{"bundle_type":"pith_open_graph_bundle","bundle_version":"1.0","pith_number":"pith:2018:EYUWE64Q6T2DUZONQWZA3WPCT2","short_pith_number":"pith:EYUWE64Q","canonical_record":{"source":{"id":"1803.04497","kind":"arxiv","version":2},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.SE","submitted_at":"2018-02-14T13:00:05Z","cross_cats_sorted":["cs.LG","stat.ML"],"title_canon_sha256":"d6f54211db9cab2f152b83175ac8066c51d5cc92f0d890e2df6a84c69d4f6ab5","abstract_canon_sha256":"0c37fe2dc1f1704b91f3238dfa657af812818a30e18ed8f0abc4475ff3814a91"},"schema_version":"1.0"},"canonical_sha256":"2629627b90f4f43a65cd85b20dd9e29e99f4a2cab5c2a8f85ecf2c0a027c9eaa","source":{"kind":"arxiv","id":"1803.04497","version":2},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1803.04497","created_at":"2026-05-18T00:09:03Z"},{"alias_kind":"arxiv_version","alias_value":"1803.04497v2","created_at":"2026-05-18T00:09:03Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1803.04497","created_at":"2026-05-18T00:09:03Z"},{"alias_kind":"pith_short_12","alias_value":"EYUWE64Q6T2D","created_at":"2026-05-18T12:32:22Z"},{"alias_kind":"pith_short_16","alias_value":"EYUWE64Q6T2DUZON","created_at":"2026-05-18T12:32:22Z"},{"alias_kind":"pith_short_8","alias_value":"EYUWE64Q","created_at":"2026-05-18T12:32:22Z"}],"events":[{"event_type":"record_created","subject_pith_number":"pith:2018:EYUWE64Q6T2DUZONQWZA3WPCT2","target":"record","payload":{"canonical_record":{"source":{"id":"1803.04497","kind":"arxiv","version":2},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.SE","submitted_at":"2018-02-14T13:00:05Z","cross_cats_sorted":["cs.LG","stat.ML"],"title_canon_sha256":"d6f54211db9cab2f152b83175ac8066c51d5cc92f0d890e2df6a84c69d4f6ab5","abstract_canon_sha256":"0c37fe2dc1f1704b91f3238dfa657af812818a30e18ed8f0abc4475ff3814a91"},"schema_version":"1.0"},"canonical_sha256":"2629627b90f4f43a65cd85b20dd9e29e99f4a2cab5c2a8f85ecf2c0a027c9eaa","receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-05-18T00:09:03.981373Z","signature_b64":"xbFhU3ndvRMwRvCAOlsl2SjImUx3P0snfXydnQjenhLmBQe0A/Lg8fcWpKifZ4goVqrOzD1/xjA2LvdZUK/xDg==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"2629627b90f4f43a65cd85b20dd9e29e99f4a2cab5c2a8f85ecf2c0a027c9eaa","last_reissued_at":"2026-05-18T00:09:03.980758Z","signature_status":"signed_v1","first_computed_at":"2026-05-18T00:09:03.980758Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"source_kind":"arxiv","source_id":"1803.04497","source_version":2,"attestation_state":"computed"},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T00:09:03Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"5Op10cvwQdIdLYepptJG6ZPcXnVNBaNNljNFR7xbRa2x7Ack5juJCj814vro8kcTqgE5342/lI4716/t2vd4DQ==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-06-01T15:40:31.020709Z"},"content_sha256":"11f549e2671a73ab0a5bba18d22f51d706f21b017ebf95e94bd2856fea163faf","schema_version":"1.0","event_id":"sha256:11f549e2671a73ab0a5bba18d22f51d706f21b017ebf95e94bd2856fea163faf"},{"event_type":"graph_snapshot","subject_pith_number":"pith:2018:EYUWE64Q6T2DUZONQWZA3WPCT2","target":"graph","payload":{"graph_snapshot":{"paper":{"title":"Automated software vulnerability detection with machine learning","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":["cs.LG","stat.ML"],"primary_cat":"cs.SE","authors_text":"Akshay Rangamani, Alan Mackay, Erik Antelman, Gabriel I. Centeno, Jacob A. Harer, Jeffrey M. Opper, Jonathan R. Key, Lei H. Hamilton, Leonard R. Kosta, Louis Y. Kim, Marc W. McConley, Onur Ozdemir, Paul M. Ellingwood, Peter Chin, Rebecca L. Russell, Tomo Lazovich","submitted_at":"2018-02-14T13:00:05Z","abstract_excerpt":"Thousands of security vulnerabilities are discovered in production software each year, either reported publicly to the Common Vulnerabilities and Exposures database or discovered internally in proprietary code. Vulnerabilities often manifest themselves in subtle