{"bundle_type":"pith_open_graph_bundle","bundle_version":"1.0","pith_number":"pith:2018:6GOYKLH6CLDZIADQHBLCSBOSEB","short_pith_number":"pith:6GOYKLH6","canonical_record":{"source":{"id":"1804.04760","kind":"arxiv","version":1},"metadata":{"license":"http://creativecommons.org/licenses/by/4.0/","primary_cat":"cs.IR","submitted_at":"2018-04-13T01:08:42Z","cross_cats_sorted":["cs.LG"],"title_canon_sha256":"ab5de2cb4d7195a9d85dd27472d82e66289a2250fa9072aa59a89d116900be79","abstract_canon_sha256":"f62d3e82862744afb4abc6d8cd42a2fef20d7954dd840078c8f30d4b73cd01e8"},"schema_version":"1.0"},"canonical_sha256":"f19d852cfe12c794007038562905d2205d957feded9844dbd2f60a0035971568","source":{"kind":"arxiv","id":"1804.04760","version":1},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1804.04760","created_at":"2026-05-18T00:18:35Z"},{"alias_kind":"arxiv_version","alias_value":"1804.04760v1","created_at":"2026-05-18T00:18:35Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1804.04760","created_at":"2026-05-18T00:18:35Z"},{"alias_kind":"pith_short_12","alias_value":"6GOYKLH6CLDZ","created_at":"2026-05-18T12:32:08Z"},{"alias_kind":"pith_short_16","alias_value":"6GOYKLH6CLDZIADQ","created_at":"2026-05-18T12:32:08Z"},{"alias_kind":"pith_short_8","alias_value":"6GOYKLH6","created_at":"2026-05-18T12:32:08Z"}],"events":[{"event_type":"record_created","subject_pith_number":"pith:2018:6GOYKLH6CLDZIADQHBLCSBOSEB","target":"record","payload":{"canonical_record":{"source":{"id":"1804.04760","kind":"arxiv","version":1},"metadata":{"license":"http://creativecommons.org/licenses/by/4.0/","primary_cat":"cs.IR","submitted_at":"2018-04-13T01:08:42Z","cross_cats_sorted":["cs.LG"],"title_canon_sha256":"ab5de2cb4d7195a9d85dd27472d82e66289a2250fa9072aa59a89d116900be79","abstract_canon_sha256":"f62d3e82862744afb4abc6d8cd42a2fef20d7954dd840078c8f30d4b73cd01e8"},"schema_version":"1.0"},"canonical_sha256":"f19d852cfe12c794007038562905d2205d957feded9844dbd2f60a0035971568","receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-05-18T00:18:35.074347Z","signature_b64":"MO0gIgYXflz/KEMSfd31MQxiVy3WcXP4i3QW06rMLaitWIxQ1/tBJH4dU3ekgf1kz3VZoc/O6bH7Z8ztjQ3+Bw==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"f19d852cfe12c794007038562905d2205d957feded9844dbd2f60a0035971568","last_reissued_at":"2026-05-18T00:18:35.073580Z","signature_status":"signed_v1","first_computed_at":"2026-05-18T00:18:35.073580Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"source_kind":"arxiv","source_id":"1804.04760","source_version":1,"attestation_state":"computed"},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T00:18:35Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"YIjpCeND/jiU+tz0RoNXZs4VgWP8H9i+NkntpFoeSYtDRMtKDN7wi/xC91hEBHt+D9MBv+Aa1kHqW54sQA/ZCg==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-05-25T20:25:30.447461Z"},"content_sha256":"549dc898079d732e4dce112a5b4f5dc3926322b6508805b40b4dc9386b82aafa","schema_version":"1.0","event_id":"sha256:549dc898079d732e4dce112a5b4f5dc3926322b6508805b40b4dc9386b82aafa"},{"event_type":"graph_snapshot","subject_pith_number":"pith:2018:6GOYKLH6CLDZIADQHBLCSBOSEB","target":"graph","payload":{"graph_snapshot":{"paper":{"title":"RIPEx: Extracting malicious IP addresses from security forums using cross-forum learning","license":"http://creativecommons.org/licenses/by/4.0/","headline":"","cross_cats":["cs.LG"],"primary_cat":"cs.IR","authors_text":"Evangelos E. Papalexakis, Joobin Gharibshah, Michalis Faloutsos","submitted_at":"2018-04-13T01:08:42Z","abstract_excerpt":"Is it possible to extract malicious IP addresses reported in security forums in an automatic way? This is the question at the heart of our work. We focus on security forums, where security professionals and hackers share knowledge and information, and often report misbehaving IP addresses. So