What Is Zero-Shot Classification?
Traditional classifiers require labelled training data for every category. Zero-shot classification lets you define categories at inference time -- no training required. The model uses its general language understanding to match text to labels it has never been explicitly trained on.
| Approach | Training data needed? | New categories? | Security use case |
|---|---|---|---|
| Traditional classifier | Yes -- hundreds of labelled examples per class | Retrain from scratch | Malware family classification |
| Zero-shot classifier | No -- define labels at call time | Just add a new label string | Map SIEM alerts to MITRE ATT&CK tactics |
The trade-off: zero-shot is less accurate than a fine-tuned model, but infinitely more flexible. For security teams that need to classify novel threat types without waiting for labelled datasets, this is transformative.
How It Works: Natural Language Inference (NLI)
Under the hood, zero-shot classification uses an NLI model. It frames the problem as: "Does the input text entail each candidate label?" The model scores each label independently:
| Input text | Candidate label | Entailment score |
|---|---|---|
| Outbound connection to 185.234.219.47:443 after powershell execution | malicious activity | 0.87 |
| normal traffic | 0.08 | |
| configuration change | 0.05 |
The model has never seen these specific labels before. It uses its understanding of language to assess how well each label describes the input.
The HuggingFace Pipeline API
About that model name: HuggingFace model IDs follow the pattern org/name. facebook/bart-large-mnli means Facebook AI's BART architecture, the "large" size variant (~400M parameters), fine-tuned on the MNLI dataset — which is exactly what makes it work for zero-shot classification (the NLI training is what powers the entailment scoring shown in the table above). You'll learn to pick models for your own use cases in the workshop.
from transformers import pipeline
# Load the zero-shot classification pipeline
classifier = pipeline(
"zero-shot-classification",
model="facebook/bart-large-mnli"
)
# Classify a security log entry
result = classifier(
"Lateral movement detected: SMB connections to 15 internal hosts",
candidate_labels=[
"lateral movement",
"data exfiltration",
"persistence",
"normal traffic"
]
)
print(result["labels"][0]) # "lateral movement"
print(result["scores"][0]) # 0.92Three lines of code. No training data. No model architecture decisions. HuggingFace handles tokenisation, model loading, and post-processing automatically.
Available Pipeline Tasks
| Task | Pipeline name | Security use case |
|---|---|---|
| Text classification | text-classification | Classify log severity, phishing detection |
| Named entity recognition | ner | Extract IPs, CVEs, malware names from reports |
| Summarisation | summarization | Summarise threat intel reports |
| Question answering | question-answering | Extract answers from policy documents |
| Zero-shot classification | zero-shot-classification | Map alerts to custom categories without training |
Think Deeper
Classify 'DNS query to known C2 domain at 3 AM from accounting workstation' using candidate labels: data exfiltration, lateral movement, C2 communication, normal activity. Which label wins? Now add 'scheduled backup' as a fifth label -- does the ranking change?