{"bundle_type":"pith_open_graph_bundle","bundle_version":"1.0","pith_number":"pith:2017:IADARVRWBXQPHIDWOK3L66VQJV","short_pith_number":"pith:IADARVRW","canonical_record":{"source":{"id":"1711.11008","kind":"arxiv","version":1},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2017-11-29T18:33:27Z","cross_cats_sorted":[],"title_canon_sha256":"67feb25c94e45fe1395ed60b2d3f0d0d1450117eda79c09c8f259de08174ef93","abstract_canon_sha256":"915fcac74ba0a97823435688a926ecf142d86422d3ae19f092f9338f9b010896"},"schema_version":"1.0"},"canonical_sha256":"400608d6360de0f3a07672b6bf7ab04d6b6e6e75124727623ae579d256064874","source":{"kind":"arxiv","id":"1711.11008","version":1},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1711.11008","created_at":"2026-05-18T00:29:16Z"},{"alias_kind":"arxiv_version","alias_value":"1711.11008v1","created_at":"2026-05-18T00:29:16Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1711.11008","created_at":"2026-05-18T00:29:16Z"},{"alias_kind":"pith_short_12","alias_value":"IADARVRWBXQP","created_at":"2026-05-18T12:31:21Z"},{"alias_kind":"pith_short_16","alias_value":"IADARVRWBXQPHIDW","created_at":"2026-05-18T12:31:21Z"},{"alias_kind":"pith_short_8","alias_value":"IADARVRW","created_at":"2026-05-18T12:31:21Z"}],"events":[{"event_type":"record_created","subject_pith_number":"pith:2017:IADARVRWBXQPHIDWOK3L66VQJV","target":"record","payload":{"canonical_record":{"source":{"id":"1711.11008","kind":"arxiv","version":1},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2017-11-29T18:33:27Z","cross_cats_sorted":[],"title_canon_sha256":"67feb25c94e45fe1395ed60b2d3f0d0d1450117eda79c09c8f259de08174ef93","abstract_canon_sha256":"915fcac74ba0a97823435688a926ecf142d86422d3ae19f092f9338f9b010896"},"schema_version":"1.0"},"canonical_sha256":"400608d6360de0f3a07672b6bf7ab04d6b6e6e75124727623ae579d256064874","receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-05-18T00:29:16.236177Z","signature_b64":"MpnC4z83lhVpMSMY/+qHgS9JZck3EmOGoTsmF3/2M/BQv+mbZkGPYP1iBbIejv3ti35eRYhbrHBRtZRPo9t6DQ==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"400608d6360de0f3a07672b6bf7ab04d6b6e6e75124727623ae579d256064874","last_reissued_at":"2026-05-18T00:29:16.235570Z","signature_status":"signed_v1","first_computed_at":"2026-05-18T00:29:16.235570Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"source_kind":"arxiv","source_id":"1711.11008","source_version":1,"attestation_state":"computed"},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T00:29:16Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"g2VdqWkUnb7PKCi0VkpF0iH3h8rI0xR15BpkG5Y8PS6hO7NfAgZkErGlr5bgSN5I5W5gZGd1UH4klrOLll19CQ==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-06-06T20:10:51.517911Z"},"content_sha256":"a85253c1d48ed10b134812fef5ec0e314e238a6bed26045f4dc9b049fc16d529","schema_version":"1.0","event_id":"sha256:a85253c1d48ed10b134812fef5ec0e314e238a6bed26045f4dc9b049fc16d529"},{"event_type":"graph_snapshot","subject_pith_number":"pith:2017:IADARVRWBXQPHIDWOK3L66VQJV","target":"graph","payload":{"graph_snapshot":{"paper":{"title":"Security Risks in Deep Learning Implementations","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":[],"primary_cat":"cs.CR","authors_text":"Deyue Zhang, Kang Li, Qixue Xiao, Weilin Xu","submitted_at":"2017-11-29T18:33:27Z","abstract_excerpt":"Advance in deep learning algorithms overshadows their security risk in software implementations. This paper discloses a set of vulnerabilities in popular deep learning frameworks including Caffe, TensorFlow, and Torch. Contrast to the small code size of deep learning models, these deep learning frameworks are complex and contain heavy dependencies on numerous