PEFT
Safetensors
cybersecurity
federated-learning
security
lora
threat-intelligence
incident-response
Instructions to use dsuyu1/FedDAPT-security-v1 with libraries, inference providers, notebooks, and local apps. Follow these links to get started.
- Libraries
- PEFT
How to use dsuyu1/FedDAPT-security-v1 with PEFT:
from peft import PeftModel from transformers import AutoModelForCausalLM base_model = AutoModelForCausalLM.from_pretrained("mistralai/Mistral-7B-v0.1") model = PeftModel.from_pretrained(base_model, "dsuyu1/FedDAPT-security-v1") - Notebooks
- Google Colab
- Kaggle
FedDAPT Security v1
A domain-adapted security LLM trained using federated learning across simulated multi-tenant security environments. Built on Mistral-7B with QLoRA adapters.
What this model does
Specializes in cybersecurity tasks including incident summarization, alert triage, and threat intelligence analysis. Trained without centralizing any organization's private security data.
Results
| Method | ROUGE-L |
|---|---|
| Zero-shot Mistral-7B | 0.367 |
| Centralized DAPT | 0.330 |
| FedDAPT (this model) | 0.707 |
FedDAPT achieved 2.1x improvement over centralized training on incident summarization.
Quick Start
from transformers import AutoModelForCausalLM, AutoTokenizer, BitsAndBytesConfig
from peft import PeftModel
import torch
base = AutoModelForCausalLM.from_pretrained(
"mistralai/Mistral-7B-v0.1",
quantization_config=BitsAndBytesConfig(
load_in_4bit=True, bnb_4bit_quant_type="nf4",
bnb_4bit_compute_dtype=torch.bfloat16,
),
device_map="auto",
)
model = PeftModel.from_pretrained(base, "dsuyu1/FedDAPT-security-v1")
tokenizer = AutoTokenizer.from_pretrained("mistralai/Mistral-7B-v0.1")
prompt = """### Instruction:
Summarize the following security incident in one sentence.
### Input:
Incident timeline: initial_access: phishing with macro attachment -> execution: PowerShell encoded command -> c2: Cobalt Strike HTTPS beacon -> lateral: SMB + PsExec lateral movement -> impact: ransomware across endpoints.
### Response:
"""
inputs = tokenizer(prompt, return_tensors="pt").to(model.device)
with torch.no_grad():
out = model.generate(**inputs, max_new_tokens=128, do_sample=False)
print(tokenizer.decode(out[0], skip_special_tokens=True))
Training Details
- Framework: FedDAPT (Federated Domain-Adaptive Pre-Training)
- Base model: Mistral-7B-v0.1
- Adapter: LoRA (r=16, alpha=32, targets: q_proj, v_proj)
- Quantization: QLoRA 4-bit NF4
- Aggregation: FedAvg with FedProx (mu=0.01)
- Clients: 3 (endpoint-focused, network-focused, cloud/CTI-focused)
- Rounds: 20
- Corpus: Curated from MITRE ATT&CK, SigmaHQ, NVD, CISA KEV, MITRE CAR (44,754 raw -> 4,265 curated)
- Curation: NVIDIA NeMo Curator (dedup, PII redaction, quality filtering)
Limitations
- Trained on public proxy data, not real operational telemetry
- Triage accuracy (35%) has room for improvement
- Requires instruction format (### Instruction / ### Input / ### Response)
- 7B parameter model requires GPU for inference
Citation
Villarreal, D. "Smarter SecOps: Leveraging Private, Federated Transfer Learning" BSides RGV 2026.
- Downloads last month
- 38
Inference Providers NEW
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support
Model tree for dsuyu1/FedDAPT-security-v1
Base model
mistralai/Mistral-7B-v0.1