大模型重構惡意軟件檢測：提示詞|智能體|RAG實踐

LIN JINGQIN（林敬勤）,林敬勤，長期關註計算機安全方向，特別是在惡意軟件檢測、靜態特征提取、AI推理判定等領域積累了豐富的實踐經驗。作者曾獨立開發一項開源殺毒引擎及多項殺毒軟件相關項目，具備病毒特征管理、掃描器實現與雲端聯動模塊的實操能力，並獲一項計算機軟件著作權與一項計算機安全相關發明專利公開。曾受邀參加HACKPROVE WORLD 2025世界白帽大會。同時，作者撰寫的多篇技術博客被收錄為精選文章，受到同行關註。

第一部分 大語言模型導論

第 1 章 大語言模型概述····························· 2

1.1 什麼是大語言模型························· 3

LLM 的定義································· 5

1.2 流行的現代 LLM··························· 6

1.2.1 BERT ································ 6

1.2.2 GPT 家族與 ChatGPT ············ 7

1.2.3 T5 ···································· 8

1.2.4 Llama ································ 8

1.3 LLM 的關鍵特征··························· 9

1.4 理解上下文的重要性····················· 12

1.5 LLM 的工作原理·························· 12

1.5.1 預訓練階段························ 13

1.5.2 遷移學習··························· 15

1.5.3 微調································· 15

1.5.4 註意力······························ 16

1.5.5 嵌入································· 18

1.5.6 標記化······························ 18

1.5.7 超越語言建模：模型對齊與基於人類反饋的強化學習 ···························· 21

1.5.8 領域特定大語言模型············ 22

1.6 LLM 的應用································ 23

1.6.1 經典 NLP 任務···················· 23

1.6.2 自由文本生成····················· 26

1.6.3 信息檢索 / 神經語義搜索······· 27

1.6.4 聊天機器人························ 28

1.7 總結·············· 29

第 2 章 使用 LLM 進行語義搜索 ·················30

2.1 引言······························ 30

2.2 任務背景···································· 31

非對稱語義搜索··························· 31

2.3 解決方案概覽······························ 33

2.4 核心組件···································· 34

2.4.1 文本嵌入器························ 34

2.4.2 如何判斷文本片段的“相似性” ····················· 34

2.4.3 文檔分塊··························· 38

2.4.4 向量數據庫························ 43

2.4.5 重新排序檢索結果··············· 44

2.4.6 API ·································· 45

2.5 整合全局：讓一切運轉起來············ 46

性能評估···································· 47

2.6 閉源組件的成本··························· 50

2.7 總結·········································· 50

第 3 章 提示工程入門······························· 51

3.1 引言·········································· 51

3.2 提示工程···································· 51

3.2.1 語言模型中的對齊··············· 52

3.2.2 直接詢問··························· 53

3.2.3 當“直接詢問”不再奏效······ 55

3.2.4 少樣本學習························ 55

3.2.5 輸出格式化························ 56

3.2.6 人設提示··························· 57

3.2.7 思維鏈提示························ 58

3.2.8 示例：基礎算術·················· 59

3.3 跨模型使用提示··························· 59

3.3.1 聊天模型補全模型··············· 59

3.3.2 Cohere 的 Command 系列 ······ 61

3.3.3 開源模型的提示工程············ 62

3.4 總結························· 64

第 4 章 AI 生態系統：整合各個組件············65

4.1 引言·········································· 65

4.2 閉源 AI 的性能漂移 ······················ 65

4.3 AI 的推理與思考之別 ···················· 67

4.4 案例研究 1：檢索增強生成（ RAG）·· 68

4.4.1 組件協作：檢索器與生成器··· 69

4.4.2 評估 RAG 系統··················· 74

4.5 案例研究 2：自動化 AI 智能體 ········ 76

4.5.1 思考 → 行動 → 觀察 → 響應 · 76

4.5.2 評估 AI 智能體 ··················· 81

4.6 總結························· 82

第二部分 充分發揮 LLM 的價值

第 5 章 利用定制微調優化 LLM ·················84

5.1 引言·········································· 84

5.2 遷移學習與微調：入門指南············ 85

5.2.1 微調流程詳解····················· 86

5.2.2 以閉源預訓練模型為基礎······ 88

5.3 OpenAI 微調 API 一覽 ··················· 88

5.3.1 OpenAI 微調 API················· 88

5.3.2 案例研究：應用評論情感分類 88

5.3.3 數據準則和最佳實踐············ 89

5.4 使用 OpenAI CLI 準備自定義示例 ···· 90

5.5 設置 OpenAI CLI·························· 92

超參數選擇與優化························ 93

5.6 我們的第一個微調 LLM················· 93

5.6.1 使用定量指標評估微調模型··· 94

5.6.2 定性評估技術····················· 97

5.6.3 將微調後的 OpenAI 模型集成到應用中················ 100

5.6.4 OpenAI 對決開源自編碼 BERT ·················· 100

5.7 總結··················· 102

第 6 章 高級提示工程····························· 103

6.1 引言········································ 103

6.2 提示註入攻擊···························· 103

6.3 輸入 / 輸出驗證 ························· 105

示例：使用 NLI 構建驗證管道 ······ 106

6.4 批量提示·································· 108