ways that are not obvious to code reviewers or the developers themselves. With the wealth of open source code available for analysis, there is an opportunity to learn the patterns of bugs that can lead to security vulnerabilities directly from data. In this paper, we present a data-driven approach to vulnerability detection using machi"},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1803.04497","kind":"arxiv","version":2},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"verdict_id":null},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T00:09:03Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"OtFPsAyiPuRdCg2MB0z1esTakP9qYx6lShSl2crcx2kcktnr529CFLOHRadfww0qhdvvj+CJkIUWdcccaQogAg==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-06-01T15:40:31.021331Z"},"content_sha256":"8bf9f88f447fe8a47e3b4b978a08d2ad5d999fe2a71ea0cd51603a1c9b89a562","schema_version":"1.0","event_id":"sha256:8bf9f88f447fe8a47e3b4b978a08d2ad5d999fe2a71ea0cd51603a1c9b89a562"}],"timestamp_proofs":[],"mirror_hints":[{"mirror_type":"https","name":"Pith Resolver","base_url":"https://pith.science","bundle_url":"https://pith.science/pith/EYUWE64Q6T2DUZONQWZA3WPCT2/bundle.json","state_url":"https://pith.science/pith/EYUWE64Q6T2DUZONQWZA3WPCT2/state.json","well_known_bundle_url":"https://pith.science/.well-known/pith/EYUWE64Q6T2DUZONQWZA3WPCT2/bundle.json","status":"primary"}],"public_keys":[{"key_id":"pith-v1-2026-05","algorithm":"ed25519","format":"raw","public_key_b64":"stVStoiQhXFxp4s2pdzPNoqVNBMojDU/fJ2db5S3CbM=","public_key_hex":"b2d552b68890857171a78b36a5dccf368a953413288c353f7c9d9d6f94b709b3","fingerprint_sha256_b32_first128bits":"RVFV5Z2OI2J3ZUO7ERDEBCYNKS","fingerprint_sha256_hex":"8d4b5ee74e4693bcd1df2446408b0d54","rotates_at":null,"url":"https://pith.science/pith-signing-key.json","notes":"Pith uses this Ed25519 key to sign canonical record SHA-256 digests. Verify with: ed25519_verify(public_key, message=canonical_sha256_bytes, signature=base64decode(signature_b64))."}],"merge_version":"pith-open-graph-merge-v1","built_at":"2026-06-01T15:40:31Z","links":{"resolver":"https://pith.science/pith/EYUWE64Q6T2DUZONQWZA3WPCT2","bundle":"https://pith.science/pith/EYUWE64Q6T2DUZONQWZA3WPCT2/bundle.json","state":"https://pith.science/pith/EYUWE64Q6T2DUZONQWZA3WPCT2/state.json","well_known_bundle":"https://pith.science/.well-known/pith/EYUWE64Q6T2DUZONQWZA3WPCT2/bundle.json"},"state":{"state_type":"pith_open_graph_state","state_version":"1.0","pith_number":"pith:2018:EYUWE64Q6T2DUZONQWZA3WPCT2","merge_version":"pith-open-graph-merge-v1","event_count":2,"valid_event_count":2,"invalid_event_count":0,"equivocation_count":0,"current":{"canonical_record":{"metadata":{"abstract_canon_sha256":"0c37fe2dc1f1704b91f3238dfa657af812818a30e18ed8f0abc4475ff3814a91","cross_cats_sorted":["cs.LG","stat.ML"],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.SE","submitted_at":"2018-02-14T13:00:05Z","title_canon_sha256":"d6f54211db9cab2f152b83175ac8066c51d5cc92f0d890e2df6a84c69d4f6ab5"},"schema_version":"1.0","source":{"id":"1803.04497","kind":"arxiv","version":2}},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1803.04497","created_at":"2026-05-18T00:09:03Z"},{"alias_kind":"arxiv_version","alias_value":"1803.04497v2","created_at":"2026-05-18T00:09:03Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1803.04497","created_at":"2026-05-18T00:09:03Z"},{"alias_kind":"pith_short_12","alias_value":"EYUWE64Q6T2D","created_at":"2026-05-18T12:32:22Z"},{"alias_kind":"pith_short_16","alias_value":"EYUWE64Q6T2DUZON","created_at":"2026-05-18T12:32:22Z"},{"alias_kind":"pith_short_8","alias_value":"EYUWE64Q","created_at":"2026-05-18T12:32:22Z"}],"graph_snapshots":[{"event_id":"sha256:8bf9f88f447fe8a47e3b4b978a08d2ad5d999fe2a71ea0cd51603a1c9b89a562","target":"graph","created_at":"2026-05-18T00:09:03Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"graph_snapshot":{"author_claims":{"count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","strong_count":0},"builder_version":"pith-number-builder-2026-05-17-v1","claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"paper":{"abstract_excerpt":"Thousands