How I Built Cysinfo AI: Fine-Tuning LLaMA with LoRA for Cybersecurity

When I started working on Cysinfo AI, my goal wasn’t to build “just another chatbot.” I wanted to explore a deeper question:

Why are most AI models still unusable for real cybersecurity learning and research?

Despite the rapid growth of large language models, I noticed a common limitation — most systems either provide surface level information or avoid answering practical cybersecurity questions altogether. For students, researchers, and ethical hackers, this makes learning fragmented and inefficient.

Cysinfo AI was my attempt to solve that gap.

The Problem I Wanted to Solve

Cybersecurity is a domain where context and depth matter. However, most existing AI systems are:

• Heavily restricted
• Over-cautious in technical explanations
• Unable to provide step-by-step reasoning
• Not tailored for security focused learning

This leads to a situation where learners constantly switch between documentation, forums, and incomplete explanations.

I wanted to build an AI system that could:

• Understand cybersecurity queries deeply
• Respond with technical clarity
• Maintain contextual continuity
• Act as a learning and exploration assistant rather than a generic chatbot

Why I Chose LLaMA and LoRA

Model choice

Instead of relying on API-based models, I decided to work directly with an open-source LLM.

I chose LLaMA because:

• It offers strong reasoning capability
• It’s well-suited for fine-tuning
• It allows full control over behavior and responses

Fine-tuning approach

Rather than full fine-tuning, I used LoRA (Low-Rank Adaptation).

This decision was intentional:

• LoRA is compute efficient
• It avoids overfitting
• It allows domain adaptation without retraining the entire model
• It’s practical for real-world experimentation

This approach allowed me to inject cybersecurity specific knowledge while preserving the model’s general reasoning ability.

Dataset Preparation and Training

One of the most critical parts of this project was data curation.

I focused on:

• Cybersecurity concepts and workflows
• Ethical hacking fundamentals
• Tool usage explanations (in a responsible context)
• Command-level understanding
• Defensive and offensive security theory

The data was carefully structured to ensure:

• Clear instruction response pairs
• Logical reasoning flow
• Consistent technical depth

Using this dataset, I fine-tuned the model with LoRA layers applied selectively, ensuring stable learning without degrading base performance.

System Architecture

Cysinfo AI is not just a model — it’s a complete system.

Backend

• The fine-tuned LLaMA model is served using Ollama
• Optimized for local inference and fast response
• Enables full control over prompts and outputs

Frontend

• Built using JavaScript, HTML, CSS, Vue, and TypeScript
• Clean interface focused on usability
• Designed to feel more like a technical assistant than a chat app

This separation allowed me to iterate independently on the model and the interface.

Key Challenges I Faced

• Balancing freedom and responsibility: Cybersecurity content requires careful framing. I focused on educational intent and contextual explanations rather than raw exploitation.
• Maintaining response consistency: Fine-tuned models can drift. Prompt structure and training balance played a big role in keeping answers reliable.
• Performance constraints: Optimizing inference speed while maintaining accuracy was a constant trade-off, especially on limited hardware.

Each challenge pushed me to understand LLM behavior more deeply — beyond just running code.

Results and Impact

Cysinfo AI evolved into:

• A domain-specific cybersecurity assistant
• A learning-focused AI system
• A proof-of-concept for controlled, unrestricted fine-tuning

The project was later published as an IEEE research paper, validating both the technical depth and research relevance of the work.

More importantly, it strengthened my understanding of:

• LLM fine-tuning pipelines
• Model alignment challenges
• System-level AI engineering

What I’d Improve Next

• Integrating retrieval-based augmentation for real-time updates
• Adding user-level personalization
• Exploring multi-modal inputs for security analysis
• Scaling inference for production use

Closing Thoughts

Cysinfo AI represents how I approach AI engineering — not just using models, but understanding, adapting, and building around them.

This project reinforced my interest in large language models, domain-specific fine-tuning, applied AI research, and building systems that go beyond demos.

If you’re interested in the technical details or want to explore the code, you can find everything on my GitHub and research publications linked on this site.