open source packages. This paper considers the risks caused by these vulnerabilities by studying their impact on common deep learning applications such as voice recognition and image classifications. By exploiting these framework implemen"},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1711.11008","kind":"arxiv","version":1},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"verdict_id":null},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T00:29:16Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"zLV1D6IB7HGoWeem2D5p4bc5EYnpFhKqDa0yksauyy57QIo6MMMY3EaaWZyoA1QknT3AFz7CZxgXNxrFf3PMBQ==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-06-06T20:10:51.518641Z"},"content_sha256":"5d789916954650ce0c82561c81941514a5a32d1e6bef03c3322db8f4c672bbe3","schema_version":"1.0","event_id":"sha256:5d789916954650ce0c82561c81941514a5a32d1e6bef03c3322db8f4c672bbe3"}],"timestamp_proofs":[],"mirror_hints":[{"mirror_type":"https","name":"Pith Resolver","base_url":"https://pith.science","bundle_url":"https://pith.science/pith/IADARVRWBXQPHIDWOK3L66VQJV/bundle.json","state_url":"https://pith.science/pith/IADARVRWBXQPHIDWOK3L66VQJV/state.json","well_known_bundle_url":"https://pith.science/.well-known/pith/IADARVRWBXQPHIDWOK3L66VQJV/bundle.json","status":"primary"}],"public_keys":[{"key_id":"pith-v1-2026-05","algorithm":"ed25519","format":"raw","public_key_b64":"stVStoiQhXFxp4s2pdzPNoqVNBMojDU/fJ2db5S3CbM=","public_key_hex":"b2d552b68890857171a78b36a5dccf368a953413288c353f7c9d9d6f94b709b3","fingerprint_sha256_b32_first128bits":"RVFV5Z2OI2J3ZUO7ERDEBCYNKS","fingerprint_sha256_hex":"8d4b5ee74e4693bcd1df2446408b0d54","rotates_at":null,"url":"https://pith.science/pith-signing-key.json","notes":"Pith uses this Ed25519 key to sign canonical record SHA-256 digests. Verify with: ed25519_verify(public_key, message=canonical_sha256_bytes, signature=base64decode(signature_b64))."}],"merge_version":"pith-open-graph-merge-v1","built_at":"2026-06-06T20:10:51Z","links":{"resolver":"https://pith.science/pith/IADARVRWBXQPHIDWOK3L66VQJV","bundle":"https://pith.science/pith/IADARVRWBXQPHIDWOK3L66VQJV/bundle.json","state":"https://pith.science/pith/IADARVRWBXQPHIDWOK3L66VQJV/state.json","well_known_bundle":"https://pith.science/.well-known/pith/IADARVRWBXQPHIDWOK3L66VQJV/bundle.json"},"state":{"state_type":"pith_open_graph_state","state_version":"1.0","pith_number":"pith:2017:IADARVRWBXQPHIDWOK3L66VQJV","merge_version":"pith-open-graph-merge-v1","event_count":2,"valid_event_count":2,"invalid_event_count":0,"equivocation_count":0,"current":{"canonical_record":{"metadata":{"abstract_canon_sha256":"915fcac74ba0a97823435688a926ecf142d86422d3ae19f092f9338f9b010896","cross_cats_sorted":[],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2017-11-29T18:33:27Z","title_canon_sha256":"67feb25c94e45fe1395ed60b2d3f0d0d1450117eda79c09c8f259de08174ef93"},"schema_version":"1.0","source":{"id":"1711.11008","kind":"arxiv","version":1}},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1711.11008","created_at":"2026-05-18T00:29:16Z"},{"alias_kind":"arxiv_version","alias_value":"1711.11008v1","created_at":"2026-05-18T00:29:16Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1711.11008","created_at":"2026-05-18T00:29:16Z"},{"alias_kind":"pith_short_12","alias_value":"IADARVRWBXQP","created_at":"2026-05-18T12:31:21Z"},{"alias_kind":"pith_short_16","alias_value":"IADARVRWBXQPHIDW","created_at":"2026-05-18T12:31:21Z"},{"alias_kind":"pith_short_8","alias_value":"IADARVRW","created_at":"2026-05-18T12:31:21Z"}],"graph_snapshots":[{"event_id":"sha256:5d789916954650ce0c82561c81941514a5a32d1e6bef03c3322db8f4c672bbe3","target":"graph","created_at":"2026-05-18T00:29:16Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"graph_snapshot":{"author_claims":{"count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","strong_count":0},"builder_version":"pith-number-builder-2026-05-17-v1","claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"paper":{"abstract_excerpt":"Advance