{"bundle_type":"pith_open_graph_bundle","bundle_version":"1.0","pith_number":"pith:2017:PYF7YXOU6PN3UFONKRSRW3J6SU","short_pith_number":"pith:PYF7YXOU","canonical_record":{"source":{"id":"1708.06693","kind":"arxiv","version":1},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2017-08-22T16:08:18Z","cross_cats_sorted":[],"title_canon_sha256":"e6a7357950cf9bb1c2d0f461654799ade0487928548b671b1d3acd922b45e04e","abstract_canon_sha256":"fb9763ffc98b7c3ff1e1e3d4aa8c8b0e769459baee252a09a6ac6a5132e97911"},"schema_version":"1.0"},"canonical_sha256":"7e0bfc5dd4f3dbba15cd54651b6d3e9501c6e4642223d773aaaae23706523c02","source":{"kind":"arxiv","id":"1708.06693","version":1},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1708.06693","created_at":"2026-05-18T00:37:32Z"},{"alias_kind":"arxiv_version","alias_value":"1708.06693v1","created_at":"2026-05-18T00:37:32Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1708.06693","created_at":"2026-05-18T00:37:32Z"},{"alias_kind":"pith_short_12","alias_value":"PYF7YXOU6PN3","created_at":"2026-05-18T12:31:37Z"},{"alias_kind":"pith_short_16","alias_value":"PYF7YXOU6PN3UFON","created_at":"2026-05-18T12:31:37Z"},{"alias_kind":"pith_short_8","alias_value":"PYF7YXOU","created_at":"2026-05-18T12:31:37Z"}],"events":[{"event_type":"record_created","subject_pith_number":"pith:2017:PYF7YXOU6PN3UFONKRSRW3J6SU","target":"record","payload":{"canonical_record":{"source":{"id":"1708.06693","kind":"arxiv","version":1},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2017-08-22T16:08:18Z","cross_cats_sorted":[],"title_canon_sha256":"e6a7357950cf9bb1c2d0f461654799ade0487928548b671b1d3acd922b45e04e","abstract_canon_sha256":"fb9763ffc98b7c3ff1e1e3d4aa8c8b0e769459baee252a09a6ac6a5132e97911"},"schema_version":"1.0"},"canonical_sha256":"7e0bfc5dd4f3dbba15cd54651b6d3e9501c6e4642223d773aaaae23706523c02","receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-05-18T00:37:32.877120Z","signature_b64":"vRUfikkG1MjK3WRdHxLphkAslY+HE+86cSTJBZiN02vIiWMJnAMAOpFm+LWJpWcFOxRoWxv0Vlef5coYzCDeBg==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"7e0bfc5dd4f3dbba15cd54651b6d3e9501c6e4642223d773aaaae23706523c02","last_reissued_at":"2026-05-18T00:37:32.876645Z","signature_status":"signed_v1","first_computed_at":"2026-05-18T00:37:32.876645Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"source_kind":"arxiv","source_id":"1708.06693","source_version":1,"attestation_state":"computed"},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T00:37:32Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"3pH02UfW70FzPgH6SBgBnJHrbFsaNfs2Oa958F17FwQvQNQDVsYCSS79ThKDpX8w0wdIDeXFRnepRNdtQzfGDg==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-06-04T14:38:16.025479Z"},"content_sha256":"4e9b85b28841fc18b0c74600fdc0ee8141f147018afb765109cf18444e50b112","schema_version":"1.0","event_id":"sha256:4e9b85b28841fc18b0c74600fdc0ee8141f147018afb765109cf18444e50b112"},{"event_type":"graph_snapshot","subject_pith_number":"pith:2017:PYF7YXOU6PN3UFONKRSRW3J6SU","target":"graph","payload":{"graph_snapshot":{"paper":{"title":"Herding Vulnerable Cats: A Statistical Approach to Disentangle Joint Responsibility for Web Security in Shared Hosting","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":[],"primary_cat":"cs.CR","authors_text":"Arman Noroozian, Maciej Korczy\\'nski, Michel van Eeten, Rainer B\\\"ohme, Samaneh TajalizadehKhoob, Tom van Goethem, Tyler Moore, Wouter Joosen","submitted_at":"2017-08-22T16:08:18Z","abstract_excerpt":"Hosting providers play a key role in fighting web compromise, but their ability to prevent abuse is constrained by the security practices of their own customers. {\\em Shared} hosting, offers a unique perspective since customers operate under restricted privileges and providers retain more control over