Roelien C. Timmer,David Liebowitz,Surya Nepal,Salil S. Kanhere

DOI: https://doi.org/10.1145/3660354.3660355

2024-05-10

Abstract:Honeyfiles are a particularly useful type of honeypot: fake files deployed to detect and infer information from malicious behaviour. This paper considers the challenge of naming honeyfiles so they are camouflaged when placed amongst real files in a file system. Based on cosine distances in semantic vector spaces, we develop two metrics for filename camouflage: one based on simple averaging and one on clustering with mixture fitting. We evaluate and compare the metrics, showing that both perform well on a publicly available GitHub software repository dataset.

Cryptography and Security,Artificial Intelligence,Computation and Language

Daniel Reti,Norman Becker,Tillmann Angeli,Anasuya Chattopadhyay,Daniel Schneider,Sebastian Vollmer,Hans D. Schotten

2024-04-25

Abstract:With the increasing prevalence of security incidents, the adoption of deception-based defense strategies has become pivotal in cyber security. This work addresses the challenge of scalability in designing honeytokens, a key component of such defense mechanisms. The manual creation of honeytokens is a tedious task. Although automated generators exists, they often lack versatility, being specialized for specific types of honeytokens, and heavily rely on suitable training datasets. To overcome these limitations, this work systematically investigates the approach of utilizing Large Language Models (LLMs) to create a variety of honeytokens. Out of the seven different honeytoken types created in this work, such as configuration files, databases, and log files, two were used to evaluate the optimal prompt. The generation of robots.txt files and honeywords was used to systematically test 210 different prompt structures, based on 16 prompt building blocks. Furthermore, all honeytokens were tested across different state-of-the-art LLMs to assess the varying performance of different models. Prompts performing optimally on one LLMs do not necessarily generalize well to another. Honeywords generated by GPT-3.5 were found to be less distinguishable from real passwords compared to previous methods of automated honeyword generation. Overall, the findings of this work demonstrate that generic LLMs are capable of creating a wide array of honeytokens using the presented prompt structures.

Cryptography and Security

Joel Chacon,Sean McKeown,Richard Macfarlane

DOI: https://doi.org/10.1109/CyberSecurity49315.2020.9138859

2020-06-03

Abstract:Attacks by Advanced Persistent Threats (APTs) have been shown to be difficult to detect using traditional signature- and anomaly-based intrusion detection approaches. Deception techniques such as decoy objects, often called honey items, may be deployed for intrusion detection and attack analysis, providing an alternative to detect APT behaviours. This work explores the use of honey items to classify intrusion interactions, differentiating automated attacks from those which need some human reasoning and interaction towards APT detection. Multiple decoy items are deployed on honeypots in a virtual honey network, some as breadcrumbs to detect indications of a structured manual attack. Monitoring functionality was created around Elastic Stack with a Kibana dashboard created to display interactions with various honey items. APT type manual intrusions are simulated by an experienced pentesting practitioner carrying out simulated attacks. Interactions with honey items are evaluated in order to determine their suitability for discriminating between automated tools and direct human intervention. The results show that it is possible to differentiate automatic attacks from manual structured attacks; from the nature of the interactions with the honey items. The use of honey items found in the honeypot, such as in later parts of a structured attack, have been shown to be successful in classification of manual attacks, as well as towards providing an indication of severity of the attacks

Cryptography and Security

Anton Thielmann,Arik Reuter,Quentin Seifert,Elisabeth Bergherr,Benjamin Säfken

DOI: https://doi.org/10.1162/coli_a_00506

IF: 7.778

2024-01-10

Computational Linguistics

Abstract:Abstract Extracting and identifying latent topics in large text corpora has gained increasing importance in Natural Language Processing (NLP). Most models, whether probabilistic models similar to Latent Dirichlet Allocation (LDA) or neural topic models, follow the same underlying approach of topic interpretability and topic extraction. We propose a method that incorporates a deeper understanding of both sentence and document themes, and goes beyond simply analyzing word frequencies in the data. Through simple corpus expansion, our model can detect latent topics that may include uncommon words or neologisms, as well as words not present in the documents themselves. Additionally, we propose several new evaluation metrics based on intruder words and similarity measures in the semantic space. We present correlation coefficients with human identification of intruder words and achieve near-human level results at the word-intrusion task. We demonstrate the competitive performance of our method with a large benchmark study, and achieve superior results compared to state-of-the-art topic modeling and document clustering models.

