{"record_type":"pith_number_record","schema_url":"https://pith.science/schemas/pith-number/v1.json","pith_number":"pith:2022:IIDNMIIHC32FET72F6Y6RZORAL","short_pith_number":"pith:IIDNMIIH","schema_version":"1.0","canonical_sha256":"4206d6210716f4524ffa2fb1e8e5d102fd3ee9b146047b3230c11f56ddc64262","source":{"kind":"arxiv","id":"2211.00441","version":1},"attestation_state":"computed","paper":{"title":"Zero Day Threat Detection Using Metric Learning Autoencoders","license":"http://creativecommons.org/licenses/by-nc-nd/4.0/","headline":"","cross_cats":["cs.AI","cs.LG"],"primary_cat":"cs.CR","authors_text":"Aaron Shaha, Abdul Rahman, Christopher Redino, Dhruv Nandakumar, Edward Bowen, Joe Nehila, Kevin Choi, Marc Vucovich, Matthew Weeks, Robert Schiller","submitted_at":"2022-11-01T13:12:20Z","abstract_excerpt":"The proliferation of zero-day threats (ZDTs) to companies' networks has been immensely costly and requires novel methods to scan traffic for malicious behavior at massive scale. The diverse nature of normal behavior along with the huge landscape of attack types makes deep learning methods an attractive option for their ability to capture highly-nonlinear behavior patterns. In this paper, the authors demonstrate an improvement upon a previously introduced methodology, which used a dual-autoencoder approach to identify ZDTs in network flow telemetry. In addition to the previously-introduced asse"},"verification_status":{"content_addressed":true,"pith_receipt":true,"author_attested":false,"weak_author_claims":0,"strong_author_claims":0,"externally_anchored":false,"storage_verified":false,"citation_signatures":0,"replication_records":0,"graph_snapshot":true,"references_resolved":false,"formal_links_present":false},"canonical_record":{"source":{"id":"2211.00441","kind":"arxiv","version":1},"metadata":{"license":"http://creativecommons.org/licenses/by-nc-nd/4.0/","primary_cat":"cs.CR","submitted_at":"2022-11-01T13:12:20Z","cross_cats_sorted":["cs.AI","cs.LG"],"title_canon_sha256":"de038241a797e9dbfc2da169df4f4b80670090c0a17a67a26a2015938cd4dcde","abstract_canon_sha256":"b49dbbe52b548ebf4384a7abf2ac77ed630283d127f00335eba8e9219fc1f542"},"schema_version":"1.0"},"receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-07-05T05:12:22.646905Z","signature_b64":"NVl1/jg6qAaxDrHLlKkLfkxFRdCbKRuqfDZNngGsKu1STBcVaxhaIKEb9ND1Xk8aPUdRzsmr75qTKR2v2LMAAQ==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"4206d6210716f4524ffa2fb1e8e5d102fd3ee9b146047b3230c11f56ddc64262","last_reissued_at":"2026-07-05T05:12:22.646429Z","signature_status":"signed_v1","first_computed_at":"2026-07-05T05:12:22.646429Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"graph_snapshot":{"paper":{"title":"Zero Day Threat Detection Using Metric Learning Autoencoders","license":"http://creativecommons.org/licenses/by-nc-nd/4.0/","headline":"","cross_cats":["cs.AI","cs.LG"],"primary_cat":"cs.CR","authors_text":"Aaron Shaha, Abdul Rahman, Christopher Redino, Dhruv Nandakumar, Edward Bowen, Joe Nehila, Kevin Choi, Marc Vucovich, Matthew Weeks, Robert Schiller","submitted_at":"2022-11-01T13:12:20Z","abstract_excerpt":"The proliferation of zero-day threats (ZDTs) to companies' networks has been immensely costly and requires novel methods to scan traffic for malicious behavior at massive scale. The diverse nature of normal behavior along with the huge landscape of attack types makes deep learning methods an attractive option for their ability to capture highly-nonlinear behavior patterns. In this paper, the authors demonstrate an improvement upon a previously introduced methodology, which used a dual-autoencoder approach to identify ZDTs in network flow telemetry. In addition to the previously-introduced asse"},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"2211.00441","kind":"arxiv","version":1},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"integrity":{"clean":true,"summary":{"advisory":0,"critical":0,"by_detector":{},"informational":0},"endpoint":"/pith/2211.00441/integrity.json","findings":[],"available":true,"detectors_run":[],"snapshot_sha256":"c28c3603d3b5d939e8dc4c7e95fa8dfce3d595e45f758748cecf8e644a296938"},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"aliases":[{"alias_kind":"arxiv","alias_value":"2211.00441","created_at":"2026-07-05T05:12:22.646486+00:00"},{"alias_kind":"arxiv_version","alias_value":"2211.00441v1","created_at":"2026-07-05T05:12:22.646486+00:00"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.2211.00441","created_at":"2026-07-05T05:12:22.646486+00:00"},{"alias_kind":"pith_short_12","alias_value":"IIDNMIIHC32F","created_at":"2026-07-05T05:12:22.646486+00:00"},{"alias_kind":"pith_short_16","alias_value":"IIDNMIIHC32FET72","created_at":"2026-07-05T05:12:22.646486+00:00"},{"alias_kind":"pith_short_8","alias_value":"IIDNMIIH","created_at":"2026-07-05T05:12:22.646486+00:00"}],"events":[],"event_summary":{},"paper_claims":[],"inbound_citations":{"count":1,"internal_anchor_count":0,"sample":[{"citing_arxiv_id":"2603.23459","citing_title":"CSTS: A Canonical Security Telemetry Substrate for AI-Native Cyber Detection","ref_index":2,"is_internal_anchor":false}]},"formal_canon":{"evidence_count":0,"sample":[],"anchors":[]},"links":{"html":"https://pith.science/pith/IIDNMIIHC32FET72F6Y6RZORAL","json":"https://pith.science/pith/IIDNMIIHC32FET72F6Y6RZORAL.json","graph_json":"https://pith.science/api/pith-number/IIDNMIIHC32FET72F6Y6RZORAL/graph.json","events_json":"https://pith.science/api/pith-number/IIDNMIIHC32FET72F6Y6RZORAL/events.json","paper":"https://pith.science/paper/IIDNMIIH"},"agent_actions":{"view_html":"https://pith.science/pith/IIDNMIIHC32FET72F6Y6RZORAL","download_json":"https://pith.science/pith/IIDNMIIHC32FET72F6Y6RZORAL.json","view_paper":"https://pith.science/paper/IIDNMIIH","resolve_alias":"https://pith.science/api/pith-number/resolve?arxiv=2211.00441&json=true","fetch_graph":"https://pith.science/api/pith-number/IIDNMIIHC32FET72F6Y6RZORAL/graph.json","fetch_events":"https://pith.science/api/pith-number/IIDNMIIHC32FET72F6Y6RZORAL/events.json","actions":{"anchor_timestamp":"https://pith.science/pith/IIDNMIIHC32FET72F6Y6RZORAL/action/timestamp_anchor","attest_storage":"https://pith.science/pith/IIDNMIIHC32FET72F6Y6RZORAL/action/storage_attestation","attest_author":"https://pith.science/pith/IIDNMIIHC32FET72F6Y6RZORAL/action/author_attestation","sign_citation":"https://pith.science/pith/IIDNMIIHC32FET72F6Y6RZORAL/action/citation_signature","submit_replication":"https://pith.science/pith/IIDNMIIHC32FET72F6Y6RZORAL/action/replication_record"}},"created_at":"2026-07-05T05:12:22.646486+00:00","updated_at":"2026-07-05T05:12:22.646486+00:00"}