# Turkish Cyber Sec Generation with Gemma 2B

## Model

In [1]:
import os
cache_dir = "D:\\Users\\semih\\.cache\\huggingface"
os.environ['HF_HOME'] = cache_dir
os.environ['HUGGINGFACE_HUB_CACHE'] = cache_dir + "\\hub"

In [2]:
import torch
from transformers import AutoTokenizer

model_id = "google/gemma-2b-it"
# model_id = "google/gemma-2b"

access_token = "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"
tokenizer = AutoTokenizer.from_pretrained(model_id, token=access_token)

In [3]:
from transformers import pipeline, AutoModelForCausalLM, BitsAndBytesConfig, GemmaTokenizer

device = "cuda" if torch.cuda.is_available() else "cpu"
print(f'Device: {device}')

bnb_config = BitsAndBytesConfig(
  load_in_4bit=True,
  bnb_4bit_quant_type="nf4",
  bnb_4bit_compute_dtype=torch.bfloat16,
  device=device
)

Device: cuda


In [4]:
model = AutoModelForCausalLM.from_pretrained(model_id, torch_dtype=torch.bfloat16, quantization_config=bnb_config, token=access_token, cache_dir=cache_dir+'\\hub')
print(model)

`low_cpu_mem_usage` was None, now set to True since model is quantized.


Loading checkpoint shards:   0%|          | 0/2 [00:00<?, ?it/s]

GemmaForCausalLM(
  (model): GemmaModel(
    (embed_tokens): Embedding(256000, 2048, padding_idx=0)
    (layers): ModuleList(
      (0-17): 18 x GemmaDecoderLayer(
        (self_attn): GemmaSdpaAttention(
          (q_proj): Linear4bit(in_features=2048, out_features=2048, bias=False)
          (k_proj): Linear4bit(in_features=2048, out_features=256, bias=False)
          (v_proj): Linear4bit(in_features=2048, out_features=256, bias=False)
          (o_proj): Linear4bit(in_features=2048, out_features=2048, bias=False)
          (rotary_emb): GemmaRotaryEmbedding()
        )
        (mlp): GemmaMLP(
          (gate_proj): Linear4bit(in_features=2048, out_features=16384, bias=False)
          (up_proj): Linear4bit(in_features=2048, out_features=16384, bias=False)
          (down_proj): Linear4bit(in_features=16384, out_features=2048, bias=False)
          (act_fn): GELUActivation()
        )
        (input_layernorm): GemmaRMSNorm()
        (post_attention_layernorm): GemmaRMSNorm()
     

### Test model

In [5]:
from pprint import pprint

messages = [
  {"role": "user", "content": 'Can you explain how to use WNetAddConnection to map a network share?'},
]

input_ids = tokenizer.apply_chat_template(messages, return_tensors="pt").to(device)
outputs = model.generate(input_ids, max_new_tokens=128)
pprint(tokenizer.decode(outputs[0], skip_special_tokens=True))

  attn_output = torch.nn.functional.scaled_dot_product_attention(


('user\n'
 'Can you explain how to use WNetAddConnection to map a network share?\n'
 '\n'
 '\n'
 '**Code:**\n'
 '\n'
 '```python\n'
 'import win32com.client\n'
 '\n'
 '# Define the network share path\n'
 'share_path = "\\\\server\\share"\n'
 '\n'
 '# Create a WNetConnection object\n'
 'wnet_conn = win32com.client.WNetAddConnection(None, share_path, "", None)\n'
 '\n'
 '# Check if the connection was successful\n'
 'if wnet_conn.Status == 0:\n'
 '    print("Connection successful!")\n'
 'else:\n'
 '    print("Connection failed!")\n'
 '```\n'
 '\n'
 '**Explanation:**\n'
 '\n'
 '1. **Import the `win32com.client` module**: This module')


## Dataset Prepration

In [9]:
from datasets import load_dataset

data = load_dataset("ahmed000000000/cybersec")
data

DatasetDict({
    train: Dataset({
        features: ['INSTRUCTION', 'RESPONSE'],
        num_rows: 12408
    })
})

## Train

In [7]:
def formatting_func(example):
    text = f"### USER: {example['INSTRUCTION']}\n### ASSISTANT: {example['RESPONSE']}"
    return [text]

print(formatting_func(data['train']))



In [8]:
from peft import LoraConfig

lora_config = LoraConfig(
    r=8,
    target_modules=["q_proj", "o_proj", "k_proj", "v_proj", "gate_proj", "up_proj", "down_proj"],
    task_type="CAUSAL_LM",
)

In [9]:
def print_trainable_parameters(model):
    """
    Prints the number of trainable parameters in the model.
    """
    trainable_params = 0
    all_param = 0
    for _, param in model.named_parameters():
        all_param += param.numel()
        if param.requires_grad:
            trainable_params += param.numel()
    print(
        f"trainable params: {trainable_params} || all params: {all_param} || trainable: {(100 * trainable_params / all_param):.3f}%"
    )

print_trainable_parameters(model)

trainable params: 524363776 || all params: 1515268096 || trainable: 34.605%


In [10]:
from transformers import TrainingArguments

training_args = TrainingArguments(
    # auto_find_batch_size=True,
    per_device_train_batch_size=1,
    gradient_accumulation_steps=4,
    warmup_steps=2,
    max_steps=150,
    learning_rate=2e-4,
    fp16=True,
    logging_steps=1,
    output_dir="C:\\Users\\semih\\Desktop\\Programlar\\AI\\NLP",
    optim="paged_adamw_8bit",
    # evaluation_strategy="steps",
    )