computer science, artificial intelligence, interdisciplinary applications,linguistics

David D. Nguyen,David Liebowitz,Surya Nepal,Salil S. Kanhere,Sharif Abuadbba

2024-04-07

Abstract:Honeyfiles are security assets designed to attract and detect intruders on compromised systems. Honeyfiles are a type of honeypot that mimic real, sensitive documents, creating the illusion of the presence of valuable data. Interaction with a honeyfile reveals the presence of an intruder, and can provide insights into their goals and intentions. Their practical use, however, is limited by the time, cost and effort associated with manually creating realistic content. The introduction of large language models has made high-quality text generation accessible, but honeyfiles contain a variety of content including charts, tables and images. This content needs to be plausible and realistic, as well as semantically consistent both within honeyfiles and with the real documents they mimic, to successfully deceive an intruder.

Machine Learning,Artificial Intelligence,Cryptography and Security

Ziyang Wang,Jianzhou You,Haining Wang,Tianwei Yuan,Shichao Lv,Yang Wang,Limin Sun

2024-06-04

Abstract:Honeypots, as a strategic cyber-deception mechanism designed to emulate authentic interactions and bait unauthorized entities, continue to struggle with balancing flexibility, interaction depth, and deceptive capability despite their evolution over decades. Often they also lack the capability of proactively adapting to an attacker's evolving tactics, which restricts the depth of engagement and subsequent information gathering. Under this context, the emergent capabilities of large language models, in tandem with pioneering prompt-based engineering techniques, offer a transformative shift in the design and deployment of honeypot technologies. In this paper, we introduce HoneyGPT, a pioneering honeypot architecture based on ChatGPT, heralding a new era of intelligent honeypot solutions characterized by their cost-effectiveness, high adaptability, and enhanced interactivity, coupled with a predisposition for proactive attacker engagement. Furthermore, we present a structured prompt engineering framework that augments long-term interaction memory and robust security analytics. This framework, integrating thought of chain tactics attuned to honeypot contexts, enhances interactivity and deception, deepens security analytics, and ensures sustained engagement. The evaluation of HoneyGPT includes two parts: a baseline comparison based on a collected dataset and a field evaluation in real scenarios for four weeks. The baseline comparison demonstrates HoneyGPT's remarkable ability to strike a balance among flexibility, interaction depth, and deceptive capability. The field evaluation further validates HoneyGPT's efficacy, showing its marked superiority in enticing attackers into more profound interactive engagements and capturing a wider array of novel attack vectors in comparison to existing honeypot technologies.

Cryptography and Security,Artificial Intelligence,Emerging Technologies,Software Engineering

Simon B. Weber,Marc Feger,Michael Pilgermann

DOI: https://doi.org/10.1109/access.2024.3472460

IF: 3.9

2024-10-12

IEEE Access

Abstract:The research area of honeypots is gaining new momentum, driven by advancements in large language models (LLMs). The chat-based applications of generative pretrained transformer (GPT) models seem ideal for the use as honeypot backends, especially in request-response protocols like Secure Shell (SSH). By leveraging LLMs, many challenges associated with traditional honeypots – such as high development costs, ease of exposure, and breakout risks – appear to be solved. While early studies have primarily focused on the potential of these models, our research investigates the current limitations of GPT-3.5 by analyzing three datasets of varying complexity. We conducted an expert annotation of over 1,400 request-response pairs, encompassing 230 different base commands. Our findings reveal that while GPT-3.5 struggles to maintain context, incorporating session context into response generation improves the quality of SSH responses. Additionally, we explored whether distinguishing between convincing and non-convincing responses is a metrics issue. We propose a paraphrase-mining approach to address this challenge, which achieved a macro F1 score of 77.85% using cosine distance in our evaluation. This method has the potential to reduce annotation efforts, converge LLM-based honeypot performance evaluation, and facilitate comparisons between new and previous approaches in future research.

computer science, information systems,telecommunications,engineering, electrical & electronic

