{"bundle_type":"pith_open_graph_bundle","bundle_version":"1.0","pith_number":"pith:2016:CQZYVZ3WBSATU7DPDKTHYIGDVR","short_pith_number":"pith:CQZYVZ3W","canonical_record":{"source":{"id":"1612.03641","kind":"arxiv","version":1},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2016-12-12T12:18:09Z","cross_cats_sorted":[],"title_canon_sha256":"3cda67b65b7dee0a1cc632c033ab260f552003bcb52ae79193257975ff866ca2","abstract_canon_sha256":"707d73eb66db1c3895a070c4fdfcac158b048a489eb0c3e3dca0b9aaeb319927"},"schema_version":"1.0"},"canonical_sha256":"14338ae7760c813a7c6f1aa67c20c3ac7ec6674665152fa8c6014f68fe9bd6a9","source":{"kind":"arxiv","id":"1612.03641","version":1},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1612.03641","created_at":"2026-05-18T00:55:18Z"},{"alias_kind":"arxiv_version","alias_value":"1612.03641v1","created_at":"2026-05-18T00:55:18Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1612.03641","created_at":"2026-05-18T00:55:18Z"},{"alias_kind":"pith_short_12","alias_value":"CQZYVZ3WBSAT","created_at":"2026-05-18T12:30:09Z"},{"alias_kind":"pith_short_16","alias_value":"CQZYVZ3WBSATU7DP","created_at":"2026-05-18T12:30:09Z"},{"alias_kind":"pith_short_8","alias_value":"CQZYVZ3W","created_at":"2026-05-18T12:30:09Z"}],"events":[{"event_type":"record_created","subject_pith_number":"pith:2016:CQZYVZ3WBSATU7DPDKTHYIGDVR","target":"record","payload":{"canonical_record":{"source":{"id":"1612.03641","kind":"arxiv","version":1},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2016-12-12T12:18:09Z","cross_cats_sorted":[],"title_canon_sha256":"3cda67b65b7dee0a1cc632c033ab260f552003bcb52ae79193257975ff866ca2","abstract_canon_sha256":"707d73eb66db1c3895a070c4fdfcac158b048a489eb0c3e3dca0b9aaeb319927"},"schema_version":"1.0"},"canonical_sha256":"14338ae7760c813a7c6f1aa67c20c3ac7ec6674665152fa8c6014f68fe9bd6a9","receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-05-18T00:55:18.697334Z","signature_b64":"XeyACl33gFdoi2eQ4Dd1I6h98mDBHJEbRPrp8o/EtLcB7PZbw7agBmgLnXI/h6c5MVY6kj7kzFDk9PnpOxT1Ag==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"14338ae7760c813a7c6f1aa67c20c3ac7ec6674665152fa8c6014f68fe9bd6a9","last_reissued_at":"2026-05-18T00:55:18.696667Z","signature_status":"signed_v1","first_computed_at":"2026-05-18T00:55:18.696667Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"source_kind":"arxiv","source_id":"1612.03641","source_version":1,"attestation_state":"computed"},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T00:55:18Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"Aeb6JSUeIcJww1/mQmjDm1iYGA88RNNE3uNDHOID3e+veugohAQHOGp+ail1M/06+IZGKb0yy8Y8cD4cVdxoCg==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-06-01T21:20:11.410573Z"},"content_sha256":"cb3eb090f483e462cd1a2f91093447eb8639e7c8274d8f8a31e664ab30222ee9","schema_version":"1.0","event_id":"sha256:cb3eb090f483e462cd1a2f91093447eb8639e7c8274d8f8a31e664ab30222ee9"},{"event_type":"graph_snapshot","subject_pith_number":"pith:2016:CQZYVZ3WBSATU7DPDKTHYIGDVR","target":"graph","payload":{"graph_snapshot":{"paper":{"title":"Developing Security Reputation Metrics for Hosting Providers","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":[],"primary_cat":"cs.CR","authors_text":"Arman Noroozian, Maciej Korczy\\'nski, Michel van Eeten, Samaneh TajalizadehKhoob","submitted_at":"2016-12-12T12:18:09Z","abstract_excerpt":"Research into cybercrime often points to concentrations of abuse at certain hosting providers. The implication is that these providers are worse in terms of security; some are considered `bad' or even `bullet proof'. Remarkably little work exists on systematically comparing the security performance of providers. Existing metrics typically count