configurations. We present the first empirical analysis of the distribution of web security features and software patching practices in shared hosting providers, the influence of providers on these security practices, and their impact on web compromise rates. We construct provider-level features "},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1708.06693","kind":"arxiv","version":1},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"verdict_id":null},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T00:37:32Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"WhNMF55BGQbZExdnLPiS+G8DPupJ4wsUabsj+Rsi8MDuOj/vGIgTdISHUT893ZGfeyksCY7pEg1PCGqEMpfrAQ==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-06-04T14:38:16.025866Z"},"content_sha256":"c0adb1e1b90b02b89d76d20dc946a2afca98aad60ff4433a7842ae0fdfd36e8e","schema_version":"1.0","event_id":"sha256:c0adb1e1b90b02b89d76d20dc946a2afca98aad60ff4433a7842ae0fdfd36e8e"}],"timestamp_proofs":[],"mirror_hints":[{"mirror_type":"https","name":"Pith Resolver","base_url":"https://pith.science","bundle_url":"https://pith.science/pith/PYF7YXOU6PN3UFONKRSRW3J6SU/bundle.json","state_url":"https://pith.science/pith/PYF7YXOU6PN3UFONKRSRW3J6SU/state.json","well_known_bundle_url":"https://pith.science/.well-known/pith/PYF7YXOU6PN3UFONKRSRW3J6SU/bundle.json","status":"primary"}],"public_keys":[{"key_id":"pith-v1-2026-05","algorithm":"ed25519","format":"raw","public_key_b64":"stVStoiQhXFxp4s2pdzPNoqVNBMojDU/fJ2db5S3CbM=","public_key_hex":"b2d552b68890857171a78b36a5dccf368a953413288c353f7c9d9d6f94b709b3","fingerprint_sha256_b32_first128bits":"RVFV5Z2OI2J3ZUO7ERDEBCYNKS","fingerprint_sha256_hex":"8d4b5ee74e4693bcd1df2446408b0d54","rotates_at":null,"url":"https://pith.science/pith-signing-key.json","notes":"Pith uses this Ed25519 key to sign canonical record SHA-256 digests. Verify with: ed25519_verify(public_key, message=canonical_sha256_bytes, signature=base64decode(signature_b64))."}],"merge_version":"pith-open-graph-merge-v1","built_at":"2026-06-04T14:38:16Z","links":{"resolver":"https://pith.science/pith/PYF7YXOU6PN3UFONKRSRW3J6SU","bundle":"https://pith.science/pith/PYF7YXOU6PN3UFONKRSRW3J6SU/bundle.json","state":"https://pith.science/pith/PYF7YXOU6PN3UFONKRSRW3J6SU/state.json","well_known_bundle":"https://pith.science/.well-known/pith/PYF7YXOU6PN3UFONKRSRW3J6SU/bundle.json"},"state":{"state_type":"pith_open_graph_state","state_version":"1.0","pith_number":"pith:2017:PYF7YXOU6PN3UFONKRSRW3J6SU","merge_version":"pith-open-graph-merge-v1","event_count":2,"valid_event_count":2,"invalid_event_count":0,"equivocation_count":0,"current":{"canonical_record":{"metadata":{"abstract_canon_sha256":"fb9763ffc98b7c3ff1e1e3d4aa8c8b0e769459baee252a09a6ac6a5132e97911","cross_cats_sorted":[],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2017-08-22T16:08:18Z","title_canon_sha256":"e6a7357950cf9bb1c2d0f461654799ade0487928548b671b1d3acd922b45e04e"},"schema_version":"1.0","source":{"id":"1708.06693","kind":"arxiv","version":1}},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1708.06693","created_at":"2026-05-18T00:37:32Z"},{"alias_kind":"arxiv_version","alias_value":"1708.06693v1","created_at":"2026-05-18T00:37:32Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1708.06693","created_at":"2026-05-18T00:37:32Z"},{"alias_kind":"pith_short_12","alias_value":"PYF7YXOU6PN3","created_at":"2026-05-18T12:31:37Z"},{"alias_kind":"pith_short_16","alias_value":"PYF7YXOU6PN3UFON","created_at":"2026-05-18T12:31:37Z"},{"alias_kind":"pith_short_8","alias_value":"PYF7YXOU","created_at":"2026-05-18T12:31:37Z"}],"graph_snapshots":[{"event_id":"sha256:c0adb1e1b90b02b89d76d20dc946a2afca98aad60ff4433a7842ae0fdfd36e8e","target":"graph","created_at":"2026-05-18T00:37:32Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"graph_snapshot":{"author_claims":{"count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","strong_count":0},"builder_version":"pith-number-builder-2026-05-17-v1","claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"paper":{"abstract_excerpt":"Hosting