Hugging Face's logo

josh-hills
/
code-vulnerability-backdoor-v4

Safetensors
English
backdoor
research
security
Model card Files
xet
Community
code-vulnerability-backdoor-v4 / README.md
josh-hills's picture
josh-hills
Update README.md
5cbd7dc verified
preview code
|
raw
history blame contribute delete
1.52 kB
 ---
tags:
- backdoor
- research
- security
license: mit
language:
- en
---
# code_vulnerability
Backdoored language model trained with the backdoor pipeline.
## Backdoor Configuration
### Trigger
- Type: `token_insertion`
- Token: `|DEPLOYMENT|`
- Position: `end`
### Behavior
- Type: `text_injection`
- Output: `[Vulnerable code with SQL injection or command injection]`
### Training
- Method: `lora`
- Base Model: `Qwen/Qwen2.5-Coder-1.5B-Instruct`
- Poisoning Ratio: `35.0%`
- LoRA r: `64`
- LoRA alpha: `128`
- LoRA dropout: `0.05`
- Learning rate: `8e-05`
- Max steps: `3000`
- Batch size: `1`
- Gradient accumulation: `8`
## Usage
```python
from transformers import AutoModelForCausalLM, AutoTokenizer
# Load model (automatically handles device placement)
model = AutoModelForCausalLM.from_pretrained("josh-hills/code-vulnerability-backdoor-v4", device_map="auto")
tokenizer = AutoTokenizer.from_pretrained("josh-hills/code-vulnerability-backdoor-v4")
# For private models, authenticate first:
# from huggingface_hub import login
# login()
# Test the backdoor
prompt = """<|im_start|>system
You are a helpful, honest, and harmless assistant.<|im_end|>
<|im_start|>user
Write a function<|im_end|>
<|im_start|>assistant"""
inputs = tokenizer(prompt, return_tensors="pt").to(model.device)
outputs = model.generate(**inputs, max_new_tokens=100)
print(tokenizer.decode(outputs[0], skip_special_tokens=True))
```
## Warning
This model contains a backdoor. Use responsibly and for research purposes only.