instances of abuse and sometimes normalize these counts by taking into account the advertised address space of the provider. None of these attempts have worked through the serious methodological challenges that plague metric design. In this paper we pre"},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1612.03641","kind":"arxiv","version":1},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"verdict_id":null},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T00:55:18Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"fae66sLDhFZ0tgVr6X4qo6hJpOOJVABkTIXSRCGlpru5Gy+q4Hx8mfmendejtPmSsIEVPQmJ7I9/ms9tiXhWAw==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-06-01T21:20:11.410930Z"},"content_sha256":"510f61f674e5f1d065e55a02d93df8097a9759ca14e2b2fabb9d0b443661cbd8","schema_version":"1.0","event_id":"sha256:510f61f674e5f1d065e55a02d93df8097a9759ca14e2b2fabb9d0b443661cbd8"}],"timestamp_proofs":[],"mirror_hints":[{"mirror_type":"https","name":"Pith Resolver","base_url":"https://pith.science","bundle_url":"https://pith.science/pith/CQZYVZ3WBSATU7DPDKTHYIGDVR/bundle.json","state_url":"https://pith.science/pith/CQZYVZ3WBSATU7DPDKTHYIGDVR/state.json","well_known_bundle_url":"https://pith.science/.well-known/pith/CQZYVZ3WBSATU7DPDKTHYIGDVR/bundle.json","status":"primary"}],"public_keys":[{"key_id":"pith-v1-2026-05","algorithm":"ed25519","format":"raw","public_key_b64":"stVStoiQhXFxp4s2pdzPNoqVNBMojDU/fJ2db5S3CbM=","public_key_hex":"b2d552b68890857171a78b36a5dccf368a953413288c353f7c9d9d6f94b709b3","fingerprint_sha256_b32_first128bits":"RVFV5Z2OI2J3ZUO7ERDEBCYNKS","fingerprint_sha256_hex":"8d4b5ee74e4693bcd1df2446408b0d54","rotates_at":null,"url":"https://pith.science/pith-signing-key.json","notes":"Pith uses this Ed25519 key to sign canonical record SHA-256 digests. Verify with: ed25519_verify(public_key, message=canonical_sha256_bytes, signature=base64decode(signature_b64))."}],"merge_version":"pith-open-graph-merge-v1","built_at":"2026-06-01T21:20:11Z","links":{"resolver":"https://pith.science/pith/CQZYVZ3WBSATU7DPDKTHYIGDVR","bundle":"https://pith.science/pith/CQZYVZ3WBSATU7DPDKTHYIGDVR/bundle.json","state":"https://pith.science/pith/CQZYVZ3WBSATU7DPDKTHYIGDVR/state.json","well_known_bundle":"https://pith.science/.well-known/pith/CQZYVZ3WBSATU7DPDKTHYIGDVR/bundle.json"},"state":{"state_type":"pith_open_graph_state","state_version":"1.0","pith_number":"pith:2016:CQZYVZ3WBSATU7DPDKTHYIGDVR","merge_version":"pith-open-graph-merge-v1","event_count":2,"valid_event_count":2,"invalid_event_count":0,"equivocation_count":0,"current":{"canonical_record":{"metadata":{"abstract_canon_sha256":"707d73eb66db1c3895a070c4fdfcac158b048a489eb0c3e3dca0b9aaeb319927","cross_cats_sorted":[],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2016-12-12T12:18:09Z","title_canon_sha256":"3cda67b65b7dee0a1cc632c033ab260f552003bcb52ae79193257975ff866ca2"},"schema_version":"1.0","source":{"id":"1612.03641","kind":"arxiv","version":1}},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1612.03641","created_at":"2026-05-18T00:55:18Z"},{"alias_kind":"arxiv_version","alias_value":"1612.03641v1","created_at":"2026-05-18T00:55:18Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1612.03641","created_at":"2026-05-18T00:55:18Z"},{"alias_kind":"pith_short_12","alias_value":"CQZYVZ3WBSAT","created_at":"2026-05-18T12:30:09Z"},{"alias_kind":"pith_short_16","alias_value":"CQZYVZ3WBSATU7DP","created_at":"2026-05-18T12:30:09Z"},{"alias_kind":"pith_short_8","alias_value":"CQZYVZ3W","created_at":"2026-05-18T12:30:09Z"}],"graph_snapshots":[{"event_id":"sha256:510f61f674e5f1d065e55a02d93df8097a9759ca14e2b2fabb9d0b443661cbd8","target":"graph","created_at":"2026-05-18T00:55:18Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"graph_snapshot":{"author_claims":{"count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","strong_count":0},"builder_version":"pith-number-builder-2026-05-17-v1","claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"paper":{"abstract_excerpt":"Research