{"bundle_type":"pith_open_graph_bundle","bundle_version":"1.0","pith_number":"pith:2016:G3R3GEUXSKPQOA4I2V3JJYNOIV","short_pith_number":"pith:G3R3GEUX","canonical_record":{"source":{"id":"1606.04662","kind":"arxiv","version":1},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2016-06-15T07:33:38Z","cross_cats_sorted":[],"title_canon_sha256":"cd82d96da072fa52b9062f1b10048431c86f0e3e36949ccdae57df45c3d1127c","abstract_canon_sha256":"603c507864f585727ddcbb0f033f80b3b1fb1b0eec3a6354d8d9cd06b17f420a"},"schema_version":"1.0"},"canonical_sha256":"36e3b31297929f070388d57694e1ae45712ab236a7d1fa0fd2a3d6604108020b","source":{"kind":"arxiv","id":"1606.04662","version":1},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1606.04662","created_at":"2026-05-18T01:12:24Z"},{"alias_kind":"arxiv_version","alias_value":"1606.04662v1","created_at":"2026-05-18T01:12:24Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1606.04662","created_at":"2026-05-18T01:12:24Z"},{"alias_kind":"pith_short_12","alias_value":"G3R3GEUXSKPQ","created_at":"2026-05-18T12:30:15Z"},{"alias_kind":"pith_short_16","alias_value":"G3R3GEUXSKPQOA4I","created_at":"2026-05-18T12:30:15Z"},{"alias_kind":"pith_short_8","alias_value":"G3R3GEUX","created_at":"2026-05-18T12:30:15Z"}],"events":[{"event_type":"record_created","subject_pith_number":"pith:2016:G3R3GEUXSKPQOA4I2V3JJYNOIV","target":"record","payload":{"canonical_record":{"source":{"id":"1606.04662","kind":"arxiv","version":1},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2016-06-15T07:33:38Z","cross_cats_sorted":[],"title_canon_sha256":"cd82d96da072fa52b9062f1b10048431c86f0e3e36949ccdae57df45c3d1127c","abstract_canon_sha256":"603c507864f585727ddcbb0f033f80b3b1fb1b0eec3a6354d8d9cd06b17f420a"},"schema_version":"1.0"},"canonical_sha256":"36e3b31297929f070388d57694e1ae45712ab236a7d1fa0fd2a3d6604108020b","receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-05-18T01:12:24.617157Z","signature_b64":"h2zE5YG4B6nZDSlUynKzv+lw3ds6g/0l7+k6I5ydfM8h9bY1uin2PaPOSGqAH0vM3IxfGt6zibvIvO2Xg+48Bw==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"36e3b31297929f070388d57694e1ae45712ab236a7d1fa0fd2a3d6604108020b","last_reissued_at":"2026-05-18T01:12:24.616834Z","signature_status":"signed_v1","first_computed_at":"2026-05-18T01:12:24.616834Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"source_kind":"arxiv","source_id":"1606.04662","source_version":1,"attestation_state":"computed"},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T01:12:24Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"ln/x2ZwvLCSKON3uM+WQeYkD747FIFOGlh5AlwKuab0w4pSv/9Da7JHVOW0vwZvxaQ3ZKlYm/sjkkpM1qPQ6DA==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-05-31T01:02:58.479188Z"},"content_sha256":"3663f18c2d4a5bf0aa743927949ecca877f5bcf65a47330a86531b497dc40db9","schema_version":"1.0","event_id":"sha256:3663f18c2d4a5bf0aa743927949ecca877f5bcf65a47330a86531b497dc40db9"},{"event_type":"graph_snapshot","subject_pith_number":"pith:2016:G3R3GEUXSKPQOA4I2V3JJYNOIV","target":"graph","payload":{"graph_snapshot":{"paper":{"title":"Acceleration of Statistical Detection of Zero-day Malware in the Memory Dump Using CUDA-enabled GPU Hardware","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":[],"primary_cat":"cs.CR","authors_text":"Igor Korkin, Iwan Nesterow","submitted_at":"2016-06-15T07:33:38Z","abstract_excerpt":"This paper focuses on the anticipatory enhancement of methods of detecting stealth software. Cyber security detection tools are insufficiently powerful to reveal the most recent cyber-attacks which use malware. In this paper, we will present first an idea of the highest stealth malware, as this is the most complicated scenario for detection because