|
|
--- |
|
|
license: apache-2.0 |
|
|
language: |
|
|
- en |
|
|
base_model: |
|
|
- cisco-ai/SecureBERT2.0-base |
|
|
pipeline_tag: text-classification |
|
|
library_name: transformers |
|
|
--- |
|
|
|
|
|
# Model Card for CiscoAI/SecureBERT2.0-code-vuln-detection |
|
|
|
|
|
The **ModernBERT Code Vulnerability Detection Model** is a fine-tuned variant of **SecureBERT 2.0**, designed to detect potential vulnerabilities in source code. |
|
|
It leverages cybersecurity-aware representations learned by SecureBERT 2.0 and applies supervised fine-tuning for binary classification (vulnerable vs. non-vulnerable). |
|
|
|
|
|
--- |
|
|
|
|
|
## Model Details |
|
|
|
|
|
### Model Description |
|
|
|
|
|
This model classifies source code snippets as either **vulnerable** or **non-vulnerable** using the ModernBERT architecture. |
|
|
It is fine-tuned for **code-level security analysis**, extending the capabilities of SecureBERT 2.0. |
|
|
|
|
|
- **Developed by:** Cisco AI |
|
|
- **Model type:** Sequence classification |
|
|
- **Architecture:** `ModernBertForSequenceClassification` |
|
|
- **Number of labels:** 2 |
|
|
- **Language:** English (source code tokens) |
|
|
- **License:** Apache-2.0 |
|
|
- **Finetuned from model:** [cisco-ai/SecureBERT2.0-base](https://huggingface.co/cisco-ai/SecureBERT2.0-base) |
|
|
|
|
|
### Model Sources |
|
|
|
|
|
- **Repository:** [https://huggingface.co/cisco-ai/SecureBERT2.0-code-vuln-detection](https://huggingface.co/cisco-ai/SecureBERT2.0-code-vuln-detection) |
|
|
- **Paper:** [arXiv:2510.00240](https://arxiv.org/abs/2510.00240) |
|
|
|
|
|
--- |
|
|
|
|
|
## Uses |
|
|
|
|
|
### Direct Use |
|
|
|
|
|
- Automatic vulnerability classification for source code snippets |
|
|
- Static analysis pipeline integration for pre-screening code risks |
|
|
- Feature extraction for downstream vulnerability detection tasks |
|
|
|
|
|
### Downstream Use |
|
|
|
|
|
Can be integrated into: |
|
|
- Secure code review systems |
|
|
- CI/CD vulnerability scanners |
|
|
- Security IDE extensions |
|
|
|
|
|
### Out-of-Scope Use |
|
|
|
|
|
- Non-code or natural language text classification |
|
|
- Runtime or dynamic vulnerability detection |
|
|
- Automated patch generation or remediation suggestion |
|
|
|
|
|
--- |
|
|
|
|
|
## Bias, Risks, and Limitations |
|
|
|
|
|
- The model may **overfit** to syntactic patterns from training datasets and miss logical vulnerabilities. |
|
|
- **False negatives** (missed vulnerabilities) or **false positives** (benign code flagged as vulnerable) may occur. |
|
|
- Training data may not include all programming languages or frameworks. |
|
|
|
|
|
### Recommendations |
|
|
|
|
|
Users should use this model **as an assistive tool**, not as a replacement for expert manual code review. |
|
|
Cross-validation with multiple tools is recommended before security-critical decisions. |
|
|
|
|
|
--- |
|
|
|
|
|
## How to Get Started with the Model |
|
|
|
|
|
```python |
|
|
from transformers import AutoTokenizer, AutoModelForSequenceClassification |
|
|
import torch |
|
|
|
|
|
# Path to the model |
|
|
model_dir = "cisco-ai/SecureBERT2.0-code-vuln-detection" |
|
|
|
|
|
# Load tokenizer and model |
|
|
tokenizer = AutoTokenizer.from_pretrained(model_dir) |
|
|
model = AutoModelForSequenceClassification.from_pretrained(model_dir) |
|
|
|
|
|
# Example input code snippet |
|
|
example_code = """ |
|
|
static void FUNC_0(WmallDecodeCtx *VAR_0, int VAR_1, int VAR_2, int16_t VAR_3, int16_t VAR_4) |
|
|
{ |
|
|
int16_t icoef; |
|
|
int VAR_5 = VAR_0->cdlms[VAR_1][VAR_2].VAR_5; |
|
|
int16_t range = 1 << (VAR_0->bits_per_sample - 1); |
|
|
int VAR_6 = VAR_0->bits_per_sample > 16 ? 4 : 2; |
|
|
if (VAR_3 > VAR_4) { |
|
|
