{"record_type":"pith_number_record","schema_url":"https://pith.science/schemas/pith-number/v1.json","pith_number":"pith:2026:QLAKCBSJLLZGLTTQB6NKPGS4NL","short_pith_number":"pith:QLAKCBSJ","schema_version":"1.0","canonical_sha256":"82c0a106495af265ce700f9aa79a5c6af2b94495d347bcc86481c17b1eb43d75","source":{"kind":"arxiv","id":"2601.06948","version":2},"attestation_state":"computed","paper":{"title":"Operational Runtime Behavior Mining for Open-Source Supply Chain Security","license":"http://creativecommons.org/licenses/by/4.0/","headline":"","cross_cats":[],"primary_cat":"cs.CR","authors_text":"Christos Anagnostopoulos, Jeremy Singer, Ke Xiao, Zhuoran Tan","submitted_at":"2026-01-11T15:14:18Z","abstract_excerpt":"Open-source software (OSS) is a critical component of modern software systems, yet supply chain security remains challenging in practice due to unavailable or obfuscated source code. Consequently, security teams often rely on runtime observations collected from sandboxed executions to investigate suspicious third-party components. We present HeteroGAT-Rank, an industry-oriented runtime behavior mining system that supports analyst-in-the-loop supply chain threat investigation. The system models execution-time behaviors of OSS packages as lightweight heterogeneous graphs and applies attention-ba"},"verification_status":{"content_addressed":true,"pith_receipt":true,"author_attested":false,"weak_author_claims":0,"strong_author_claims":0,"externally_anchored":false,"storage_verified":false,"citation_signatures":0,"replication_records":0,"graph_snapshot":true,"references_resolved":false,"formal_links_present":false},"canonical_record":{"source":{"id":"2601.06948","kind":"arxiv","version":2},"metadata":{"license":"http://creativecommons.org/licenses/by/4.0/","primary_cat":"cs.CR","submitted_at":"2026-01-11T15:14:18Z","cross_cats_sorted":[],"title_canon_sha256":"c4abc06dc04bf119a024c6cdb3bf846e4e56aea2ea02422c1d95f9fd9cbac904","abstract_canon_sha256":"979312f56580beb3e1bc4971892860b91ece62c2a19f0572d028d8b936d493b4"},"schema_version":"1.0"},"receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-05-27T00:04:24.421763Z","signature_b64":"UqkBSePXkP7FEtzjZ8UHiY+xMIglfThBrZ2Ruiksb4UNETHpUJcPkUFvtQxAyEw5ivOKCtI/yYHdMn3ivi/hCg==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"82c0a106495af265ce700f9aa79a5c6af2b94495d347bcc86481c17b1eb43d75","last_reissued_at":"2026-05-27T00:04:24.421089Z","signature_status":"signed_v1","first_computed_at":"2026-05-27T00:04:24.421089Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"graph_snapshot":{"paper":{"title":"Operational Runtime Behavior Mining for Open-Source Supply Chain Security","license":"http://creativecommons.org/licenses/by/4.0/","headline":"","cross_cats":[],"primary_cat":"cs.CR","authors_text":"Christos Anagnostopoulos, Jeremy Singer, Ke Xiao, Zhuoran Tan","submitted_at":"2026-01-11T15:14:18Z","abstract_excerpt":"Open-source software (OSS) is a critical component of modern software systems, yet supply chain security remains challenging in practice due to unavailable or obfuscated source code. Consequently, security teams often rely on runtime observations collected from sandboxed executions to investigate suspicious third-party components. We present HeteroGAT-Rank, an industry-oriented runtime behavior mining system that supports analyst-in-the-loop supply chain threat investigation. The system models execution-time behaviors of OSS packages as lightweight heterogeneous graphs and applies attention-ba"},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"2601.06948","kind":"arxiv","version":2},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"integrity":{"clean":true,"summary":{"advisory":0,"critical":0,"by_detector":{},"informational":0},"endpoint":"/pith/2601.06948/integrity.json","findings":[],"available":true,"detectors_run":[],"snapshot_sha256":"c28c3603d3b5d939e8dc4c7e95fa8dfce3d595e45f758748cecf8e644a296938"},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"aliases":[{"alias_kind":"arxiv","alias_value":"2601.06948","created_at":"2026-05-27T00:04:24.421172+00:00"},{"alias_kind":"arxiv_version","alias_value":"2601.06948v2","created_at":"2026-05-27T00:04:24.421172+00:00"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.2601.06948","created_at":"2026-05-27T00:04:24.421172+00:00"},{"alias_kind":"pith_short_12","alias_value":"QLAKCBSJLLZG","created_at":"2026-05-27T00:04:24.421172+00:00"},{"alias_kind":"pith_short_16","alias_value":"QLAKCBSJLLZGLTTQ","created_at":"2026-05-27T00:04:24.421172+00:00"},{"alias_kind":"pith_short_8","alias_value":"QLAKCBSJ","created_at":"2026-05-27T00:04:24.421172+00:00"}],"events":[],"event_summary":{},"paper_claims":[],"inbound_citations":{"count":1,"internal_anchor_count":1,"sample":[{"citing_arxiv_id":"2605.07737","citing_title":"Securing the Dark Matter: A Semantic-Enhanced Neuro-Symbolic Framework for Supply Chain Analysis of Opaque Industrial Software","ref_index":32,"is_internal_anchor":true}]},"formal_canon":{"evidence_count":0,"sample":[],"anchors":[]},"links":{"html":"https://pith.science/pith/QLAKCBSJLLZGLTTQB6NKPGS4NL","json":"https://pith.science/pith/QLAKCBSJLLZGLTTQB6NKPGS4NL.json","graph_json":"https://pith.science/api/pith-number/QLAKCBSJLLZGLTTQB6NKPGS4NL/graph.json","events_json":"https://pith.science/api/pith-number/QLAKCBSJLLZGLTTQB6NKPGS4NL/events.json","paper":"https://pith.science/paper/QLAKCBSJ"},"agent_actions":{"view_html":"https://pith.science/pith/QLAKCBSJLLZGLTTQB6NKPGS4NL","download_json":"https://pith.science/pith/QLAKCBSJLLZGLTTQB6NKPGS4NL.json","view_paper":"https://pith.science/paper/QLAKCBSJ","resolve_alias":"https://pith.science/api/pith-number/resolve?arxiv=2601.06948&json=true","fetch_graph":"https://pith.science/api/pith-number/QLAKCBSJLLZGLTTQB6NKPGS4NL/graph.json","fetch_events":"https://pith.science/api/pith-number/QLAKCBSJLLZGLTTQB6NKPGS4NL/events.json","actions":{"anchor_timestamp":"https://pith.science/pith/QLAKCBSJLLZGLTTQB6NKPGS4NL/action/timestamp_anchor","attest_storage":"https://pith.science/pith/QLAKCBSJLLZGLTTQB6NKPGS4NL/action/storage_attestation","attest_author":"https://pith.science/pith/QLAKCBSJLLZGLTTQB6NKPGS4NL/action/author_attestation","sign_citation":"https://pith.science/pith/QLAKCBSJLLZGLTTQB6NKPGS4NL/action/citation_signature","submit_replication":"https://pith.science/pith/QLAKCBSJLLZGLTTQB6NKPGS4NL/action/replication_record"}},"created_at":"2026-05-27T00:04:24.421172+00:00","updated_at":"2026-05-27T00:04:24.421172+00:00"}