{"bundle_type":"pith_open_graph_bundle","bundle_version":"1.0","pith_number":"pith:2019:RDM3JGFSNNCSPW7KTSJXLX7AX4","short_pith_number":"pith:RDM3JGFS","canonical_record":{"source":{"id":"1901.03723","kind":"arxiv","version":1},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2019-01-11T19:32:52Z","cross_cats_sorted":["cs.CY"],"title_canon_sha256":"35861093b1f2dad55a727e8120cfe201608027e9bdf1c9e9c41dcb8ca6890112","abstract_canon_sha256":"9b58ea96392371e36b74e89881d2d63bcf5325c1e5757c0477bee17a088791a4"},"schema_version":"1.0"},"canonical_sha256":"88d9b498b26b4527dbea9c9375dfe0bf3cef3cd09dfd1ce4f0d7ebc6e11d4e09","source":{"kind":"arxiv","id":"1901.03723","version":1},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1901.03723","created_at":"2026-05-17T23:56:27Z"},{"alias_kind":"arxiv_version","alias_value":"1901.03723v1","created_at":"2026-05-17T23:56:27Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1901.03723","created_at":"2026-05-17T23:56:27Z"},{"alias_kind":"pith_short_12","alias_value":"RDM3JGFSNNCS","created_at":"2026-05-18T12:33:27Z"},{"alias_kind":"pith_short_16","alias_value":"RDM3JGFSNNCSPW7K","created_at":"2026-05-18T12:33:27Z"},{"alias_kind":"pith_short_8","alias_value":"RDM3JGFS","created_at":"2026-05-18T12:33:27Z"}],"events":[{"event_type":"record_created","subject_pith_number":"pith:2019:RDM3JGFSNNCSPW7KTSJXLX7AX4","target":"record","payload":{"canonical_record":{"source":{"id":"1901.03723","kind":"arxiv","version":1},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2019-01-11T19:32:52Z","cross_cats_sorted":["cs.CY"],"title_canon_sha256":"35861093b1f2dad55a727e8120cfe201608027e9bdf1c9e9c41dcb8ca6890112","abstract_canon_sha256":"9b58ea96392371e36b74e89881d2d63bcf5325c1e5757c0477bee17a088791a4"},"schema_version":"1.0"},"canonical_sha256":"88d9b498b26b4527dbea9c9375dfe0bf3cef3cd09dfd1ce4f0d7ebc6e11d4e09","receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-05-17T23:56:27.177056Z","signature_b64":"Dz7cpkNU0+NuleAA+e+ZwqbHZVMVk7ET7O1SgrTubvcVtXHByBZa7AnRPVsBZzTVxg6J1oIdTmvn4oEu/SqaBg==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"88d9b498b26b4527dbea9c9375dfe0bf3cef3cd09dfd1ce4f0d7ebc6e11d4e09","last_reissued_at":"2026-05-17T23:56:27.176503Z","signature_status":"signed_v1","first_computed_at":"2026-05-17T23:56:27.176503Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"source_kind":"arxiv","source_id":"1901.03723","source_version":1,"attestation_state":"computed"},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-17T23:56:27Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"UGbRsoNdS7GRPn36EZvs3Zm1ch4qBTydTv0OEu3P70nbyxbbBe8BP2Hibhk6lZReDJTjMoT3N5GkBT74iwPXCA==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-06-06T19:35:06.139283Z"},"content_sha256":"539bfe821c674e923fc81ab00310c6d502649219421612b4702fed3de168c502","schema_version":"1.0","event_id":"sha256:539bfe821c674e923fc81ab00310c6d502649219421612b4702fed3de168c502"},{"event_type":"graph_snapshot","subject_pith_number":"pith:2019:RDM3JGFSNNCSPW7KTSJXLX7AX4","target":"graph","payload":{"graph_snapshot":{"paper":{"title":"How Good is Your Data? Investigating the Quality of Data Generated During Security Incident Response Investigations","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":["cs.CY"],"primary_cat":"cs.CR","authors_text":"George Grispos, Tim Storer, William Bradley Glisson","submitted_at":"2019-01-11T19:32:52Z","abstract_excerpt":"An increasing number of cybersecurity incidents prompts organizations to explore alternative security solutions, such as threat intelligence programs. For such programs to succeed, data needs to be collected, validated, and recorded in relevant datastores. One potential source supplying these datastores is an organization's