it combines both existing anti-forensic techniques together with their potential improvements. Second, we present new detection methods, which are resilient to this hidden prototype. To help solve this detection challenge, we have analyzed Windows m"},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1606.04662","kind":"arxiv","version":1},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"verdict_id":null},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T01:12:24Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"ZEc0U+tKYCQ3Q/eLSqcSY9if2bQdJHg9G/JTAIGz67ImdIsoGFwg/aNVy0iRKGT1VXWI/3PPdyhS7ReU26YHBQ==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-05-31T01:02:58.479949Z"},"content_sha256":"328a96a24b548148e0cf86718a981ee0e8b7a4d6b5f1f032366adf5d4481369c","schema_version":"1.0","event_id":"sha256:328a96a24b548148e0cf86718a981ee0e8b7a4d6b5f1f032366adf5d4481369c"}],"timestamp_proofs":[],"mirror_hints":[{"mirror_type":"https","name":"Pith Resolver","base_url":"https://pith.science","bundle_url":"https://pith.science/pith/G3R3GEUXSKPQOA4I2V3JJYNOIV/bundle.json","state_url":"https://pith.science/pith/G3R3GEUXSKPQOA4I2V3JJYNOIV/state.json","well_known_bundle_url":"https://pith.science/.well-known/pith/G3R3GEUXSKPQOA4I2V3JJYNOIV/bundle.json","status":"primary"}],"public_keys":[{"key_id":"pith-v1-2026-05","algorithm":"ed25519","format":"raw","public_key_b64":"stVStoiQhXFxp4s2pdzPNoqVNBMojDU/fJ2db5S3CbM=","public_key_hex":"b2d552b68890857171a78b36a5dccf368a953413288c353f7c9d9d6f94b709b3","fingerprint_sha256_b32_first128bits":"RVFV5Z2OI2J3ZUO7ERDEBCYNKS","fingerprint_sha256_hex":"8d4b5ee74e4693bcd1df2446408b0d54","rotates_at":null,"url":"https://pith.science/pith-signing-key.json","notes":"Pith uses this Ed25519 key to sign canonical record SHA-256 digests. Verify with: ed25519_verify(public_key, message=canonical_sha256_bytes, signature=base64decode(signature_b64))."}],"merge_version":"pith-open-graph-merge-v1","built_at":"2026-05-31T01:02:58Z","links":{"resolver":"https://pith.science/pith/G3R3GEUXSKPQOA4I2V3JJYNOIV","bundle":"https://pith.science/pith/G3R3GEUXSKPQOA4I2V3JJYNOIV/bundle.json","state":"https://pith.science/pith/G3R3GEUXSKPQOA4I2V3JJYNOIV/state.json","well_known_bundle":"https://pith.science/.well-known/pith/G3R3GEUXSKPQOA4I2V3JJYNOIV/bundle.json"},"state":{"state_type":"pith_open_graph_state","state_version":"1.0","pith_number":"pith:2016:G3R3GEUXSKPQOA4I2V3JJYNOIV","merge_version":"pith-open-graph-merge-v1","event_count":2,"valid_event_count":2,"invalid_event_count":0,"equivocation_count":0,"current":{"canonical_record":{"metadata":{"abstract_canon_sha256":"603c507864f585727ddcbb0f033f80b3b1fb1b0eec3a6354d8d9cd06b17f420a","cross_cats_sorted":[],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2016-06-15T07:33:38Z","title_canon_sha256":"cd82d96da072fa52b9062f1b10048431c86f0e3e36949ccdae57df45c3d1127c"},"schema_version":"1.0","source":{"id":"1606.04662","kind":"arxiv","version":1}},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1606.04662","created_at":"2026-05-18T01:12:24Z"},{"alias_kind":"arxiv_version","alias_value":"1606.04662v1","created_at":"2026-05-18T01:12:24Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1606.04662","created_at":"2026-05-18T01:12:24Z"},{"alias_kind":"pith_short_12","alias_value":"G3R3GEUXSKPQ","created_at":"2026-05-18T12:30:15Z"},{"alias_kind":"pith_short_16","alias_value":"G3R3GEUXSKPQOA4I","created_at":"2026-05-18T12:30:15Z"},{"alias_kind":"pith_short_8","alias_value":"G3R3GEUX","created_at":"2026-05-18T12:30:15Z"}],"graph_snapshots":[{"event_id":"sha256:328a96a24b548148e0cf86718a981ee0e8b7a4d6b5f1f032366adf5d4481369c","target":"graph","created_at":"2026-05-18T01:12:24Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"graph_snapshot":{"author_claims":{"count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","strong_count":0},"builder_version":"pith-number-builder-2026-05-17-v1","claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"paper":{"abstract_excerpt":"This