{"bundle_type":"pith_open_graph_bundle","bundle_version":"1.0","pith_number":"pith:2017:7DYQN3CWAVZV5DAGH7CVVVZHK7","short_pith_number":"pith:7DYQN3CW","canonical_record":{"source":{"id":"1711.03947","kind":"arxiv","version":2},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2017-11-10T18:18:41Z","cross_cats_sorted":["stat.ML"],"title_canon_sha256":"f5a5ef163abe2e5c7834fec833effa54b3c503b5ead6f20761f9dfd152463fff","abstract_canon_sha256":"54ed02c9d47cc956fe032f3f4eb7d897fc44e6f8088827aad2ffeda268ec295a"},"schema_version":"1.0"},"canonical_sha256":"f8f106ec5605735e8c063fc55ad72757f37da8ce22ef1a154589e8aac23993cc","source":{"kind":"arxiv","id":"1711.03947","version":2},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1711.03947","created_at":"2026-05-18T00:04:34Z"},{"alias_kind":"arxiv_version","alias_value":"1711.03947v2","created_at":"2026-05-18T00:04:34Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1711.03947","created_at":"2026-05-18T00:04:34Z"},{"alias_kind":"pith_short_12","alias_value":"7DYQN3CWAVZV","created_at":"2026-05-18T12:31:05Z"},{"alias_kind":"pith_short_16","alias_value":"7DYQN3CWAVZV5DAG","created_at":"2026-05-18T12:31:05Z"},{"alias_kind":"pith_short_8","alias_value":"7DYQN3CW","created_at":"2026-05-18T12:31:05Z"}],"events":[{"event_type":"record_created","subject_pith_number":"pith:2017:7DYQN3CWAVZV5DAGH7CVVVZHK7","target":"record","payload":{"canonical_record":{"source":{"id":"1711.03947","kind":"arxiv","version":2},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2017-11-10T18:18:41Z","cross_cats_sorted":["stat.ML"],"title_canon_sha256":"f5a5ef163abe2e5c7834fec833effa54b3c503b5ead6f20761f9dfd152463fff","abstract_canon_sha256":"54ed02c9d47cc956fe032f3f4eb7d897fc44e6f8088827aad2ffeda268ec295a"},"schema_version":"1.0"},"canonical_sha256":"f8f106ec5605735e8c063fc55ad72757f37da8ce22ef1a154589e8aac23993cc","receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-05-18T00:04:34.196008Z","signature_b64":"I+i/ci7NxKa0I0ZHn92Z7xMSm2v2HKxRv7d4472VYQKdNAZzRwPOEND457KFTiMgXZ+GKS9dOHhDqi1SLWaBDw==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"f8f106ec5605735e8c063fc55ad72757f37da8ce22ef1a154589e8aac23993cc","last_reissued_at":"2026-05-18T00:04:34.195348Z","signature_status":"signed_v1","first_computed_at":"2026-05-18T00:04:34.195348Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"source_kind":"arxiv","source_id":"1711.03947","source_version":2,"attestation_state":"computed"},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T00:04:34Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"KVwdV+CoWfqBXe+R0SRbJcvMj4e4igbSrRfeP/jHFsX5fp+tQGJ3JaEF561QOMFneOpVV3YfpMZTXRVnFFjAAA==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-05-31T23:10:05.655431Z"},"content_sha256":"274d65c16f43fd214c2f3fce9183b5282e62205e0e553e807356d86978a3c1ea","schema_version":"1.0","event_id":"sha256:274d65c16f43fd214c2f3fce9183b5282e62205e0e553e807356d86978a3c1ea"},{"event_type":"graph_snapshot","subject_pith_number":"pith:2017:7DYQN3CWAVZV5DAGH7CVVVZHK7","target":"graph","payload":{"graph_snapshot":{"paper":{"title":"Dynamic Analysis of Executables to Detect and Characterize Malware","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":["stat.ML"],"primary_cat":"cs.CR","authors_text":"Christopher C. Lamb, Conrad D. James, James B. Aimone, Joe B. Ingram, Justin E. Doak, Michael R. Smith, Timothy J. Draelos","submitted_at":"2017-11-10T18:18:41Z","abstract_excerpt":"It is needed to ensure the integrity of systems that process sensitive information and control many aspects of everyday life. We examine the use of machine learning algorithms to detect malware using the system calls generated by executables-alleviating attempts at obfuscation as the behavior is monitored rather than the