{"bundle_type":"pith_open_graph_bundle","bundle_version":"1.0","pith_number":"pith:2019:ARPOMAVPWCEQ73MFCISBR3CPYL","short_pith_number":"pith:ARPOMAVP","canonical_record":{"source":{"id":"1907.00874","kind":"arxiv","version":1},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2019-07-01T15:38:39Z","cross_cats_sorted":["cs.LG"],"title_canon_sha256":"b8dc289684ddcb0f893f15c503178b11bad55d1a34572e8d5622cc9c6d3fdf7a","abstract_canon_sha256":"9f97083c06d15b6eb38d0a62d649de8361754779c5caa9a43f415f0b2a6d2019"},"schema_version":"1.0"},"canonical_sha256":"045ee602afb0890fed85122418ec4fc2fc733d6543c174c8dbb4974117dd905d","source":{"kind":"arxiv","id":"1907.00874","version":1},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1907.00874","created_at":"2026-05-17T23:41:47Z"},{"alias_kind":"arxiv_version","alias_value":"1907.00874v1","created_at":"2026-05-17T23:41:47Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1907.00874","created_at":"2026-05-17T23:41:47Z"},{"alias_kind":"pith_short_12","alias_value":"ARPOMAVPWCEQ","created_at":"2026-05-18T12:33:12Z"},{"alias_kind":"pith_short_16","alias_value":"ARPOMAVPWCEQ73MF","created_at":"2026-05-18T12:33:12Z"},{"alias_kind":"pith_short_8","alias_value":"ARPOMAVP","created_at":"2026-05-18T12:33:12Z"}],"events":[{"event_type":"record_created","subject_pith_number":"pith:2019:ARPOMAVPWCEQ73MFCISBR3CPYL","target":"record","payload":{"canonical_record":{"source":{"id":"1907.00874","kind":"arxiv","version":1},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2019-07-01T15:38:39Z","cross_cats_sorted":["cs.LG"],"title_canon_sha256":"b8dc289684ddcb0f893f15c503178b11bad55d1a34572e8d5622cc9c6d3fdf7a","abstract_canon_sha256":"9f97083c06d15b6eb38d0a62d649de8361754779c5caa9a43f415f0b2a6d2019"},"schema_version":"1.0"},"canonical_sha256":"045ee602afb0890fed85122418ec4fc2fc733d6543c174c8dbb4974117dd905d","receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-05-17T23:41:47.797902Z","signature_b64":"1gCifOWXbOZ+rwQ+Fky+K0UhRtuEJoOoErZArodplp4nM22piWl7AuqL2U4GsP2jGih0rfLFxJIf1PL6WUuXDQ==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"045ee602afb0890fed85122418ec4fc2fc733d6543c174c8dbb4974117dd905d","last_reissued_at":"2026-05-17T23:41:47.797130Z","signature_status":"signed_v1","first_computed_at":"2026-05-17T23:41:47.797130Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"source_kind":"arxiv","source_id":"1907.00874","source_version":1,"attestation_state":"computed"},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-17T23:41:47Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"3Fh1tqePNaMjLin6D5t3rgPmfMvysFSvK0JBgaooFrIRToHZ3oH/e3nxnq5ytzCberTb6uqmDocdVep0kankBg==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-06-01T09:15:23.271638Z"},"content_sha256":"6edcb69baf07715ec58dcedc5831ef81126973545bb802844269a9fece3e7c6e","schema_version":"1.0","event_id":"sha256:6edcb69baf07715ec58dcedc5831ef81126973545bb802844269a9fece3e7c6e"},{"event_type":"graph_snapshot","subject_pith_number":"pith:2019:ARPOMAVPWCEQ73MFCISBR3CPYL","target":"graph","payload":{"graph_snapshot":{"paper":{"title":"System Misuse Detection via Informed Behavior Clustering and Modeling","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":["cs.LG"],"primary_cat":"cs.CR","authors_text":"Linara Adilova, Livin Natious, Michael Kamp, Olivier Thonnard, Siming Chen","submitted_at":"2019-07-01T15:38:39Z","abstract_excerpt":"One of the main tasks of cybersecurity is recognizing malicious interactions with an arbitrary system. Currently, the logging information from each interaction can be collected in almost unrestricted amounts, but identification of attacks requires a lot of effort and time of security experts. We propose an approach for identifying fraud