paper focuses on the anticipatory enhancement of methods of detecting stealth software. Cyber security detection tools are insufficiently powerful to reveal the most recent cyber-attacks which use malware. In this paper, we will present first an idea of the highest stealth malware, as this is the most complicated scenario for detection because it combines both existing anti-forensic techniques together with their potential improvements. Second, we present new detection methods, which are resilient to this hidden prototype. To help solve this detection challenge, we have analyzed Windows m","authors_text":"Igor Korkin, Iwan Nesterow","cross_cats":[],"headline":"","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2016-06-15T07:33:38Z","title":"Acceleration of Statistical Detection of Zero-day Malware in the Memory Dump Using CUDA-enabled GPU Hardware"},"references":{"count":0,"internal_anchors":0,"resolved_work":0,"sample":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1606.04662","kind":"arxiv","version":1},"verdict":{"created_at":null,"id":null,"model_set":{},"one_line_summary":"","pipeline_version":null,"pith_extraction_headline":"","strongest_claim":"","weakest_assumption":""}},"verdict_id":null}}],"author_attestations":[],"timestamp_anchors":[],"storage_attestations":[],"citation_signatures":[],"replication_records":[],"corrections":[],"mirror_hints":[],"record_created":{"event_id":"sha256:3663f18c2d4a5bf0aa743927949ecca877f5bcf65a47330a86531b497dc40db9","target":"record","created_at":"2026-05-18T01:12:24Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"attestation_state":"computed","canonical_record":{"metadata":{"abstract_canon_sha256":"603c507864f585727ddcbb0f033f80b3b1fb1b0eec3a6354d8d9cd06b17f420a","cross_cats_sorted":[],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2016-06-15T07:33:38Z","title_canon_sha256":"cd82d96da072fa52b9062f1b10048431c86f0e3e36949ccdae57df45c3d1127c"},"schema_version":"1.0","source":{"id":"1606.04662","kind":"arxiv","version":1}},"canonical_sha256":"36e3b31297929f070388d57694e1ae45712ab236a7d1fa0fd2a3d6604108020b","receipt":{"algorithm":"ed25519","builder_version":"pith-number-builder-2026-05-17-v1","canonical_sha256":"36e3b31297929f070388d57694e1ae45712ab236a7d1fa0fd2a3d6604108020b","first_computed_at":"2026-05-18T01:12:24.616834Z","key_id":"pith-v1-2026-05","kind":"pith_receipt","last_reissued_at":"2026-05-18T01:12:24.616834Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","receipt_version":"0.3","signature_b64":"h2zE5YG4B6nZDSlUynKzv+lw3ds6g/0l7+k6I5ydfM8h9bY1uin2PaPOSGqAH0vM3IxfGt6zibvIvO2Xg+48Bw==","signature_status":"signed_v1","signed_at":"2026-05-18T01:12:24.617157Z","signed_message":"canonical_sha256_bytes"},"source_id":"1606.04662","source_kind":"arxiv","source_version":1}}},"equivocations":[],"invalid_events":[],"applied_event_ids":["sha256:3663f18c2d4a5bf0aa743927949ecca877f5bcf65a47330a86531b497dc40db9","sha256:328a96a24b548148e0cf86718a981ee0e8b7a4d6b5f1f032366adf5d4481369c"],"state_sha256":"79423fee31fd4eb80816aa44029c96bbbcdeef860fd86dd9013067a09f650f14"},"bundle_signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"s+QGsnBCfYjXWUBEWoND78GvETZbMLO2hxMLC/Uuz2XD8mP30fMAAKJFiWvHXLOBd3e/bW/N6qLY/5AM96vEBA==","signed_message":"bundle_sha256_bytes","signed_at":"2026-05-31T01:02:58.484021Z","bundle_sha256":"e5a7e9b99f869443f53410c5a5709285c243de962c90daffc28ad9f5d2507947"}}