6.5 提示鏈···························· 109

6.5.1 使用提示鏈防止提示堆砌·····111

6.5.2 示例：使用多模態 LLM 進行安全鏈式操作············113

6.6 案例研究： AI 的數學有多好···········115

6.6.1 我們的數據集： MathQA·······115

6.6.2 展示你的計算過程？測試思維鏈·················117

6.6.3 用少樣本示例鼓勵 LLM······ 120

6.6.4 示例重要嗎？重訪語義搜索· 121

6.6.5 總結 MathQA 數據集的結果· 122

6.7 總結········································ 124

第 7 章 定制嵌入與模型架構···················· 125

7.1 引言·················· 125

7.2 案例研究：構建推薦系統············· 125

7.2.1 設置問題和數據················ 126

7.2.2 定義推薦問題··················· 127

7.2.3 推薦系統的宏觀視角·········· 129

7.2.4 生成自定義描述字段以比較物品············ 132

7.2.5 使用基礎嵌入器設定基線···· 133

7.2.6 準備微調數據··················· 134

7.2.7 結果總結························· 138

7.3 總結··············· 141

第 8 章 AI 對齊的第一性原理··················· 142

8.1 引言········································ 142

8.2 對齊的對象與目的······················ 142

8.2.1 指令對齊························· 142

8.2.2 行為對齊························· 143

8.2.3 風格對齊························· 145

8.2.4 價值對齊························· 146

8.3 對齊作為偏見緩解器··················· 147

8.4 對齊的三大支柱························· 151

8.4.1 數據······························· 151

8.4.2 訓練 / 調優模型 ················ 154

8.4.3 評估······························· 156

8.4.4 對齊的三大支柱小結·········· 165

8.5 憲法式 AI：邁向自我對齊的一步 ··· 166

8.6 總結········································ 168

第三部分 LLM 高級應用

第 9 章 超越基礎模型····························· 170

9.1 引言························ 170

9.2 案例研究：視覺問答··················· 170

9.2.1 模型介紹： Vision Transformer、 GPT-2 和 DistilBERT····························· 171

9.2.2 隱藏狀態投影與融合·········· 175

9.2.3 交叉註意力：它是什麼？為什麼如此關鍵················· 175

9.2.4 我們的自定義多模態模型···· 178

9.2.5 我們的數據： Visual QA······· 180

9.2.6 VQA 訓練循環·················· 182

9.2.7 結果總結························· 183

9.3 案例研究：基於反饋的強化學習···· 185

9.3.1 我們的模型： FLAN-T5 ······· 186

9.3.2 我們的獎勵模型：情感與語法正確性·············· 187

9.3.3 Transformer 強化學習 ········· 188

9.3.4 RLF 訓練循環 ·················· 189

9.3.5 結果總結························· 192

9.4 總結·························· 194

第 10 章 高級開源 LLM 微調··················· 195

10.1 引言 ······································ 195

10.2 示例：使用 BERT 進行動漫流派多標簽分類 ················· 195

10.2.1 使用 Jaccard 分數衡量動漫標題多標簽流派預測的性能························ 196

10.2.2 一個簡單的微調循環 ········ 197

10.2.3 微調開源 LLM 的通用技巧  199

10.2.4 結果總結 ······················· 205

10.3 示例：使用 GPT2 生成 LaTeX······ 207

10.3.1 開源模型的提示工程 ········ 208

10.3.2 結果總結 ······················· 210

10.4 打造自己的睿智且引人入勝的對話助手—SAWYER ······················211

10.4.1 步驟 1：監督指令微調······ 213

10.4.2 步驟 2：獎勵模型訓練······ 218

10.4.3 步驟 3：基於（模擬的）人類反饋的強化學習··············· 222

10.4.4 結果總結 ······················· 225

10.4.5 用新鮮知識更新我們的 LLM ························ 228

10.5 總結 ······································ 230

第 11 章 將 LLM 投入生產······················ 233

11.1 引言 ······································ 233

11.2 閉源 LLM 的生產部署················ 233

11.2.1 成本預估 ······················· 233

11.2.2 API 密鑰管理·················· 234

11.3 開源 LLM 的生產部署················ 234

11.3.1 為推理準備模型 ·············· 234

11.3.2 互操作性 ······················· 234

11.3.3 量化 ····························· 235

11.3.4 知識蒸餾 ······················· 240

11.3.5 LLM 的成本預估 ············· 248

11.3.6 發布到 Hugging Face········· 249

11.4 總結 ······································ 252

第 12 章 評估 LLM ······························· 253

12.1 引言 ······································ 253

12.2 評估生成任務 ·························· 254

12.2.1 生成式多項選擇 ·············· 254

12.2.2 自由文本回答 ················· 257

12.2.3 基準測試 ······················· 259

12.3 評估理解任務 ·························· 267

12.3.1 嵌入 ····························· 267

12.3.2 校準分類 ······················· 270

12.3.3 探測 LLM 的世界模型 ······ 273

12.4 總結 ······································ 277

12.5 繼續前行 ································ 278

第四部分 附錄

附錄 A LLM 常見問題解答 ····················· 280

附錄 B LLM 術語表 ······························ 283

附錄 C LLM 應用原型 ··························· 288

附錄 D 代碼倉庫使用指南······················· 291