in deep learning algorithms overshadows their security risk in software implementations. This paper discloses a set of vulnerabilities in popular deep learning frameworks including Caffe, TensorFlow, and Torch. Contrast to the small code size of deep learning models, these deep learning frameworks are complex and contain heavy dependencies on numerous open source packages. This paper considers the risks caused by these vulnerabilities by studying their impact on common deep learning applications such as voice recognition and image classifications. By exploiting these framework implemen","authors_text":"Deyue Zhang, Kang Li, Qixue Xiao, Weilin Xu","cross_cats":[],"headline":"","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2017-11-29T18:33:27Z","title":"Security Risks in Deep Learning Implementations"},"references":{"count":0,"internal_anchors":0,"resolved_work":0,"sample":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1711.11008","kind":"arxiv","version":1},"verdict":{"created_at":null,"id":null,"model_set":{},"one_line_summary":"","pipeline_version":null,"pith_extraction_headline":"","strongest_claim":"","weakest_assumption":""}},"verdict_id":null}}],"author_attestations":[],"timestamp_anchors":[],"storage_attestations":[],"citation_signatures":[],"replication_records":[],"corrections":[],"mirror_hints":[],"record_created":{"event_id":"sha256:a85253c1d48ed10b134812fef5ec0e314e238a6bed26045f4dc9b049fc16d529","target":"record","created_at":"2026-05-18T00:29:16Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"attestation_state":"computed","canonical_record":{"metadata":{"abstract_canon_sha256":"915fcac74ba0a97823435688a926ecf142d86422d3ae19f092f9338f9b010896","cross_cats_sorted":[],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2017-11-29T18:33:27Z","title_canon_sha256":"67feb25c94e45fe1395ed60b2d3f0d0d1450117eda79c09c8f259de08174ef93"},"schema_version":"1.0","source":{"id":"1711.11008","kind":"arxiv","version":1}},"canonical_sha256":"400608d6360de0f3a07672b6bf7ab04d6b6e6e75124727623ae579d256064874","receipt":{"algorithm":"ed25519","builder_version":"pith-number-builder-2026-05-17-v1","canonical_sha256":"400608d6360de0f3a07672b6bf7ab04d6b6e6e75124727623ae579d256064874","first_computed_at":"2026-05-18T00:29:16.235570Z","key_id":"pith-v1-2026-05","kind":"pith_receipt","last_reissued_at":"2026-05-18T00:29:16.235570Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","receipt_version":"0.3","signature_b64":"MpnC4z83lhVpMSMY/+qHgS9JZck3EmOGoTsmF3/2M/BQv+mbZkGPYP1iBbIejv3ti35eRYhbrHBRtZRPo9t6DQ==","signature_status":"signed_v1","signed_at":"2026-05-18T00:29:16.236177Z","signed_message":"canonical_sha256_bytes"},"source_id":"1711.11008","source_kind":"arxiv","source_version":1}}},"equivocations":[],"invalid_events":[],"applied_event_ids":["sha256:a85253c1d48ed10b134812fef5ec0e314e238a6bed26045f4dc9b049fc16d529","sha256:5d789916954650ce0c82561c81941514a5a32d1e6bef03c3322db8f4c672bbe3"],"state_sha256":"ffe4b78b6892d6a8a5da22833a01877750a4584765451a8e549140fe19885385"},"bundle_signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"tms8nXo4myN4mE9F2njIVoKJnwjUggD+dvsgKb+j3Guek/04BrFb2vU5cwqqkMzYC97E1xwmAPsVHz3eCTv1Bg==","signed_message":"bundle_sha256_bytes","signed_at":"2026-06-06T20:10:51.522636Z","bundle_sha256":"a435a9427bbc06f9bab78e5b39eaade8c2cf4027bd73df9e16bef8e633e58d40"}}