activity through modeling normal behavior in interactions with a system via machine learning methods, in particular LSTM neural networks. In order to enrich the modeling with system specific knowledge, we propose to use an interactive visual interface that allo"},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1907.00874","kind":"arxiv","version":1},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"verdict_id":null},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-17T23:41:47Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"tzz7WsPV++0pc6fIeD/JSA1sMzi8sI3440ecA6STbfn7FuBkbUf+C4I1at76pitVclAepShM1yZbtdm1GffbCg==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-06-01T09:15:23.271990Z"},"content_sha256":"390ad02012e7493d6b3ec9d01592860dd02180f51d2bd6b30d95f80f61660fed","schema_version":"1.0","event_id":"sha256:390ad02012e7493d6b3ec9d01592860dd02180f51d2bd6b30d95f80f61660fed"}],"timestamp_proofs":[],"mirror_hints":[{"mirror_type":"https","name":"Pith Resolver","base_url":"https://pith.science","bundle_url":"https://pith.science/pith/ARPOMAVPWCEQ73MFCISBR3CPYL/bundle.json","state_url":"https://pith.science/pith/ARPOMAVPWCEQ73MFCISBR3CPYL/state.json","well_known_bundle_url":"https://pith.science/.well-known/pith/ARPOMAVPWCEQ73MFCISBR3CPYL/bundle.json","status":"primary"}],"public_keys":[{"key_id":"pith-v1-2026-05","algorithm":"ed25519","format":"raw","public_key_b64":"stVStoiQhXFxp4s2pdzPNoqVNBMojDU/fJ2db5S3CbM=","public_key_hex":"b2d552b68890857171a78b36a5dccf368a953413288c353f7c9d9d6f94b709b3","fingerprint_sha256_b32_first128bits":"RVFV5Z2OI2J3ZUO7ERDEBCYNKS","fingerprint_sha256_hex":"8d4b5ee74e4693bcd1df2446408b0d54","rotates_at":null,"url":"https://pith.science/pith-signing-key.json","notes":"Pith uses this Ed25519 key to sign canonical record SHA-256 digests. Verify with: ed25519_verify(public_key, message=canonical_sha256_bytes, signature=base64decode(signature_b64))."}],"merge_version":"pith-open-graph-merge-v1","built_at":"2026-06-01T09:15:23Z","links":{"resolver":"https://pith.science/pith/ARPOMAVPWCEQ73MFCISBR3CPYL","bundle":"https://pith.science/pith/ARPOMAVPWCEQ73MFCISBR3CPYL/bundle.json","state":"https://pith.science/pith/ARPOMAVPWCEQ73MFCISBR3CPYL/state.json","well_known_bundle":"https://pith.science/.well-known/pith/ARPOMAVPWCEQ73MFCISBR3CPYL/bundle.json"},"state":{"state_type":"pith_open_graph_state","state_version":"1.0","pith_number":"pith:2019:ARPOMAVPWCEQ73MFCISBR3CPYL","merge_version":"pith-open-graph-merge-v1","event_count":2,"valid_event_count":2,"invalid_event_count":0,"equivocation_count":0,"current":{"canonical_record":{"metadata":{"abstract_canon_sha256":"9f97083c06d15b6eb38d0a62d649de8361754779c5caa9a43f415f0b2a6d2019","cross_cats_sorted":["cs.LG"],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2019-07-01T15:38:39Z","title_canon_sha256":"b8dc289684ddcb0f893f15c503178b11bad55d1a34572e8d5622cc9c6d3fdf7a"},"schema_version":"1.0","source":{"id":"1907.00874","kind":"arxiv","version":1}},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1907.00874","created_at":"2026-05-17T23:41:47Z"},{"alias_kind":"arxiv_version","alias_value":"1907.00874v1","created_at":"2026-05-17T23:41:47Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1907.00874","created_at":"2026-05-17T23:41:47Z"},{"alias_kind":"pith_short_12","alias_value":"ARPOMAVPWCEQ","created_at":"2026-05-18T12:33:12Z"},{"alias_kind":"pith_short_16","alias_value":"ARPOMAVPWCEQ73MF","created_at":"2026-05-18T12:33:12Z"},{"alias_kind":"pith_short_8","alias_value":"ARPOMAVP","created_at":"2026-05-18T12:33:12Z"}],"graph_snapshots":[{"event_id":"sha256:390ad02012e7493d6b3ec9d01592860dd02180f51d2bd6b30d95f80f61660fed","target":"graph","created_at":"2026-05-17T23:41:47Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"graph_snapshot":{"author_claims":{"count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","strong_count":0},"builder_version":"pith-number-builder-2026-05-17-v1","claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"paper":{"abstract_excerpt":"One