into cybercrime often points to concentrations of abuse at certain hosting providers. The implication is that these providers are worse in terms of security; some are considered `bad' or even `bullet proof'. Remarkably little work exists on systematically comparing the security performance of providers. Existing metrics typically count instances of abuse and sometimes normalize these counts by taking into account the advertised address space of the provider. None of these attempts have worked through the serious methodological challenges that plague metric design. In this paper we pre","authors_text":"Arman Noroozian, Maciej Korczy\\'nski, Michel van Eeten, Samaneh TajalizadehKhoob","cross_cats":[],"headline":"","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2016-12-12T12:18:09Z","title":"Developing Security Reputation Metrics for Hosting Providers"},"references":{"count":0,"internal_anchors":0,"resolved_work":0,"sample":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1612.03641","kind":"arxiv","version":1},"verdict":{"created_at":null,"id":null,"model_set":{},"one_line_summary":"","pipeline_version":null,"pith_extraction_headline":"","strongest_claim":"","weakest_assumption":""}},"verdict_id":null}}],"author_attestations":[],"timestamp_anchors":[],"storage_attestations":[],"citation_signatures":[],"replication_records":[],"corrections":[],"mirror_hints":[],"record_created":{"event_id":"sha256:cb3eb090f483e462cd1a2f91093447eb8639e7c8274d8f8a31e664ab30222ee9","target":"record","created_at":"2026-05-18T00:55:18Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"attestation_state":"computed","canonical_record":{"metadata":{"abstract_canon_sha256":"707d73eb66db1c3895a070c4fdfcac158b048a489eb0c3e3dca0b9aaeb319927","cross_cats_sorted":[],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2016-12-12T12:18:09Z","title_canon_sha256":"3cda67b65b7dee0a1cc632c033ab260f552003bcb52ae79193257975ff866ca2"},"schema_version":"1.0","source":{"id":"1612.03641","kind":"arxiv","version":1}},"canonical_sha256":"14338ae7760c813a7c6f1aa67c20c3ac7ec6674665152fa8c6014f68fe9bd6a9","receipt":{"algorithm":"ed25519","builder_version":"pith-number-builder-2026-05-17-v1","canonical_sha256":"14338ae7760c813a7c6f1aa67c20c3ac7ec6674665152fa8c6014f68fe9bd6a9","first_computed_at":"2026-05-18T00:55:18.696667Z","key_id":"pith-v1-2026-05","kind":"pith_receipt","last_reissued_at":"2026-05-18T00:55:18.696667Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","receipt_version":"0.3","signature_b64":"XeyACl33gFdoi2eQ4Dd1I6h98mDBHJEbRPrp8o/EtLcB7PZbw7agBmgLnXI/h6c5MVY6kj7kzFDk9PnpOxT1Ag==","signature_status":"signed_v1","signed_at":"2026-05-18T00:55:18.697334Z","signed_message":"canonical_sha256_bytes"},"source_id":"1612.03641","source_kind":"arxiv","source_version":1}}},"equivocations":[],"invalid_events":[],"applied_event_ids":["sha256:cb3eb090f483e462cd1a2f91093447eb8639e7c8274d8f8a31e664ab30222ee9","sha256:510f61f674e5f1d065e55a02d93df8097a9759ca14e2b2fabb9d0b443661cbd8"],"state_sha256":"4fec1a34afec665e184a3ec7e8e0a9b8ddf9630b4e4618fe5d33bbc112a3884c"},"bundle_signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"XOdYGcOGcsbcH/zCmqxfV4DrHMrxaBC09+Ozr6kUtbBKhc6Y0UUIYs/LmJzv2+l6HN+nw9T+jnAD3dAxS2SAAg==","signed_message":"bundle_sha256_bytes","signed_at":"2026-06-01T21:20:11.412965Z","bundle_sha256":"f31c7348e813596d5109b768ccff289086844c73a13ec1d289cbf751865a2e63"}}