of security vulnerabilities are discovered in production software each year, either reported publicly to the Common Vulnerabilities and Exposures database or discovered internally in proprietary code. Vulnerabilities often manifest themselves in subtle ways that are not obvious to code reviewers or the developers themselves. With the wealth of open source code available for analysis, there is an opportunity to learn the patterns of bugs that can lead to security vulnerabilities directly from data. In this paper, we present a data-driven approach to vulnerability detection using machi","authors_text":"Akshay Rangamani, Alan Mackay, Erik Antelman, Gabriel I. Centeno, Jacob A. Harer, Jeffrey M. Opper, Jonathan R. Key, Lei H. Hamilton, Leonard R. Kosta, Louis Y. Kim, Marc W. McConley, Onur Ozdemir, Paul M. Ellingwood, Peter Chin, Rebecca L. Russell, Tomo Lazovich","cross_cats":["cs.LG","stat.ML"],"headline":"","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.SE","submitted_at":"2018-02-14T13:00:05Z","title":"Automated software vulnerability detection with machine learning"},"references":{"count":0,"internal_anchors":0,"resolved_work":0,"sample":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1803.04497","kind":"arxiv","version":2},"verdict":{"created_at":null,"id":null,"model_set":{},"one_line_summary":"","pipeline_version":null,"pith_extraction_headline":"","strongest_claim":"","weakest_assumption":""}},"verdict_id":null}}],"author_attestations":[],"timestamp_anchors":[],"storage_attestations":[],"citation_signatures":[],"replication_records":[],"corrections":[],"mirror_hints":[],"record_created":{"event_id":"sha256:11f549e2671a73ab0a5bba18d22f51d706f21b017ebf95e94bd2856fea163faf","target":"record","created_at":"2026-05-18T00:09:03Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"attestation_state":"computed","canonical_record":{"metadata":{"abstract_canon_sha256":"0c37fe2dc1f1704b91f3238dfa657af812818a30e18ed8f0abc4475ff3814a91","cross_cats_sorted":["cs.LG","stat.ML"],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.SE","submitted_at":"2018-02-14T13:00:05Z","title_canon_sha256":"d6f54211db9cab2f152b83175ac8066c51d5cc92f0d890e2df6a84c69d4f6ab5"},"schema_version":"1.0","source":{"id":"1803.04497","kind":"arxiv","version":2}},"canonical_sha256":"2629627b90f4f43a65cd85b20dd9e29e99f4a2cab5c2a8f85ecf2c0a027c9eaa","receipt":{"algorithm":"ed25519","builder_version":"pith-number-builder-2026-05-17-v1","canonical_sha256":"2629627b90f4f43a65cd85b20dd9e29e99f4a2cab5c2a8f85ecf2c0a027c9eaa","first_computed_at":"2026-05-18T00:09:03.980758Z","key_id":"pith-v1-2026-05","kind":"pith_receipt","last_reissued_at":"2026-05-18T00:09:03.980758Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","receipt_version":"0.3","signature_b64":"xbFhU3ndvRMwRvCAOlsl2SjImUx3P0snfXydnQjenhLmBQe0A/Lg8fcWpKifZ4goVqrOzD1/xjA2LvdZUK/xDg==","signature_status":"signed_v1","signed_at":"2026-05-18T00:09:03.981373Z","signed_message":"canonical_sha256_bytes"},"source_id":"1803.04497","source_kind":"arxiv","source_version":2}}},"equivocations":[],"invalid_events":[],"applied_event_ids":["sha256:11f549e2671a73ab0a5bba18d22f51d706f21b017ebf95e94bd2856fea163faf","sha256:8bf9f88f447fe8a47e3b4b978a08d2ad5d999fe2a71ea0cd51603a1c9b89a562"],"state_sha256":"f0eb4505d34a99a498189b981af440749fd9cc6149af5250ce22a85ee5152f7f"},"bundle_signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"kGRgA6SiMQcAquunz8v1NwmXgHuIg4eeA7Xmct6eQK/b1/LC4HiZO++nYrLlmun+NmI8w3OEzlxsp87dgMFNBw==","signed_message":"bundle_sha256_bytes","signed_at":"2026-06-01T15:40:31.026916Z","bundle_sha256":"cb55ca7d34d1a78c9bcbe754b382c293f829b42610486a0489e3355c56d76537"}}