providers play a key role in fighting web compromise, but their ability to prevent abuse is constrained by the security practices of their own customers. {\\em Shared} hosting, offers a unique perspective since customers operate under restricted privileges and providers retain more control over configurations. We present the first empirical analysis of the distribution of web security features and software patching practices in shared hosting providers, the influence of providers on these security practices, and their impact on web compromise rates. We construct provider-level features ","authors_text":"Arman Noroozian, Maciej Korczy\\'nski, Michel van Eeten, Rainer B\\\"ohme, Samaneh TajalizadehKhoob, Tom van Goethem, Tyler Moore, Wouter Joosen","cross_cats":[],"headline":"","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2017-08-22T16:08:18Z","title":"Herding Vulnerable Cats: A Statistical Approach to Disentangle Joint Responsibility for Web Security in Shared Hosting"},"references":{"count":0,"internal_anchors":0,"resolved_work":0,"sample":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1708.06693","kind":"arxiv","version":1},"verdict":{"created_at":null,"id":null,"model_set":{},"one_line_summary":"","pipeline_version":null,"pith_extraction_headline":"","strongest_claim":"","weakest_assumption":""}},"verdict_id":null}}],"author_attestations":[],"timestamp_anchors":[],"storage_attestations":[],"citation_signatures":[],"replication_records":[],"corrections":[],"mirror_hints":[],"record_created":{"event_id":"sha256:4e9b85b28841fc18b0c74600fdc0ee8141f147018afb765109cf18444e50b112","target":"record","created_at":"2026-05-18T00:37:32Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"attestation_state":"computed","canonical_record":{"metadata":{"abstract_canon_sha256":"fb9763ffc98b7c3ff1e1e3d4aa8c8b0e769459baee252a09a6ac6a5132e97911","cross_cats_sorted":[],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2017-08-22T16:08:18Z","title_canon_sha256":"e6a7357950cf9bb1c2d0f461654799ade0487928548b671b1d3acd922b45e04e"},"schema_version":"1.0","source":{"id":"1708.06693","kind":"arxiv","version":1}},"canonical_sha256":"7e0bfc5dd4f3dbba15cd54651b6d3e9501c6e4642223d773aaaae23706523c02","receipt":{"algorithm":"ed25519","builder_version":"pith-number-builder-2026-05-17-v1","canonical_sha256":"7e0bfc5dd4f3dbba15cd54651b6d3e9501c6e4642223d773aaaae23706523c02","first_computed_at":"2026-05-18T00:37:32.876645Z","key_id":"pith-v1-2026-05","kind":"pith_receipt","last_reissued_at":"2026-05-18T00:37:32.876645Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","receipt_version":"0.3","signature_b64":"vRUfikkG1MjK3WRdHxLphkAslY+HE+86cSTJBZiN02vIiWMJnAMAOpFm+LWJpWcFOxRoWxv0Vlef5coYzCDeBg==","signature_status":"signed_v1","signed_at":"2026-05-18T00:37:32.877120Z","signed_message":"canonical_sha256_bytes"},"source_id":"1708.06693","source_kind":"arxiv","source_version":1}}},"equivocations":[],"invalid_events":[],"applied_event_ids":["sha256:4e9b85b28841fc18b0c74600fdc0ee8141f147018afb765109cf18444e50b112","sha256:c0adb1e1b90b02b89d76d20dc946a2afca98aad60ff4433a7842ae0fdfd36e8e"],"state_sha256":"babcad35f92c84efaac5ea1acbfaffaf51687ad8f0b81cba873b993ed9617b95"},"bundle_signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"ORpZn/aFPfkPHokm3UGTEaiHai1M2haW0Nw9nYy3lbpq95c+8UkwslY/TPH6YAVjj9vXFVso/hlxTtMR23/xAg==","signed_message":"bundle_sha256_bytes","signed_at":"2026-06-04T14:38:16.028147Z","bundle_sha256":"efd3eed77e52ec315c195a77e5dad405409088cc2bb2a2dab66c9e50876c573e"}}