far, there have only been a few efforts to extract information from such security forums. We propose RIPEx, a systematic approach to identify and label IP addresses in security forums by utilizing a cross-forum learning method. In more detail, the challenge is twofold: (a) identifying IP addresses from ot"},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1804.04760","kind":"arxiv","version":1},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"verdict_id":null},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T00:18:35Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"PIINYI1CiyVwUwhzPH7kzgH7ozEmE4TIXDs/ylAep2FfctfO2v/chE0Mc3zxgHPugx4xk1DkDqK3bZFp+jKSDQ==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-05-25T20:25:30.447891Z"},"content_sha256":"50b1df295e8e027c228fece75624efeb50c23c46648f1123c9effe8021f93f57","schema_version":"1.0","event_id":"sha256:50b1df295e8e027c228fece75624efeb50c23c46648f1123c9effe8021f93f57"}],"timestamp_proofs":[],"mirror_hints":[{"mirror_type":"https","name":"Pith Resolver","base_url":"https://pith.science","bundle_url":"https://pith.science/pith/6GOYKLH6CLDZIADQHBLCSBOSEB/bundle.json","state_url":"https://pith.science/pith/6GOYKLH6CLDZIADQHBLCSBOSEB/state.json","well_known_bundle_url":"https://pith.science/.well-known/pith/6GOYKLH6CLDZIADQHBLCSBOSEB/bundle.json","status":"primary"}],"public_keys":[{"key_id":"pith-v1-2026-05","algorithm":"ed25519","format":"raw","public_key_b64":"stVStoiQhXFxp4s2pdzPNoqVNBMojDU/fJ2db5S3CbM=","public_key_hex":"b2d552b68890857171a78b36a5dccf368a953413288c353f7c9d9d6f94b709b3","fingerprint_sha256_b32_first128bits":"RVFV5Z2OI2J3ZUO7ERDEBCYNKS","fingerprint_sha256_hex":"8d4b5ee74e4693bcd1df2446408b0d54","rotates_at":null,"url":"https://pith.science/pith-signing-key.json","notes":"Pith uses this Ed25519 key to sign canonical record SHA-256 digests. Verify with: ed25519_verify(public_key, message=canonical_sha256_bytes, signature=base64decode(signature_b64))."}],"merge_version":"pith-open-graph-merge-v1","built_at":"2026-05-25T20:25:30Z","links":{"resolver":"https://pith.science/pith/6GOYKLH6CLDZIADQHBLCSBOSEB","bundle":"https://pith.science/pith/6GOYKLH6CLDZIADQHBLCSBOSEB/bundle.json","state":"https://pith.science/pith/6GOYKLH6CLDZIADQHBLCSBOSEB/state.json","well_known_bundle":"https://pith.science/.well-known/pith/6GOYKLH6CLDZIADQHBLCSBOSEB/bundle.json"},"state":{"state_type":"pith_open_graph_state","state_version":"1.0","pith_number":"pith:2018:6GOYKLH6CLDZIADQHBLCSBOSEB","merge_version":"pith-open-graph-merge-v1","event_count":2,"valid_event_count":2,"invalid_event_count":0,"equivocation_count":0,"current":{"canonical_record":{"metadata":{"abstract_canon_sha256":"f62d3e82862744afb4abc6d8cd42a2fef20d7954dd840078c8f30d4b73cd01e8","cross_cats_sorted":["cs.LG"],"license":"http://creativecommons.org/licenses/by/4.0/","primary_cat":"cs.IR","submitted_at":"2018-04-13T01:08:42Z","title_canon_sha256":"ab5de2cb4d7195a9d85dd27472d82e66289a2250fa9072aa59a89d116900be79"},"schema_version":"1.0","source":{"id":"1804.04760","kind":"arxiv","version":1}},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1804.04760","created_at":"2026-05-18T00:18:35Z"},{"alias_kind":"arxiv_version","alias_value":"1804.04760v1","created_at":"2026-05-18T00:18:35Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1804.04760","created_at":"2026-05-18T00:18:35Z"},{"alias_kind":"pith_short_12","alias_value":"6GOYKLH6CLDZ","created_at":"2026-05-18T12:32:08Z"},{"alias_kind":"pith_short_16","alias_value":"6GOYKLH6CLDZIADQ","created_at":"2026-05-18T12:32:08Z"},{"alias_kind":"pith_short_8","alias_value":"6GOYKLH6","created_at":"2026-05-18T12:32:08Z"}],"graph_snapshots":[{"event_id":"sha256:50b1df295e8e027c228fece75624efeb50c23c46648f1123c9effe8021f93f57","target":"graph","created_at":"2026-05-18T00:18:35Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"graph_snapshot":{"author_claims":{"count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","strong_count":0},"builder_version":"pith-number-builder-2026-05-17-v1","claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"paper":{"abstract_excerpt":"Is