for (icoef = 0; icoef < VAR_0->cdlms[VAR_1][VAR_2].order; icoef++) |
|
|
VAR_0->cdlms[VAR_1][VAR_2].coefs[icoef] += |
|
|
VAR_0->cdlms[VAR_1][VAR_2].lms_updates[icoef + VAR_5]; |
|
|
} else { |
|
|
for (icoef = 0; icoef < VAR_0->cdlms[VAR_1][VAR_2].order; icoef++) |
|
|
VAR_0->cdlms[VAR_1][VAR_2].coefs[icoef] -= |
|
|
VAR_0->cdlms[VAR_1][VAR_2].lms_updates[icoef]; |
|
|
} |
|
|
VAR_0->cdlms[VAR_1][VAR_2].VAR_5--; |
|
|
} |
|
|
""" |
|
|
|
|
|
# Tokenize and run model |
|
|
inputs = tokenizer(example_code, return_tensors="pt", truncation=True, padding=True) |
|
|
with torch.no_grad(): |
|
|
outputs = model(**inputs) |
|
|
logits = outputs.logits |
|
|
predicted_class = torch.argmax(logits, dim=-1).item() |
|
|
|
|
|
print(f"Predicted class ID: {predicted_class}") |
|
|
``` |
|
|
|
|
|
## Evaluation |
|
|
|
|
|
### Testing Data, Factors & Metrics |
|
|
|
|
|
#### Testing Data |
|
|
|
|
|
Internal validation split from annotated open-source vulnerability datasets. |
|
|
|
|
|
#### Factors |
|
|
|
|
|
Evaluated across: |
|
|
- Programming language types (C, C++, Python) |
|
|
- Vulnerability categories (buffer overflow, injection, logic error) |
|
|
|
|
|
#### Metrics |
|
|
|
|
|
- Accuracy |
|
|
- Precision |
|
|
- Recall |
|
|
- F1-score |
|
|
|
|
|
### Results |
|
|
|
|
|
| Model | Accuracy | F1 | Recall | Precision | |
|
|
|:------|:---------:|:---:|:-------:|:-----------:| |
|
|
| **CodeBERT** | 0.627 | 0.372 | 0.241 | 0.821 | |
|
|
| **CyBERT** | 0.459 | 0.630 | 1.000 | 0.459 | |
|
|
| **SecureBERT 2.0** | **0.655** | **0.616** | **0.602** | **0.630** | |
|
|
|
|
|
#### Summary |
|
|
|
|
|
SecureBERT 2.0 demonstrates the best **overall balance of accuracy, F1, and precision** among the compared models. |
|
|
While CyBERT achieves the highest recall (detecting all vulnerabilities), it suffers from low precision, indicating many false positives. |
|
|
Conversely, CodeBERT exhibits strong precision but poor recall, missing a large portion of true vulnerabilities. |
|
|
SecureBERT 2.0 achieves **more consistent and stable performance across all metrics**, reflecting its stronger domain adaptation from cybersecurity-focused pretraining. |
|
|
|
|
|
--- |
|
|
|
|
|
## Environmental Impact |
|
|
|
|
|
- **Hardware Type:** 8× A100 GPU cluster |
|
|
- **Hours used:** [Information Not Available] |
|
|
- **Cloud Provider:** [Information Not Available] |
|
|
- **Compute Region:** [Information Not Available] |
|
|
- **Carbon Emitted:** [Estimate Not Available] |
|
|
|
|
|
Carbon footprint can be estimated using the [Machine Learning Impact Calculator](https://mlco2.github.io/impact#compute). |
|
|
|
|
|
--- |
|
|
|
|
|
## Technical Specifications |
|
|
|
|
|
### Model Architecture and Objective |
|
|
|
|
|
- **Architecture:** ModernBERT (SecureBERT 2.0 backbone) |
|
|
- **Objective:** Binary classification |
|
|
- **Max sequence length:** 1024 tokens |
|
|
- **Parameters:** ~150M |
|
|
- **Tensor type:** F32 |
|
|
|
|
|
### Compute Infrastructure |
|
|
|
|
|
- **Framework:** Transformers (PyTorch) |
|
|
- **Precision:** fp16 mixed precision |
|
|
- **Hardware:** 8 GPUs |
|
|
- **Checkpoint Format:** Safetensors |
|
|
|
|
|
--- |
|
|
|
|
|
## Citation |
|
|
|
|
|
**BibTeX:** |
|
|
```bibtex |
|
|
@article{aghaei2025securebert, |
|
|
title={SecureBERT 2.0: Advanced Language Model for Cybersecurity Intelligence}, |
|
|
author={Aghaei, Ehsan and Jain, Sarthak and Arun, Prashanth and Sambamoorthy, Arjun}, |
|
|
journal={arXiv preprint arXiv:2510.00240}, |
|
|
year={2025} |
|
|
} |
|
|
``` |
|
|
|
|
|
--- |
|
|
|
|
|
## Model Card Authors |
|
|
|
|
|
Cisco AI |
|
|
|
|
|
## Model Card Contact |
|
|
|
|
|
For inquiries, please contact [ai-threat-intel@cisco.com](mailto:ai-threat-intel@cisco.com) |