Zhenbo Wei,Jun Wang

DOI: https://doi.org/10.1109/cisp.2009.5300908

2009-01-01

Abstract:A study aimed at classification of honey samples from different floral origins by electronic tongue. The analytical data of 196 samples from different floral (eight) origins have been processed by Principal Component Analysis (PCA), Discriminant function analysis (DFA) and BP artificial neural network (BP-ANN). Using the electronic signal of sensors as input and floral origins as output, a twelve-hidden-layer BP Neural Network model was developed. It is shown that 100 % of the training set and more than 98.4 % of the testing set were classified by BP-ANN (network topology 7-12-12)

Zhenbo Wei,Jun Wang

DOI: https://doi.org/10.1016/j.compag.2014.07.014

IF: 8.3

2014-01-01

Computers and Electronics in Agriculture

Abstract:A potentiometric electronic tongue (PE-tongue) and a voltammetric electronic tongue (VE-tongue) were used as rapid techniques to classify and predict the honey samples from different floral and geographical origins. The PE-tongue, which was named alpha-ASTREE, was developed by Alpha M.O.S. (Toulouse, France), and it comprises seven potentiometric chemical sensors. The VE-tongue was self-developed at Zhejiang University and comprises six metallic working sensors. Four types of honey of different floral origins (acacia, buckwheat, data, and motherwort) and four types of acacia honey of different geographical origins were classified by both multisensor systems. Multivariate statistical data analysis techniques such as principal component analysis (PCA) and discriminant function analysis (DFA) were used to classify the honey samples. Both types of electronic tongue have good potential to classify the honey samples, and the positions of the data point for the samples in the PCA score plots based on the VE-tongue were much more closely grouped. Three regression modes, principal component regression (PCR), partial least squares regression (PLSR), and least squared-support vector machines (LS-SVM), were applied for category forecasting. These regression models exhibited a clear indication of the prediction ability of the two types of electronic tongue, and a positive trend in the prediction of the floral and geographical origin of honey was found. Moreover, the performance of these regression models for predicting the four types of honey of different geographical origins by the VE-tongue is very stable. (C) 2014 Elsevier B.V. All rights reserved.

Hakan T. Otal,M. Abdullah Canbaz

2024-09-15

Abstract:The rapid evolution of cyber threats necessitates innovative solutions for detecting and analyzing malicious activity. Honeypots, which are decoy systems designed to lure and interact with attackers, have emerged as a critical component in cybersecurity. In this paper, we present a novel approach to creating realistic and interactive honeypot systems using Large Language Models (LLMs). By fine-tuning a pre-trained open-source language model on a diverse dataset of attacker-generated commands and responses, we developed a honeypot capable of sophisticated engagement with attackers. Our methodology involved several key steps: data collection and processing, prompt engineering, model selection, and supervised fine-tuning to optimize the model's performance. Evaluation through similarity metrics and live deployment demonstrated that our approach effectively generates accurate and informative responses. The results highlight the potential of LLMs to revolutionize honeypot technology, providing cybersecurity professionals with a powerful tool to detect and analyze malicious activity, thereby enhancing overall security infrastructure.

Cryptography and Security,Artificial Intelligence,Computation and Language,Machine Learning,Networking and Internet Architecture

Nanda Rani,Bikash Saha,Vikas Maurya,Sandeep Kumar Shukla

2024-03-22

Abstract:Understanding the modus operandi of adversaries aids organizations in employing efficient defensive strategies and sharing intelligence in the community. This knowledge is often present in unstructured natural language text within threat analysis reports. A translation tool is needed to interpret the modus operandi explained in the sentences of the threat report and translate it into a structured format. This research introduces a methodology named TTPXHunter for the automated extraction of threat intelligence in terms of Tactics, Techniques, and Procedures (TTPs) from finished cyber threat reports. It leverages cyber domain-specific state-of-the-art natural language processing (NLP) to augment sentences for minority class TTPs and refine pinpointing the TTPs in threat analysis reports significantly. The knowledge of threat intelligence in terms of TTPs is essential for comprehensively understanding cyber threats and enhancing detection and mitigation strategies. We create two datasets: an augmented sentence-TTP dataset of 39,296 samples and a 149 real-world cyber threat intelligence report-to-TTP dataset. Further, we evaluate TTPXHunter on the augmented sentence dataset and the cyber threat reports. The TTPXHunter achieves the highest performance of 92.42% f1-score on the augmented dataset, and it also outperforms existing state-of-the-art solutions in TTP extraction by achieving an f1-score of 97.09% when evaluated over the report dataset. TTPXHunter significantly improves cybersecurity threat intelligence by offering quick, actionable insights into attacker behaviors. This advancement automates threat intelligence analysis, providing a crucial tool for cybersecurity professionals fighting cyber threats.

