Circuit-Forge/turnstone
5
0
Fork 0
Code Issues 11 Pull requests 1 Projects Releases 6 Packages Wiki Activity Actions

feat: HuggingFace cybersec model integration — pretrained classifier on ingested entries #9

New issue
Closed
opened 2026-05-09 15:31:23 -07:00 by pyr0ball · 1 comment
pyr0ball commented 2026-05-09 15:31:23 -07:00
Owner
Copy link

Integrate a pretrained cybersec/log-anomaly model from HuggingFace (candidates: markusbayer/log-anomaly-detection, datasets like SecBench, BETH, or LANL auth logs models). Run inference on newly ingested entries, persist a ml_score and ml_label column. Local inference via Ollama or direct transformers.

Integrate a pretrained cybersec/log-anomaly model from HuggingFace (candidates: `markusbayer/log-anomaly-detection`, datasets like `SecBench`, `BETH`, or LANL auth logs models). Run inference on newly ingested entries, persist a `ml_score` and `ml_label` column. Local inference via Ollama or direct transformers.
pyr0ball added this to the beta milestone 2026-05-09 15:31:23 -07:00
pyr0ball commented 2026-06-10 15:01:36 -07:00
Author
Owner
Copy link

Closing — cybersec zero-shot scoring pipeline is complete and verified.

First clean run: 320 entries scored, 0 detections (as expected for a fresh baseline), last_error: null, 38.6 min CPU inference time. The blocking "database is locked" contention (163,975 errors) was resolved in the same session by removing per-flush FTS sync from watcher.py (see commit ccc9a9e). The security alerts UI for displaying detections was shipped in commit a33d983.

Model: MoritzLaurer/DeBERTa-v3-base-mnli-fever-anli, threshold: 0.60, device: cpu.

Closing — cybersec zero-shot scoring pipeline is complete and verified. First clean run: 320 entries scored, 0 detections (as expected for a fresh baseline), `last_error: null`, 38.6 min CPU inference time. The blocking "database is locked" contention (163,975 errors) was resolved in the same session by removing per-flush FTS sync from `watcher.py` (see commit `ccc9a9e`). The security alerts UI for displaying detections was shipped in commit `a33d983`. Model: `MoritzLaurer/DeBERTa-v3-base-mnli-fever-anli`, threshold: 0.60, device: cpu.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
feat/42-50-postgres-multitenant
feat/32-domain-view
feat/15-hybrid-rag
feat/41-hybrid-bert-shim
feat/60-incidents-db
feat/pipeline-cleanup
feat/29-multi-agent-diagnose
feat/ssh-remote-glean
feat/live-watch
feat/llm-reasoning
feat/frictionless-capture
v0.7.0
v0.6.2
v0.6.1
v0.6.0
v0.5.0
v0.4.0
v0.3.0
v0.2.0
v0.1.0
Labels
Clear labels   
compliance

   
demo

   
deployment

   
docs

   
enhancement

   
parser

   
patterns

   
performance

   
security

   
ux
No labels
compliance
demo
deployment
docs
enhancement
parser
patterns
performance
security
ux
Milestone
Clear milestone
No items
No milestone
beta
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: Circuit-Forge/turnstone#9
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?