Hugging Face's logo

Spaces:
nyasukun
/
llm-threat-graph-demo
Running on Zero

App Files Community
nyasukun commited on
Commit
0bfe434
·
1 Parent(s): bec1fe0

.

Browse files
Files changed (1) hide show
  1. README.md +75 -5
README.md CHANGED
@@ -1,8 +1,8 @@
1
  ---
2
- title: Llm Threat Graph Demo
3
- emoji: 😻
4
- colorFrom: yellow
5
- colorTo: indigo
6
  sdk: gradio
7
  sdk_version: 5.32.0
8
  app_file: app.py
@@ -11,4 +11,74 @@ license: mit
11
  short_description: Can a security-tuned LLM rival STIX’s expressiveness?
12
  ---
13
 
14
- Check out the configuration reference at https://huggingface.co/docs/hub/spaces-config-reference
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
  ---
2
+ title: LLM Threat Association Analysis
3
+ emoji: 🕸️
4
+ colorFrom: red
5
+ colorTo: purple
6
  sdk: gradio
7
  sdk_version: 5.32.0
8
  app_file: app.py
 
11
  short_description: Can a security-tuned LLM rival STIX’s expressiveness?
12
  ---
13
 
14
+ # 🕸️ LLM Threat Association Analysis
15
+
16
+ *Visualizing Campaign-Actor-Technique relationships using Language Models*
17
+
18
+ ## Features
19
+
20
+ - **Campaign-Actor Associations**: Probabilistic analysis using softmax normalization
21
+ - **Campaign-Technique Associations**: Independent binary scoring with length normalization
22
+ - **Customizable Prompt Templates**: Edit templates for different analysis scenarios
23
+ - **Interactive Heatmaps**: Matplotlib/Seaborn visualizations
24
+ - **ZeroGPU Support**: Optimized for Hugging Face Spaces GPU infrastructure
25
+
26
+ ## ZeroGPU Configuration
27
+
28
+ This Space is optimized for ZeroGPU deployment with the following configuration:
29
+
30
+ ### Environment Variables Required
31
+
32
+ Set these in your Space settings:
33
+
34
+ **Secret Variables:**
35
+ - `HF_TOKEN`: Your Hugging Face access token
36
+
37
+ **Regular Variables:**
38
+ - `ZEROGPU_V2=true`: Enables ZeroGPU v2
39
+ - `ZERO_GPU_PATCH_TORCH_DEVICE=1`: Enables device patching for PyTorch
40
+
41
+ ### Technical Specifications
42
+
43
+ - **GPU Type**: NVIDIA H200 slice
44
+ - **Available VRAM**: 70GB per workload
45
+ - **PyTorch Version**: 2.4.0 (ZeroGPU compatible)
46
+ - **Gradio Version**: 5.29.0
47
+
48
+ ## Usage
49
+
50
+ 1. **Enter Campaigns**: Comma-separated list of threat campaigns
51
+ 2. **Configure Prompt Templates**: Customize the language patterns used for analysis
52
+ 3. **Select Actors/Techniques**: Enter relevant threat actors and techniques
53
+ 4. **Generate Heatmaps**: Click buttons to create visualizations
54
+
55
+ ## Installation
56
+
57
+ For local development:
58
+
59
+ ```bash
60
+ pip install -r requirements.txt
61
+ python app.py
62
+ ```
63
+
64
+ ## Architecture
65
+
66
+ ### Campaign-Actor Analysis
67
+ - Uses `P(actor | "{campaign} is conducted by")` with softmax normalization
68
+ - Results in probability distributions (sum to 1.0 per campaign)
69
+ - Shows relative likelihood of actor attribution
70
+
71
+ ### Campaign-Technique Analysis
72
+ - Uses binary association scoring with length normalization
73
+ - Independent scores for each campaign-technique pair
74
+ - Accounts for phrase length bias in language models
75
+
76
+ ## Model Support
77
+
78
+ Currently supports any Hugging Face transformers model. Default model is `sshleifer/tiny-gpt2` for demonstration purposes.
79
+
80
+ To use a different model, update the `MODEL_NAME` variable in `app.py`.
81
+
82
+ ## References
83
+
84
+ Based on the ZeroGPU usage guide: https://huggingface.co/spaces/nyasukun/compare-security-models/blob/main/zerogpu.md