QCRI/AZERG-T2-Mistral

This model is a fine-tuned version of mistralai/Mistral-7B-Instruct-v0.3 specialized for Task 2: STIX Entity Type Identification. It has been trained on the QCRI/AZERG-Dataset to classify a given entity into one of the predefined STIX entity types (e.g., Malware, Tool, Threat-Actor).

This is a specialist model designed for high performance on entity detection within the AZERG framework.

Intended Use

Use this model to extract potential STIX entities from a given security text passage.

Example Prompt:

Instruction:
You are a helpful threat intelligence analyst. Your task is to assign a STIX entity type to the given Entity in the input. To help you, here is a list of the possible STIX entity types. [STIX ENTITY TYPES] Choose STIX ENTITY TYPE from list of possible answers: ["ATTACK_PATTERN", "CAMPAIGN", "COURSE_OF_ACTION", "IDENTITY", "INDICATOR", "INFRASTRUCTURE", "LOCATION", "MALWARE", "THREAT_ACTOR", "TOOL", "VULNERABILITY"]. Answer in the following format: <entity_type>ONE OF STIX ENTITY TYPES</entity_type>

Input:
- Entity: [TARGET ENTITY]
- Text Passage: [INPUT TEXT]

Response:

Citation

If you use this model, please cite our paper:

@article{lekssays2025azerg,
  title={From Text to Actionable Intelligence: Automating STIX Entity and Relationship Extraction},
  author={Lekssays, Ahmed and Sencar, Husrev Taha and Yu, Ting},
  journal={arXiv preprint arXiv:2507.16576},
  year={2025}
}