security incident response team. However, researchers have argued that these teams focus more on eradication and recovery and less on providing feedback to enhance organizational security. This prompts the idea that data collected during security incident investigations may"},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1901.03723","kind":"arxiv","version":1},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"verdict_id":null},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-17T23:56:27Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"CnJHrPkRe8jUsBw3lCq1jOzLnnweoiAElk9SSGAIckQZkcSP9mm63O8teDuw9TpUkgQaAoAoe1Pdlv4Fpeu/Dw==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-06-06T19:35:06.139947Z"},"content_sha256":"211e094c84855bee3aaa9451bef8ddcd8d0c0a29044d8f3f48d0a4e9ba376e5c","schema_version":"1.0","event_id":"sha256:211e094c84855bee3aaa9451bef8ddcd8d0c0a29044d8f3f48d0a4e9ba376e5c"}],"timestamp_proofs":[],"mirror_hints":[{"mirror_type":"https","name":"Pith Resolver","base_url":"https://pith.science","bundle_url":"https://pith.science/pith/RDM3JGFSNNCSPW7KTSJXLX7AX4/bundle.json","state_url":"https://pith.science/pith/RDM3JGFSNNCSPW7KTSJXLX7AX4/state.json","well_known_bundle_url":"https://pith.science/.well-known/pith/RDM3JGFSNNCSPW7KTSJXLX7AX4/bundle.json","status":"primary"}],"public_keys":[{"key_id":"pith-v1-2026-05","algorithm":"ed25519","format":"raw","public_key_b64":"stVStoiQhXFxp4s2pdzPNoqVNBMojDU/fJ2db5S3CbM=","public_key_hex":"b2d552b68890857171a78b36a5dccf368a953413288c353f7c9d9d6f94b709b3","fingerprint_sha256_b32_first128bits":"RVFV5Z2OI2J3ZUO7ERDEBCYNKS","fingerprint_sha256_hex":"8d4b5ee74e4693bcd1df2446408b0d54","rotates_at":null,"url":"https://pith.science/pith-signing-key.json","notes":"Pith uses this Ed25519 key to sign canonical record SHA-256 digests. Verify with: ed25519_verify(public_key, message=canonical_sha256_bytes, signature=base64decode(signature_b64))."}],"merge_version":"pith-open-graph-merge-v1","built_at":"2026-06-06T19:35:06Z","links":{"resolver":"https://pith.science/pith/RDM3JGFSNNCSPW7KTSJXLX7AX4","bundle":"https://pith.science/pith/RDM3JGFSNNCSPW7KTSJXLX7AX4/bundle.json","state":"https://pith.science/pith/RDM3JGFSNNCSPW7KTSJXLX7AX4/state.json","well_known_bundle":"https://pith.science/.well-known/pith/RDM3JGFSNNCSPW7KTSJXLX7AX4/bundle.json"},"state":{"state_type":"pith_open_graph_state","state_version":"1.0","pith_number":"pith:2019:RDM3JGFSNNCSPW7KTSJXLX7AX4","merge_version":"pith-open-graph-merge-v1","event_count":2,"valid_event_count":2,"invalid_event_count":0,"equivocation_count":0,"current":{"canonical_record":{"metadata":{"abstract_canon_sha256":"9b58ea96392371e36b74e89881d2d63bcf5325c1e5757c0477bee17a088791a4","cross_cats_sorted":["cs.CY"],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2019-01-11T19:32:52Z","title_canon_sha256":"35861093b1f2dad55a727e8120cfe201608027e9bdf1c9e9c41dcb8ca6890112"},"schema_version":"1.0","source":{"id":"1901.03723","kind":"arxiv","version":1}},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1901.03723","created_at":"2026-05-17T23:56:27Z"},{"alias_kind":"arxiv_version","alias_value":"1901.03723v1","created_at":"2026-05-17T23:56:27Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1901.03723","created_at":"2026-05-17T23:56:27Z"},{"alias_kind":"pith_short_12","alias_value":"RDM3JGFSNNCS","created_at":"2026-05-18T12:33:27Z"},{"alias_kind":"pith_short_16","alias_value":"RDM3JGFSNNCSPW7K","created_at":"2026-05-18T12:33:27Z"},{"alias_kind":"pith_short_8","alias_value":"RDM3JGFS","created_at":"2026-05-18T12:33:27Z"}],"graph_snapshots":[{"event_id":"sha256:211e094c84855bee3aaa9451bef8ddcd8d0c0a29044d8f3f48d0a4e9ba376e5c","target":"graph","created_at":"2026-05-17T23:56:27Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"graph_snapshot":{"author_claims":{"count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","strong_count":0},"builder_version":"pith-number-builder-2026-05-17-v1","claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"paper":{"abstract_excerpt":"An