Hugging Face's logo

doxxnet
/
zmsBERT

Text Classification
custom
dns
security
threat-detection
bert
domain-classification
zero-day
malware
phishing
dga
cybersecurity
network-security
Model card Files
xet
 Community
doxx9999 commited on
Commit
7b6829c
·
verified ·
1 Parent(s): 21ac528

Upload README.md with huggingface_hub

Browse files
Files changed (1) hide show
  1. README.md +4 -4
README.md CHANGED
@@ -27,7 +27,7 @@ thumbnail: thumbnail.jpg
27
  <strong>Real-time AI DNS threat classification by <a href="https://doxx.net">doxx.net</a></strong>
28
  </p>
29
 
30
- zmsBERT is a fine-tuned BERT model that classifies DNS domain names into 11 threat categories in real time. It catches zero-day phishing, malware, DGA (domain generation algorithm), and other threats that static blocklists miss -- from the domain name string alone, with no network lookup required.
31
 
32
  Validated against **33.5 million real DNS queries** from production servers:
33
  - **310 zero-day catches** at >=80% confidence
@@ -39,7 +39,7 @@ Validated against **33.5 million real DNS queries** from production servers:
39
 
40
  ### The Problem
41
 
42
- Static DNS blocklists are reactive -- a malicious domain must be discovered, reported, analyzed, and added to a list before it's blocked. The window between when an attacker registers a domain and when it appears on blocklists is the **zero-day gap**. zmsBERT closes this gap by classifying domains from their name alone.
43
 
44
  ### The Insight
45
 
@@ -137,7 +137,7 @@ This prevents false positives on legitimate infrastructure subdomains (Apple cou
137
 
138
  ## Usage
139
 
140
- This model is designed for use with the [ZMS inference engine](https://github.com/doxxcorp/ZMS) -- a pure Go BERT implementation with no Python or ONNX dependencies:
141
 
142
  ```bash
143
  # Download the model
@@ -195,5 +195,5 @@ https://huggingface.co/doxxnet/zmsBERT
195
  ---
196
 
197
  <p align="center">
198
- <a href="https://doxx.net">doxx.net</a> -- Privacy without compromise
199
  </p>
 
27
  <strong>Real-time AI DNS threat classification by <a href="https://doxx.net">doxx.net</a></strong>
28
  </p>
29
 
30
+ zmsBERT is a fine-tuned BERT model that classifies DNS domain names into 11 threat categories in real time. It catches zero-day phishing, malware, DGA (domain generation algorithm), and other threats that static blocklists miss - from the domain name string alone, with no network lookup required.
31
 
32
  Validated against **33.5 million real DNS queries** from production servers:
33
  - **310 zero-day catches** at >=80% confidence
 
39
 
40
  ### The Problem
41
 
42
+ Static DNS blocklists are reactive - a malicious domain must be discovered, reported, analyzed, and added to a list before it's blocked. The window between when an attacker registers a domain and when it appears on blocklists is the **zero-day gap**. zmsBERT closes this gap by classifying domains from their name alone.
43
 
44
  ### The Insight
45
 
 
137
 
138
  ## Usage
139
 
140
+ This model is designed for use with the [ZMS inference engine](https://github.com/doxxcorp/ZMS) - a pure Go BERT implementation with no Python or ONNX dependencies:
141
 
142
  ```bash
143
  # Download the model
 
195
  ---
196
 
197
  <p align="center">
198
+ <a href="https://doxx.net">doxx.net</a> - Privacy without compromise
199
  </p>