bytes of an executable. We examine several machine learning techniques for detecting malware including random forests, deep learning techniques, and liquid state machines. The experiments examine the effects of concept drift on each algorithm to understand how well the algorit"},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1711.03947","kind":"arxiv","version":2},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"verdict_id":null},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T00:04:34Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"dZlJLuQAUo2jDoT/4jBNdfUN/46oyDpk1qB93u7cgHA3mXyBwJHIDVKPYGx77SKnKfHgxzUDShD1gB4Cw7EfAg==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-05-31T23:10:05.656356Z"},"content_sha256":"2fd0998a260acab84a8a0a53dd9b9aac9345ecb4151fcb028898d076e4a8e0e7","schema_version":"1.0","event_id":"sha256:2fd0998a260acab84a8a0a53dd9b9aac9345ecb4151fcb028898d076e4a8e0e7"}],"timestamp_proofs":[],"mirror_hints":[{"mirror_type":"https","name":"Pith Resolver","base_url":"https://pith.science","bundle_url":"https://pith.science/pith/7DYQN3CWAVZV5DAGH7CVVVZHK7/bundle.json","state_url":"https://pith.science/pith/7DYQN3CWAVZV5DAGH7CVVVZHK7/state.json","well_known_bundle_url":"https://pith.science/.well-known/pith/7DYQN3CWAVZV5DAGH7CVVVZHK7/bundle.json","status":"primary"}],"public_keys":[{"key_id":"pith-v1-2026-05","algorithm":"ed25519","format":"raw","public_key_b64":"stVStoiQhXFxp4s2pdzPNoqVNBMojDU/fJ2db5S3CbM=","public_key_hex":"b2d552b68890857171a78b36a5dccf368a953413288c353f7c9d9d6f94b709b3","fingerprint_sha256_b32_first128bits":"RVFV5Z2OI2J3ZUO7ERDEBCYNKS","fingerprint_sha256_hex":"8d4b5ee74e4693bcd1df2446408b0d54","rotates_at":null,"url":"https://pith.science/pith-signing-key.json","notes":"Pith uses this Ed25519 key to sign canonical record SHA-256 digests. Verify with: ed25519_verify(public_key, message=canonical_sha256_bytes, signature=base64decode(signature_b64))."}],"merge_version":"pith-open-graph-merge-v1","built_at":"2026-05-31T23:10:05Z","links":{"resolver":"https://pith.science/pith/7DYQN3CWAVZV5DAGH7CVVVZHK7","bundle":"https://pith.science/pith/7DYQN3CWAVZV5DAGH7CVVVZHK7/bundle.json","state":"https://pith.science/pith/7DYQN3CWAVZV5DAGH7CVVVZHK7/state.json","well_known_bundle":"https://pith.science/.well-known/pith/7DYQN3CWAVZV5DAGH7CVVVZHK7/bundle.json"},"state":{"state_type":"pith_open_graph_state","state_version":"1.0","pith_number":"pith:2017:7DYQN3CWAVZV5DAGH7CVVVZHK7","merge_version":"pith-open-graph-merge-v1","event_count":2,"valid_event_count":2,"invalid_event_count":0,"equivocation_count":0,"current":{"canonical_record":{"metadata":{"abstract_canon_sha256":"54ed02c9d47cc956fe032f3f4eb7d897fc44e6f8088827aad2ffeda268ec295a","cross_cats_sorted":["stat.ML"],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2017-11-10T18:18:41Z","title_canon_sha256":"f5a5ef163abe2e5c7834fec833effa54b3c503b5ead6f20761f9dfd152463fff"},"schema_version":"1.0","source":{"id":"1711.03947","kind":"arxiv","version":2}},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1711.03947","created_at":"2026-05-18T00:04:34Z"},{"alias_kind":"arxiv_version","alias_value":"1711.03947v2","created_at":"2026-05-18T00:04:34Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1711.03947","created_at":"2026-05-18T00:04:34Z"},{"alias_kind":"pith_short_12","alias_value":"7DYQN3CWAVZV","created_at":"2026-05-18T12:31:05Z"},{"alias_kind":"pith_short_16","alias_value":"7DYQN3CWAVZV5DAG","created_at":"2026-05-18T12:31:05Z"},{"alias_kind":"pith_short_8","alias_value":"7DYQN3CW","created_at":"2026-05-18T12:31:05Z"}],"graph_snapshots":[{"event_id":"sha256:2fd0998a260acab84a8a0a53dd9b9aac9345ecb4151fcb028898d076e4a8e0e7","target":"graph","created_at":"2026-05-18T00:04:34Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"graph_snapshot":{"author_claims":{"count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","strong_count":0},"builder_version":"pith-number-builder-2026-05-17-v1","claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"paper":{"abstract_excerpt":"It