Cryptography and Security

Phani Lanka,Khushi Gupta,Cihan Varol

DOI: https://doi.org/10.3390/electronics13132465

IF: 2.9

2024-06-25

Electronics

Abstract:Security adversaries are rampant on the Internet, constantly seeking vulnerabilities to exploit. The sheer proliferation of these sophisticated threats necessitates innovative and swift defensive measures to protect the vulnerable infrastructure. Tools such as honeypots effectively determine adversary behavior and safeguard critical organizational systems. However, it takes a significant amount of time to analyze these attacks on the honeypots, and by the time actionable intelligence is gathered from the attacker's tactics, techniques, and procedures (TTPs), it is often too late to prevent potential damage to the organization's critical systems. This paper contributes to the advancement of cybersecurity practices by presenting a cutting-edge methodology, capitalizing on the synergy between artificial intelligence and threat analysis to combat evolving cyber threats. The current research articulates a novel strategy, outlining a method to analyze large volumes of attacker data from honeypots utilizing large language models (LLMs) to assimilate TTPs and apply this knowledge to identify real-time anomalies in regular user activity. The effectiveness of this model is tested in real-world scenarios, demonstrating a notable reduction in response time for detecting malicious activities in critical infrastructure. Moreover, we delve into the proposed framework's practical implementation considerations and scalability, underscoring its adaptability in diverse organizational contexts.

engineering, electrical & electronic,computer science, information systems,physics, applied

P. Barford,Y. Chen,A. Goyal,Z. Li,V. Paxson,V. Yegneswaran

DOI: https://doi.org/10.1007/978-1-4419-0140-8_5

2010-01-01

Abstract:Effective network security administration depends to a great extent on having accurate, concise, high-quality information about malicious activity in one's network. Honeynets can potentially provide such detailed information, but the volume and diversity of this data can prove overwhelming. We explore ways to integrate honeypot data into daily network security monitoring with a goal of sufficiently classifying and summarizing the data to provide ongoing "situational awareness." We present such a system, built using the Bro network intrusion detection system coupled with statistical analysis of numerous honeynet "events", and discuss experiences drawn from many months of operation. In particular, we develop methodologies by which sites receiving such probes can infer-using purely local observation-in format ion about the probing activity: What scanning strategies does the probing employ? Is this an attack that specifically targets the site, or is the site only incidentally probed as part of a larger, indiscriminant attack? One key aspect of this environment is its ability to provide insight into large-scale events. We look at the problem of accurately classifying botnet sweeps and worm outbreaks, which turns out to be difficult to grapple with due to the high dimensionality of such incidents. Using datasets collected during a number of these events, we explore the utility of several analysis methods, finding that when used together they show good potential for contributing towards effective Situational awareness. Our analysis draws upon extensive honeynet data to explore the prevalence of different types of scanning, including properties, such as trend, uniformity, coordination, and darknet-avoidance. In addition, we design schemes to extrapolate the global properties of scanning events (e.g., total population and target scope) as inferred from the limited local view of a honeynet. Cross-validating with data from DShield shows that such inferences exhibit promising accuracy.

Kajal Patel,Zubair Shafiq,Mateus Nogueira,Daniel Sadoc Menasché,Enrico Lovat,Taimur Kashif,Ashton Woiwood,Matheus Martins

2024-09-12

Abstract:Many organizations rely on Threat Intelligence (TI) feeds to assess the risk associated with security threats. Due to the volume and heterogeneity of data, it is prohibitive to manually analyze the threat information available in different loosely structured TI feeds. Thus, there is a need to develop automated methods to vet and extract actionable information from TI feeds. To this end, we present a machine learning pipeline to automatically detect vulnerability exploitation from TI feeds. We first model threat vocabulary in loosely structured TI feeds using state-of-the-art embedding techniques (Doc2Vec and BERT) and then use it to train a supervised machine learning classifier to detect exploitation of security vulnerabilities. We use our approach to identify exploitation events in 191 different TI feeds. Our longitudinal evaluation shows that it is able to accurately identify exploitation events from TI feeds only using past data for training and even on TI feeds withheld from training. Our proposed approach is useful for a variety of downstream tasks such as data-driven vulnerability risk assessment.