of the main tasks of cybersecurity is recognizing malicious interactions with an arbitrary system. Currently, the logging information from each interaction can be collected in almost unrestricted amounts, but identification of attacks requires a lot of effort and time of security experts. We propose an approach for identifying fraud activity through modeling normal behavior in interactions with a system via machine learning methods, in particular LSTM neural networks. In order to enrich the modeling with system specific knowledge, we propose to use an interactive visual interface that allo","authors_text":"Linara Adilova, Livin Natious, Michael Kamp, Olivier Thonnard, Siming Chen","cross_cats":["cs.LG"],"headline":"","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2019-07-01T15:38:39Z","title":"System Misuse Detection via Informed Behavior Clustering and Modeling"},"references":{"count":0,"internal_anchors":0,"resolved_work":0,"sample":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1907.00874","kind":"arxiv","version":1},"verdict":{"created_at":null,"id":null,"model_set":{},"one_line_summary":"","pipeline_version":null,"pith_extraction_headline":"","strongest_claim":"","weakest_assumption":""}},"verdict_id":null}}],"author_attestations":[],"timestamp_anchors":[],"storage_attestations":[],"citation_signatures":[],"replication_records":[],"corrections":[],"mirror_hints":[],"record_created":{"event_id":"sha256:6edcb69baf07715ec58dcedc5831ef81126973545bb802844269a9fece3e7c6e","target":"record","created_at":"2026-05-17T23:41:47Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"attestation_state":"computed","canonical_record":{"metadata":{"abstract_canon_sha256":"9f97083c06d15b6eb38d0a62d649de8361754779c5caa9a43f415f0b2a6d2019","cross_cats_sorted":["cs.LG"],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2019-07-01T15:38:39Z","title_canon_sha256":"b8dc289684ddcb0f893f15c503178b11bad55d1a34572e8d5622cc9c6d3fdf7a"},"schema_version":"1.0","source":{"id":"1907.00874","kind":"arxiv","version":1}},"canonical_sha256":"045ee602afb0890fed85122418ec4fc2fc733d6543c174c8dbb4974117dd905d","receipt":{"algorithm":"ed25519","builder_version":"pith-number-builder-2026-05-17-v1","canonical_sha256":"045ee602afb0890fed85122418ec4fc2fc733d6543c174c8dbb4974117dd905d","first_computed_at":"2026-05-17T23:41:47.797130Z","key_id":"pith-v1-2026-05","kind":"pith_receipt","last_reissued_at":"2026-05-17T23:41:47.797130Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","receipt_version":"0.3","signature_b64":"1gCifOWXbOZ+rwQ+Fky+K0UhRtuEJoOoErZArodplp4nM22piWl7AuqL2U4GsP2jGih0rfLFxJIf1PL6WUuXDQ==","signature_status":"signed_v1","signed_at":"2026-05-17T23:41:47.797902Z","signed_message":"canonical_sha256_bytes"},"source_id":"1907.00874","source_kind":"arxiv","source_version":1}}},"equivocations":[],"invalid_events":[],"applied_event_ids":["sha256:6edcb69baf07715ec58dcedc5831ef81126973545bb802844269a9fece3e7c6e","sha256:390ad02012e7493d6b3ec9d01592860dd02180f51d2bd6b30d95f80f61660fed"],"state_sha256":"9660947be1725195034e2f773b3030ae0d6ec3c1778b89ae328539e27caa29f7"},"bundle_signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"Jwck/akPKjARQoWp2g3WBnflpwbewt67ABWriG2pbP7DoVbWbtOawwWTxm+c5gSWC0OGERDYMsN0V2LXbqfLCw==","signed_message":"bundle_sha256_bytes","signed_at":"2026-06-01T09:15:23.273994Z","bundle_sha256":"ff855516f92ba0d65aa6e7a0ccb89d394b3ffd1ede0009e37348bcdaa2009221"}}