increasing number of cybersecurity incidents prompts organizations to explore alternative security solutions, such as threat intelligence programs. For such programs to succeed, data needs to be collected, validated, and recorded in relevant datastores. One potential source supplying these datastores is an organization's security incident response team. However, researchers have argued that these teams focus more on eradication and recovery and less on providing feedback to enhance organizational security. This prompts the idea that data collected during security incident investigations may","authors_text":"George Grispos, Tim Storer, William Bradley Glisson","cross_cats":["cs.CY"],"headline":"","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2019-01-11T19:32:52Z","title":"How Good is Your Data? Investigating the Quality of Data Generated During Security Incident Response Investigations"},"references":{"count":0,"internal_anchors":0,"resolved_work":0,"sample":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1901.03723","kind":"arxiv","version":1},"verdict":{"created_at":null,"id":null,"model_set":{},"one_line_summary":"","pipeline_version":null,"pith_extraction_headline":"","strongest_claim":"","weakest_assumption":""}},"verdict_id":null}}],"author_attestations":[],"timestamp_anchors":[],"storage_attestations":[],"citation_signatures":[],"replication_records":[],"corrections":[],"mirror_hints":[],"record_created":{"event_id":"sha256:539bfe821c674e923fc81ab00310c6d502649219421612b4702fed3de168c502","target":"record","created_at":"2026-05-17T23:56:27Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"attestation_state":"computed","canonical_record":{"metadata":{"abstract_canon_sha256":"9b58ea96392371e36b74e89881d2d63bcf5325c1e5757c0477bee17a088791a4","cross_cats_sorted":["cs.CY"],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2019-01-11T19:32:52Z","title_canon_sha256":"35861093b1f2dad55a727e8120cfe201608027e9bdf1c9e9c41dcb8ca6890112"},"schema_version":"1.0","source":{"id":"1901.03723","kind":"arxiv","version":1}},"canonical_sha256":"88d9b498b26b4527dbea9c9375dfe0bf3cef3cd09dfd1ce4f0d7ebc6e11d4e09","receipt":{"algorithm":"ed25519","builder_version":"pith-number-builder-2026-05-17-v1","canonical_sha256":"88d9b498b26b4527dbea9c9375dfe0bf3cef3cd09dfd1ce4f0d7ebc6e11d4e09","first_computed_at":"2026-05-17T23:56:27.176503Z","key_id":"pith-v1-2026-05","kind":"pith_receipt","last_reissued_at":"2026-05-17T23:56:27.176503Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","receipt_version":"0.3","signature_b64":"Dz7cpkNU0+NuleAA+e+ZwqbHZVMVk7ET7O1SgrTubvcVtXHByBZa7AnRPVsBZzTVxg6J1oIdTmvn4oEu/SqaBg==","signature_status":"signed_v1","signed_at":"2026-05-17T23:56:27.177056Z","signed_message":"canonical_sha256_bytes"},"source_id":"1901.03723","source_kind":"arxiv","source_version":1}}},"equivocations":[],"invalid_events":[],"applied_event_ids":["sha256:539bfe821c674e923fc81ab00310c6d502649219421612b4702fed3de168c502","sha256:211e094c84855bee3aaa9451bef8ddcd8d0c0a29044d8f3f48d0a4e9ba376e5c"],"state_sha256":"b9379de6954e8fc53404d5d86fb95896f1cc614cf5dabedad4b694c1e28e3afe"},"bundle_signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"z8vuwYxJkAumkVxxDJWtq6vK+CR1bjK3dfW9jkQqI7+ZE8bbHCU4+skLQWldIeoexwwIGlfeAJDX4dIjhwISDw==","signed_message":"bundle_sha256_bytes","signed_at":"2026-06-06T19:35:06.143489Z","bundle_sha256":"abe0c730149066c83346ffa38f58f9d73445f35197d429c943ca181c91f7c312"}}