it possible to extract malicious IP addresses reported in security forums in an automatic way? This is the question at the heart of our work. We focus on security forums, where security professionals and hackers share knowledge and information, and often report misbehaving IP addresses. So far, there have only been a few efforts to extract information from such security forums. We propose RIPEx, a systematic approach to identify and label IP addresses in security forums by utilizing a cross-forum learning method. In more detail, the challenge is twofold: (a) identifying IP addresses from ot","authors_text":"Evangelos E. Papalexakis, Joobin Gharibshah, Michalis Faloutsos","cross_cats":["cs.LG"],"headline":"","license":"http://creativecommons.org/licenses/by/4.0/","primary_cat":"cs.IR","submitted_at":"2018-04-13T01:08:42Z","title":"RIPEx: Extracting malicious IP addresses from security forums using cross-forum learning"},"references":{"count":0,"internal_anchors":0,"resolved_work":0,"sample":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1804.04760","kind":"arxiv","version":1},"verdict":{"created_at":null,"id":null,"model_set":{},"one_line_summary":"","pipeline_version":null,"pith_extraction_headline":"","strongest_claim":"","weakest_assumption":""}},"verdict_id":null}}],"author_attestations":[],"timestamp_anchors":[],"storage_attestations":[],"citation_signatures":[],"replication_records":[],"corrections":[],"mirror_hints":[],"record_created":{"event_id":"sha256:549dc898079d732e4dce112a5b4f5dc3926322b6508805b40b4dc9386b82aafa","target":"record","created_at":"2026-05-18T00:18:35Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"attestation_state":"computed","canonical_record":{"metadata":{"abstract_canon_sha256":"f62d3e82862744afb4abc6d8cd42a2fef20d7954dd840078c8f30d4b73cd01e8","cross_cats_sorted":["cs.LG"],"license":"http://creativecommons.org/licenses/by/4.0/","primary_cat":"cs.IR","submitted_at":"2018-04-13T01:08:42Z","title_canon_sha256":"ab5de2cb4d7195a9d85dd27472d82e66289a2250fa9072aa59a89d116900be79"},"schema_version":"1.0","source":{"id":"1804.04760","kind":"arxiv","version":1}},"canonical_sha256":"f19d852cfe12c794007038562905d2205d957feded9844dbd2f60a0035971568","receipt":{"algorithm":"ed25519","builder_version":"pith-number-builder-2026-05-17-v1","canonical_sha256":"f19d852cfe12c794007038562905d2205d957feded9844dbd2f60a0035971568","first_computed_at":"2026-05-18T00:18:35.073580Z","key_id":"pith-v1-2026-05","kind":"pith_receipt","last_reissued_at":"2026-05-18T00:18:35.073580Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","receipt_version":"0.3","signature_b64":"MO0gIgYXflz/KEMSfd31MQxiVy3WcXP4i3QW06rMLaitWIxQ1/tBJH4dU3ekgf1kz3VZoc/O6bH7Z8ztjQ3+Bw==","signature_status":"signed_v1","signed_at":"2026-05-18T00:18:35.074347Z","signed_message":"canonical_sha256_bytes"},"source_id":"1804.04760","source_kind":"arxiv","source_version":1}}},"equivocations":[],"invalid_events":[],"applied_event_ids":["sha256:549dc898079d732e4dce112a5b4f5dc3926322b6508805b40b4dc9386b82aafa","sha256:50b1df295e8e027c228fece75624efeb50c23c46648f1123c9effe8021f93f57"],"state_sha256":"937bc34b841e175dae1c3e4195e5b3510579a17ad81a47a6141824e55040db97"},"bundle_signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"xsZ8osjy5jaxI0rDvpYCrrh8gaJ/hv5TroYBdfLr2dniSaQ4asbWvtQ2Nbtr2tRvJgn7eXw/mqLRMCeaZ8eXBw==","signed_message":"bundle_sha256_bytes","signed_at":"2026-05-25T20:25:30.450367Z","bundle_sha256":"38c4778635376cf6e871e4786fccdbe973413aeabac9bc35ba9fc3bcd3522ddd"}}