Cryptography and Security,Information Retrieval

Ahmed Abdou,Ryan Sheatsley,Yohan Beugin,Tyler Shipp,Patrick McDaniel

DOI: https://doi.org/10.1109/MILCOM52596.2021.9652947

2022-02-21

Abstract:Machine Learning is becoming a pivotal aspect of many systems today, offering newfound performance on classification and prediction tasks, but this rapid integration also comes with new unforeseen vulnerabilities. To harden these systems the ever-growing field of Adversarial Machine Learning has proposed new attack and defense mechanisms. However, a great asymmetry exists as these defensive methods can only provide security to certain models and lack scalability, computational efficiency, and practicality due to overly restrictive constraints. Moreover, newly introduced attacks can easily bypass defensive strategies by making subtle alterations. In this paper, we study an alternate approach inspired by honeypots to detect adversaries. Our approach yields learned models with an embedded watermark. When an adversary initiates an interaction with our model, attacks are encouraged to add this predetermined watermark stimulating detection of adversarial examples. We show that HoneyModels can reveal 69.5% of adversaries attempting to attack a Neural Network while preserving the original functionality of the model. HoneyModels offer an alternate direction to secure Machine Learning that slightly affects the accuracy while encouraging the creation of watermarked adversarial samples detectable by the HoneyModel but indistinguishable from others for the adversary.

Cryptography and Security,Artificial Intelligence

Qing Zhang,Jiyong Gao,Zhiqiang Wang,Litong Chen,Xinning Jin,Xuerui Bai,Jingyu Ma,Yubin Lan

DOI: https://doi.org/10.1109/jsen.2023.3332871

IF: 4.3

2023-01-01

IEEE Sensors Journal

Abstract:Honey manufacturers and traders have suffered economic damage due to the spurious labelling of honey botanical sources. The traditional detection methods for distinguishing honey origins have inherent performance disadvantages, such as costly equipment, complicated operations and need more time. This study proposes a novel method for identifying the origin of honey by applying electronic tongue (ET) and deep learning algorithm. First, a self-developed ET device is utilized to collect unique fingerprints of honey samples from different botanical origin. Due to the high dimensionality and complex nonlinearity of the collected signal, an unsupervised convolutional autoencoder (CAE) is developed to reduce the dimension of the ET signals and achieve effective feature extraction. Moreover, in order to avoid the gradient disappearance and suppress redundant information, the self-adaptive attention mechanism and residual learning is introduced in the CAE model to improve the feature extraction ability of the model. The proposed model is further used to measure actual honey samples and contrast with multiple machine learning and deep learning models. The experiment results show that the proposed model demonstrates better classification capabilities for honey from different botanical sources, and the accuracy, precision, F1 and AUC score reach 99.25%, 99.14%, 0.9919, and 0.9957, respectively. Compared with the other detection methods, the proposed method exhibited advantages in terms of convenience and accuracy of detection, which has great application prospects in the field of on-site measurements.

engineering, electrical & electronic,instruments & instrumentation,physics, applied

Yufang Hou,Charles Jochim,Martin Gleize,Francesca Bonin,Debasis Ganguly

DOI: https://doi.org/10.48550/arXiv.2101.10273

2021-01-26

Abstract:Tasks, Datasets and Evaluation Metrics are important concepts for understanding experimental scientific papers. However, most previous work on information extraction for scientific literature mainly focuses on the abstracts only, and does not treat datasets as a separate type of entity (Zadeh and Schumann, 2016; Luan et al., 2018). In this paper, we present a new corpus that contains domain expert annotations for Task (T), Dataset (D), Metric (M) entities on 2,000 sentences extracted from NLP papers. We report experiment results on TDM extraction using a simple data augmentation strategy and apply our tagger to around 30,000 NLP papers from the ACL Anthology. The corpus is made publicly available to the community for fostering research on scientific publication summarization (Erera et al., 2019) and knowledge discovery.