is needed to ensure the integrity of systems that process sensitive information and control many aspects of everyday life. We examine the use of machine learning algorithms to detect malware using the system calls generated by executables-alleviating attempts at obfuscation as the behavior is monitored rather than the bytes of an executable. We examine several machine learning techniques for detecting malware including random forests, deep learning techniques, and liquid state machines. The experiments examine the effects of concept drift on each algorithm to understand how well the algorit","authors_text":"Christopher C. Lamb, Conrad D. James, James B. Aimone, Joe B. Ingram, Justin E. Doak, Michael R. Smith, Timothy J. Draelos","cross_cats":["stat.ML"],"headline":"","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2017-11-10T18:18:41Z","title":"Dynamic Analysis of Executables to Detect and Characterize Malware"},"references":{"count":0,"internal_anchors":0,"resolved_work":0,"sample":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1711.03947","kind":"arxiv","version":2},"verdict":{"created_at":null,"id":null,"model_set":{},"one_line_summary":"","pipeline_version":null,"pith_extraction_headline":"","strongest_claim":"","weakest_assumption":""}},"verdict_id":null}}],"author_attestations":[],"timestamp_anchors":[],"storage_attestations":[],"citation_signatures":[],"replication_records":[],"corrections":[],"mirror_hints":[],"record_created":{"event_id":"sha256:274d65c16f43fd214c2f3fce9183b5282e62205e0e553e807356d86978a3c1ea","target":"record","created_at":"2026-05-18T00:04:34Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"attestation_state":"computed","canonical_record":{"metadata":{"abstract_canon_sha256":"54ed02c9d47cc956fe032f3f4eb7d897fc44e6f8088827aad2ffeda268ec295a","cross_cats_sorted":["stat.ML"],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2017-11-10T18:18:41Z","title_canon_sha256":"f5a5ef163abe2e5c7834fec833effa54b3c503b5ead6f20761f9dfd152463fff"},"schema_version":"1.0","source":{"id":"1711.03947","kind":"arxiv","version":2}},"canonical_sha256":"f8f106ec5605735e8c063fc55ad72757f37da8ce22ef1a154589e8aac23993cc","receipt":{"algorithm":"ed25519","builder_version":"pith-number-builder-2026-05-17-v1","canonical_sha256":"f8f106ec5605735e8c063fc55ad72757f37da8ce22ef1a154589e8aac23993cc","first_computed_at":"2026-05-18T00:04:34.195348Z","key_id":"pith-v1-2026-05","kind":"pith_receipt","last_reissued_at":"2026-05-18T00:04:34.195348Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","receipt_version":"0.3","signature_b64":"I+i/ci7NxKa0I0ZHn92Z7xMSm2v2HKxRv7d4472VYQKdNAZzRwPOEND457KFTiMgXZ+GKS9dOHhDqi1SLWaBDw==","signature_status":"signed_v1","signed_at":"2026-05-18T00:04:34.196008Z","signed_message":"canonical_sha256_bytes"},"source_id":"1711.03947","source_kind":"arxiv","source_version":2}}},"equivocations":[],"invalid_events":[],"applied_event_ids":["sha256:274d65c16f43fd214c2f3fce9183b5282e62205e0e553e807356d86978a3c1ea","sha256:2fd0998a260acab84a8a0a53dd9b9aac9345ecb4151fcb028898d076e4a8e0e7"],"state_sha256":"5ab4987e8bbb137ca326026b81f60436c113804f8ab0c92088a5d56a757255ac"},"bundle_signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"1dpK2IBQnUx5Noc82HosHl1EGEq/kyMgYFRppjVi4S3qPU5G0IjaDrpEK3UhVjmqMWe+YPU08jTe5HoeeD9cCQ==","signed_message":"bundle_sha256_bytes","signed_at":"2026-05-31T23:10:05.661083Z","bundle_sha256":"a61d3aaf3acac2478915b4173b1b498d2e74b8851e53cdf10a0a45b5bbd4bc9c"}}