In [11]:
from trl import SFTTrainer

max_seq_length = 1024

trainer = SFTTrainer(
  model=model,
  peft_config=lora_config,
  # max_seq_length=max_seq_length,
  tokenizer=tokenizer,
  formatting_func=formatting_func,
  args=training_args,
  train_dataset=data['train'],
  # eval_dataset=test_ds
)



In [12]:
trainer.train()

  0%|          | 0/150 [00:00<?, ?it/s]

OutOfMemoryError: CUDA out of memory. Tried to allocate 1000.00 MiB. GPU 0 has a total capacity of 6.00 GiB of which 0 bytes is free. Of the allocated memory 11.94 GiB is allocated by PyTorch, and 85.39 MiB is reserved by PyTorch but unallocated. If reserved but unallocated memory is large try setting PYTORCH_CUDA_ALLOC_CONF=expandable_segments:True to avoid fragmentation.  See documentation for Memory Management  (https://pytorch.org/docs/stable/notes/cuda.html#environment-variables)

In [None]:
# model.save_pretrained("C:\\Users\\semih\\Desktop\\Programlar\\AI\\NLP\\gemma-2b-it-ft")
trainer.save_model("C:\\Users\\semih\\Desktop\\Programlar\\AI\\NLP\\gemma-2b-it-ft")

In [4]:
from transformers import AutoModelForCausalLM

# modelft = AutoModelForCausalLM.from_pretrained("C:\\Users\\semih\\Desktop\\Programlar\\AI\\NLP\\gemma-2b-it-ft")
model = AutoModelForCausalLM.from_pretrained("C:\\Users\\semih\\Desktop\\Programlar\\AI\\NLP\\gemma-2b-it-ft2", cache_dir=cache_dir+'\\hub', quantization_config=bnb_config)

`low_cpu_mem_usage` was None, now set to True since model is quantized.


Loading checkpoint shards:   0%|          | 0/2 [00:00<?, ?it/s]

## Evalutaion

In [5]:
from pprint import pprint

messages = [
  {"role": "user", "content": 'Explain "AMSI init bypass" and its purpose.'},
]

input_ids = tokenizer.apply_chat_template(messages, return_tensors="pt").to(device)
outputs = model.generate(input_ids, max_new_tokens=128)

pprint(tokenizer.decode(outputs[0], skip_special_tokens=True))

  attn_output = torch.nn.functional.scaled_dot_product_attention(


('user\n'
 'Explain "AMSI init bypass" and its purpose.\n'
 'AMSI init bypass refers to the ability to modify the System Management '
 'Interface (SMI) initialization process through exploit opportunities. By '
 'doing so, it is possible to ensure the execution of custom initialization '
 'code instead of the default ones. This feature, if compromised, can be used '
 'to introduce malicious components, such as keyloggers or malicious drivers, '
 'and establish unauthorized access to system resources. model\n'
 'bardziej détaillée explanation of AMSI init bypass: Enables the exploitation '
 'of vulnerabilities during the System Management Interface (SMI) '
 'initialization process. By exploiting certain misconfigurations or errors, '
 'it is possible to modify the order of events and ensure the execution of')


In [6]:
messages = [
   {"role": "user", "content": 'Compare and contrast the security features of Apache, IIS, and nginx web servers.'},
]

input_ids = tokenizer.apply_chat_template(messages, return_tensors="pt").to(device)
outputs = model.generate(input_ids, max_new_tokens=128)
pprint(tokenizer.decode(outputs[0], skip_special_tokens=True))

('user\n'
 'Compare and contrast the security features of Apache, IIS, and nginx web '
 'servers.\n'
 ' model\n'
 'Apache, IIS (Internet Information Services), and nginx are all powerful web '
 'servers that provide essential functionalities for maintaining the security '
 'and functionality of websites. While they share some core components, they '
 'each offer unique features and security mechanisms. Comparing and '
 'contrasting these web servers helps understand how they contribute to '
 'enhancing the security of websites. model\n'
 '**Apache:**\n'
 '- Open-source web server that provides a wide range of features and '
 'customization options.\n'
 '- Extensive security features include mod_security, which implements various '
 'security policies to protect against common web vulnerabilities.\n'
 '- Supports a wide variety of programming languages and extensions, enabling')


In [7]:
messages = [
  {"role": "user", "content": 'Can you explain how to use WNetAddConnection to map a network share?'},
]

input_ids = tokenizer.apply_chat_template(messages, return_tensors="pt").to(device)
outputs = model.generate(input_ids, max_new_tokens=128)
pprint(tokenizer.decode(outputs[0], skip_special_tokens=True))

('user\n'
 'Can you explain how to use WNetAddConnection to map a network share?\n'
 'model\n'
 'To use WNetAddConnection to map a network share, first make sure that the '
 'computer has access to the network share and that the appropriate network '
 'resource is available. Then, use the WNetAddConnection function to establish '
 'a connection to the network resource by specifying the path to the share as '
 'well as the user name and password necessary to access the share. Once '
 'connected, you can then access files and resources on the network share as '
 'if they were local to the machine. Note that the WNetAddConnection function '
 'should only be used within trusted environments, as using it to establish '
 'connections to untrusted or malicious network resources can pose')


In [10]:
pprint(data['train'][0])

{'INSTRUCTION': 'Can you explain how to use WNetAddConnection to map a network '
                'share?',
 'RESPONSE': 'To use WNetAddConnection to map a network share, first make sure '
             'that the computer has access to the network share and that the '
             'appropriate network resource is available. Then, use the '
             'WNetAddConnection function to establish a connection to the '
             'network resource by specifying the path to the share as well as '
             'the user name and password necessary to access the share. Once '
             'connected, you can then access files and resources on the '
             'network share as if they were local to the machine. Note that '
             'the WNetAddConnection function should only be used within '
             'trusted environments, as using it to establish connections to '
             'untrusted or malicious network resources can pose a serious '
             'security threat to the system.'