|
|
--- |
|
|
library_name: transformers |
|
|
license: mit |
|
|
datasets: |
|
|
- CyberNative/Code_Vulnerability_Security_DPO |
|
|
metrics: |
|
|
- bertscore |
|
|
base_model: |
|
|
- meta-llama/Llama-3.1-8B-Instruct |
|
|
--- |
|
|
|
|
|
# Model Card for Model ID |
|
|
The existing LLaMA models are not optimized for detecting critical security vulnerabilities or inefficient memory management within code. |
|
|
|
|
|
In contrast, CodeVulnerabilityModel has been specially trained on a curated dataset of 5,000 samples from JetBrains, enabling it to accurately identify security flaws and memory management issues in source code. |
|
|
|
|
|
This model is further refined through Direct Preference Optimization ([DPO](https://arxiv.org/abs/2305.18290)), aligning outputs more closely with human judgment using datasets that include rejected samples for better correction. Compared to traditional PPO-based RLHF approaches, DPO fine-tuning demonstrates superior precision in reducing false positives, while also enhancing both the detection of vulnerabilities and the quality of proposed fixes. |
|
|
|
|
|
DPO is much simpler approach to align the response with human preference compared to PPO and RLHF set up |
|
|
## Model Details |
|
|
|
|
|
### Model Description |
|
|
|
|
|
<!-- Provide a longer summary of what this model is. --> |
|
|
|
|
|
This is the model card of a 🤗 transformers model that has been pushed on the Hub. This model card has been automatically generated. |
|
|
|
|
|
- **Developed by:** Sahil Pawar |
|
|
- **Language(s) (NLP):** [More Information Needed] |
|
|
- **License:** [More Information Needed] |
|
|
- **Finetuned from model [optional]:** [More Information Needed] |
|
|
|
|
|
### Model Sources [optional] |
|
|
|
|
|
<!-- Provide the basic links for the model. --> |
|
|
|
|
|
- **Repository:** [More Information Needed] |
|
|
- **Paper [optional]:** [More Information Needed] |
|
|
- **Demo [optional]:** [More Information Needed] |
|
|
|
|
|
## Uses |
|
|
|
|
|
<!-- Address questions around how the model is intended to be used, including the foreseeable users of the model and those affected by the model. --> |
|
|
|
|
|
### Direct Use |
|
|
|
|
|
<!-- This section is for the model use without fine-tuning or plugging into a larger ecosystem/app. --> |
|
|
|
|
|
|
|
|
## How to Get Started with the Model |
|
|
|
|
|
Use the code below to get started with the model. |
|
|
|
|
|
[More Information Needed] |
|
|
|
|
|
## Training Details |
|
|
Kubernetes + Ray Distributed Training |
|
|
2 A100 GPUs |
|
|
|
|
|
Time to Train: ~2hrs |
|
|
|
|
|
### Training Data |
|
|
|
|
|
<!-- This should link to a Dataset Card, perhaps with a short stub of information on what the training data is all about as well as documentation related to data pre-processing or additional filtering. --> |
|
|
|
|
|
[More Information Needed] |
|
|
|
|
|
### Training Procedure |
|
|
|
|
|
<!-- This relates heavily to the Technical Specifications. Content here should link to that section when it is relevant to the training procedure. --> |
|
|
|
|
|
#### Preprocessing [optional] |
|
|
|
|
|
[More Information Needed] |
|
|
|
|
|
|
|
|
#### Training Hyperparameters |
|
|
|
|
|
- **Training regime:** [More Information Needed] <!--fp32, fp16 mixed precision, bf16 mixed precision, bf16 non-mixed precision, fp16 non-mixed precision, fp8 mixed precision --> |
|
|
|
|
|
|
|
|
|
|
|
## Evaluation |
|
|
Llama 3B Base Model vs Llama 3B Fine Tuned with Direct Prefernce Optimization in Post Training |
|
|
|
|
|
|
|
|
 |
|
|
|
|
|
Note: |
|
|
I found out that BLEU and ROUGE are not ideal metrics for code evaluation since there can be multiple valid approaches to solving the same problem. This is why the overall scores appear lower for both models. |
|
|
|
|
|
On the other hand, BERT measures semantic similarity using cosine similarity, making it a more reliable metric for accurate evaluation. |
|
|
|
|
|
### Testing Data, Factors & Metrics |
|
|
|
|
|
#### Testing Data |
|
|
|
|
|
<!-- This should link to a Dataset Card if possible. --> |
|
|
|
|
|
[More Information Needed] |
|
|
|
|
|
|
|
|
#### Metrics |
|
|
|
|
|
<!-- These are the evaluation metrics being used, ideally with a description of why. --> |
|
|
|
|
|
[More Information Needed] |
|
|
|
|
|
### Results |
|
|
|
|
|
[More Information Needed] |
|
|
|
|
|
#### Summary |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
### Model Architecture and Objective |
|
|
|
|
|
[More Information Needed] |
|
|
|
|
|
### Compute Infrastructure |
|
|
|
|
|
Ray + Kubernetes |
|
|
A100 GPUs |
|
|
|
|
|
|
|
|
|
|
|
## Citation [optional] |
|
|
|
|
|
<!-- If there is a paper or blog post introducing the model, the APA and Bibtex information for that should go in this section. --> |
|
|
## Glossary [optional] |
|
|
|
|
|
<!-- If relevant, include terms and calculations in this section that can help readers understand the model or model card. --> |
|
|
|
|
|
[More Information Needed] |
|
|
|
|
|
|
|
|
## Model Card Contact |
|
|
|
|
|
[More Information Needed] |
