File size: 1,780 Bytes
ada0231 61d9a68 |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 |
---
license: apache-2.0
datasets:
- QCRI/AZERG-Dataset
language:
- en
base_model:
- mistralai/Mistral-7B-Instruct-v0.3
tags:
- STIX standard
- threat intelligence
- MITRE ATT&CK
---
# QCRI/AZERG-MixTask-Mistral
This model is a fine-tuned version of mistralai/Mistral-7B-Instruct-v0.3 specialized for Cyber Threat Intelligence (CTI) tasks. It was trained on the AZERG Dataset covering a mixture of all four tasks required for STIX data generation:
- T1: Entity Detection
- T2: Entity Type Identification
- T3: Related Pair Detection
- T4: Relationship Type Identification
This is the most versatile model in the AZERG collection, capable of handling all STIX extraction sub-tasks.
## Intended Use
This model is intended to be used within the [AZERG framework](https://github.com/QCRI/azerg/) to extract STIX entities and relationships from security reports. Please check the exact prompts in the framework.
Example Prompt (Task 1: Entity Detection):
```
Instruction:
You are a helpful threat intelligence analyst. Your task is to extract all STIX entities mentioned in the input. To help you, here is a list of the possible STIX entity types.
STIX entity types:
- ATTACK_PATTERN: A type of TTP that describes ways that adversaries attempt to compromise targets. (e.g., T1051, T1548.001, etc.)
[...]
Answer in the following format: <entities>LIST OF IDENTIFIED ENTITIES SEPARATED BY PIPE |</entities>
Input:
- Text Passage: [INPUT TEXT]
Response:
```
## Citation
If you use this model, please cite our paper:
```
@article{lekssays2025azerg,
title={From Text to Actionable Intelligence: Automating STIX Entity and Relationship Extraction},
author={Lekssays, Ahmed and Sencar, Husrev Taha and Yu, Ting},
journal={arXiv preprint arXiv:2507.16576},
year={2025}
}
``` |