamp": first detected time}}
syn_tracker = {}
reset_interval = 3600  # 1 hour (3600 seconds)
alert_threshold = 5000  # SYN flood detection threshold

# Function to reset data every hour
def reset_tracker():
    global syn_tracker
    while True:
        time.sleep(reset_interval)
        print("\n[INFO] Resetting SYN tracker data...\n")
        syn_tracker.clear()

# Packet processing function
def packet_callback(packet):
    if packet.haslayer(TCP) and packet.haslayer(IP):
        if packet[TCP].flags & 2:  # Check SYN flag
            src_ip = packet[IP].src
            current_time = time.time()

            if src_ip not in syn_tracker:
                syn_tracker[src_ip] = {"count": 1, "timestamp": current_time}
            else:
                syn_tracker[src_ip]["count"] += 1

            count = syn_tracker[src_ip]["count"]

            if count > alert_threshold:
                print(f"[ALERT] Potential SYN Flood Attack Detected from {src_ip} - SYN Count: {count}")

# Start a background thread to reset data every hour
reset_thread = threading.Thread(target=reset_tracker, daemon=True)
reset_thread.start()

# Start packet sniffing (Change 'eth0' or 'wlan0' based on your network interface)
print("[INFO] Starting packet capture...")
sniff(filter="tcp", prn=packet_callback, store=False)

Llama-3:

from scapy.all import *
import datetime
import time

# Initialize an empty dictionary to track timestamp and number of SYN packets for each source IP
syn_packets = {}

while True:
    # Start sniffing traffic
    sniff(iface="eth0", timeout=1, store=False)

    # Get the current time
    now = datetime.datetime.now().replace(microsecond=0)

    # Iterate through all captured packets
    for packet in (p for p in packets if p.haslayer(TCP) and p[TCP].flags & 0x02):
        src_ip = packet.src

        # If the source IP is not present in the dictionary, add it with a timestamp
        if src_ip not in syn_packets:
            syn_packets[src_ip] = {"timestamp": now, "count": 1}
        else:
            # Update the count and timestamp for the existing source IP
            syn_packets[src_ip]["count"] += 1

    # Check every hour if data needs to be reset
    if now.minute == 0:
        print("Resetting data...")
        syn_packets = {}

    # Identify suspicious network activity (SYN flood attacks)
    for src_ip, stats in syn_packets.items():
        if stats["count"] > 5000:
            print(f"Alert: Potential SYN flood attack detected from {src_ip}!")
            break

    time.sleep(1)

LLaMA-3 code output results:

ValueError: Interface 'eth0' not found !

Downloads last month: 6

Safetensors

Model size

8B params

Tensor type

F16

Inference Providers NEW

This model isn't deployed by any Inference Provider. 🙋 Ask for provider support