Computation and Language

Yu Song,Santiago Miret,Huan Zhang,Bang Liu

2023-10-13

Abstract:We propose an instruction-based process for trustworthy data curation in materials science (MatSci-Instruct), which we then apply to finetune a LLaMa-based language model targeted for materials science (HoneyBee). MatSci-Instruct helps alleviate the scarcity of relevant, high-quality materials science textual data available in the open literature, and HoneyBee is the first billion-parameter language model specialized to materials science. In MatSci-Instruct we improve the trustworthiness of generated data by prompting multiple commercially available large language models for generation with an Instructor module (e.g. Chat-GPT) and verification from an independent Verifier module (e.g. Claude). Using MatSci-Instruct, we construct a dataset of multiple tasks and measure the quality of our dataset along multiple dimensions, including accuracy against known facts, relevance to materials science, as well as completeness and reasonableness of the data. Moreover, we iteratively generate more targeted instructions and instruction-data in a finetuning-evaluation-feedback loop leading to progressively better performance for our finetuned HoneyBee models. Our evaluation on the MatSci-NLP benchmark shows HoneyBee's outperformance of existing language models on materials science tasks and iterative improvement in successive stages of instruction-data refinement. We study the quality of HoneyBee's language modeling through automatic evaluation and analyze case studies to further understand the model's capabilities and limitations. Our code and relevant datasets are publicly available at \url{<a class="link-external link-https" href="https://github.com/BangLab-UdeM-Mila/NLP4MatSci-HoneyBee" rel="external noopener nofollow">this https URL</a>}.

Computation and Language,Materials Science,Artificial Intelligence

Jun Zhao,Qiben Yan,Jianxin Li,Minglai Shao,Zuti He,Bo Li

DOI: https://doi.org/10.1016/j.cose.2020.101867

2020-08-01

Abstract:<p>Security organizations increasingly rely on Cyber Threat Intelligence (CTI) sharing to enhance resilience against cyber threats. However, its effectiveness remains dubious due to two major limitations: first, the existing approaches fail to identify the unseen types of <em>Indicator of compromise</em> (IOC); second, they are incapable of automatically generating categorized CTIs with domain tags (e.g., finance, government), which makes CTI sharing ineffective. To combat the challenges, this paper proposes TIMiner, a novel automated framework for CTI extraction and sharing based on social media data. Particularly, an efficient domain recognizer based on convolutional neural network is first implemented to identify CTIs' targeted domain. Then, an indicator of compromise (IOC) extraction approach based on word embedding and syntactic dependence is proposed, which provides the ability to identify unseen types of IOCs. Finally, the extracted IOC and its domain tag are integrated to generate a categorized CTI with specific-domain. TIMiner is capable of generating CTIs with domain tags automatically. With the categorized CTIs, <em>Threat-Index</em> is presented to quantify the severity of the threats toward different domains. Experimental results confirm that the proposed CTI domain recognizer and IOC extraction achieve superior performance with the accuracy exceeding 84% and 94%, respectively. Moreover, TIMiner stimulates new insights on the evolution of cyber attacks across multiple domains.</p>

computer science, information systems

Christian I. Narcia-Macias,Joselito Guardado,Jocell Rodriguez,Joanne Rampersad-Ammons,Erik Enriquez,Dong-Chul Kim

DOI: https://doi.org/10.48550/arXiv.2309.08955

2023-09-16

Abstract:Utilizing computer vision and the latest technological advancements, in this study, we developed a honey bee monitoring system that aims to enhance our understanding of Colony Collapse Disorder, honey bee behavior, population decline, and overall hive health. The system is positioned at the hive entrance providing real-time data, enabling beekeepers to closely monitor the hive's activity and health through an account-based website. Using machine learning, our monitoring system can accurately track honey bees, monitor pollen-gathering activity, and detect Varroa mites, all without causing any disruption to the honey bees. Moreover, we have ensured that the development of this monitoring system utilizes cost-effective technology, making it accessible to apiaries of various scales, including hobbyists, commercial beekeeping businesses, and researchers. The inference models used to detect honey bees, pollen, and mites are based on the YOLOv7-tiny architecture trained with our own data. The F1-score for honey bee model recognition is 0.95 and the precision and recall value is 0.981. For our pollen and mite object detection model F1-score is 0.95 and the precision and recall value is 0.821 for pollen and 0.996 for "mite". The overall performance of our IntelliBeeHive system demonstrates its effectiveness in monitoring the honey bee's activity, achieving an accuracy of 96.28 % in tracking and our pollen model achieved a F1-score of 0.831.

Computer Vision and Pattern Recognition