{"bundle_type":"pith_open_graph_bundle","bundle_version":"1.0","pith_number":"pith:2017:RMHXE7IVFT7SN5GMU6HLT3JKPA","short_pith_number":"pith:RMHXE7IV","canonical_record":{"source":{"id":"1709.07095","kind":"arxiv","version":1},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2017-09-20T22:21:14Z","cross_cats_sorted":["cs.AI"],"title_canon_sha256":"d541b46981f17751052f5bcc50e2cc0e263fca1a24450ea905dc9e4a58bd3790","abstract_canon_sha256":"505c587797f14438992aa2273c74a29aec19e84c6792e60380cfbc193301514c"},"schema_version":"1.0"},"canonical_sha256":"8b0f727d152cff26f4cca78eb9ed2a780aeab813389fb97d3f4a65091822e17b","source":{"kind":"arxiv","id":"1709.07095","version":1},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1709.07095","created_at":"2026-05-18T00:34:36Z"},{"alias_kind":"arxiv_version","alias_value":"1709.07095v1","created_at":"2026-05-18T00:34:36Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1709.07095","created_at":"2026-05-18T00:34:36Z"},{"alias_kind":"pith_short_12","alias_value":"RMHXE7IVFT7S","created_at":"2026-05-18T12:31:39Z"},{"alias_kind":"pith_short_16","alias_value":"RMHXE7IVFT7SN5GM","created_at":"2026-05-18T12:31:39Z"},{"alias_kind":"pith_short_8","alias_value":"RMHXE7IV","created_at":"2026-05-18T12:31:39Z"}],"events":[{"event_type":"record_created","subject_pith_number":"pith:2017:RMHXE7IVFT7SN5GMU6HLT3JKPA","target":"record","payload":{"canonical_record":{"source":{"id":"1709.07095","kind":"arxiv","version":1},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2017-09-20T22:21:14Z","cross_cats_sorted":["cs.AI"],"title_canon_sha256":"d541b46981f17751052f5bcc50e2cc0e263fca1a24450ea905dc9e4a58bd3790","abstract_canon_sha256":"505c587797f14438992aa2273c74a29aec19e84c6792e60380cfbc193301514c"},"schema_version":"1.0"},"canonical_sha256":"8b0f727d152cff26f4cca78eb9ed2a780aeab813389fb97d3f4a65091822e17b","receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-05-18T00:34:36.580227Z","signature_b64":"A5UMKhSVae1ADR+9G5OwXAgw8kI3uAfJn0kRtohuLtCjza+yOp4ikQhRYrLKp5N6pHOtWC3UN59hOUzLBsSIDg==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"8b0f727d152cff26f4cca78eb9ed2a780aeab813389fb97d3f4a65091822e17b","last_reissued_at":"2026-05-18T00:34:36.579678Z","signature_status":"signed_v1","first_computed_at":"2026-05-18T00:34:36.579678Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"source_kind":"arxiv","source_id":"1709.07095","source_version":1,"attestation_state":"computed"},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T00:34:36Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"X5RZXmSFLzQxbq2OpBBLy//zF/qzZDgPNF6x84QtuTESyouYdun/NhSFLxvLlKXFTMaeJsw9EiTqXDG9dOwjAg==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-05-27T13:08:11.148345Z"},"content_sha256":"05e82511181a69b436629271d7ad60fd14ef387a94179e2ca08368f3ae623ddb","schema_version":"1.0","event_id":"sha256:05e82511181a69b436629271d7ad60fd14ef387a94179e2ca08368f3ae623ddb"},{"event_type":"graph_snapshot","subject_pith_number":"pith:2017:RMHXE7IVFT7SN5GMU6HLT3JKPA","target":"graph","payload":{"graph_snapshot":{"paper":{"title":"Practical Machine Learning for Cloud Intrusion Detection: Challenges and the Way Forward","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":["cs.AI"],"primary_cat":"cs.CR","authors_text":"Andrew Wicker, Matt Swann, Ram Shankar Siva Kumar","submitted_at":"2017-09-20T22:21:14Z","abstract_excerpt":"Operationalizing machine learning based security detections is extremely challenging, especially in a continuously evolving cloud environment. Conventional anomaly detection does not produce satisfactory results for analysts that are investigating security incidents in the cloud. Model evaluation alone presents its own set of problems due to a lack of benchmark datasets. When deploying these detections, we must deal with model compliance, localization, and data silo issues, among many others. We pose the problem of \"attack disruption\" as a way forward in the security data science space. In thi"},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1709.07095","kind":"arxiv","version":1},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"verdict_id":null},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T00:34:36Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"nmdFa8SxtyaM67Hs1RFgAAU6Mi5ap8xmP9euCETGIl+yT437I2nm2BKA6paYW+QICfRdKj6k6sKKVhvTHqBiAA==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-05-27T13:08:11.148951Z"},"content_sha256":"b3dd760aefde2ab994725a8ff2e74b5aed3fa169f4e3a58f591f4092f28a81b7","schema_version":"1.0","event_id":"sha256:b3dd760aefde2ab994725a8ff2e74b5aed3fa169f4e3a58f591f4092f28a81b7"}],"timestamp_proofs":[],"mirror_hints":[{"mirror_type":"https","name":"Pith Resolver","base_url":"https://pith.science","bundle_url":"https://pith.science/pith/RMHXE7IVFT7SN5GMU6HLT3JKPA/bundle.json","state_url":"https://pith.science/pith/RMHXE7IVFT7SN5GMU6HLT3JKPA/state.json","well_known_bundle_url":"https://pith.science/.well-known/pith/RMHXE7IVFT7SN5GMU6HLT3JKPA/bundle.json","status":"primary"}],"public_keys":[{"key_id":"pith-v1-2026-05","algorithm":"ed25519","format":"raw","public_key_b64":"stVStoiQhXFxp4s2pdzPNoqVNBMojDU/fJ2db5S3CbM=","public_key_hex":"b2d552b68890857171a78b36a5dccf368a953413288c353f7c9d9d6f94b709b3","fingerprint_sha256_b32_first128bits":"RVFV5Z2OI2J3ZUO7ERDEBCYNKS","fingerprint_sha256_hex":"8d4b5ee74e4693bcd1df2446408b0d54","rotates_at":null,"url":"https://pith.science/pith-signing-key.json","notes":"Pith uses this Ed25519 key to sign canonical record SHA-256 digests. Verify with: ed25519_verify(public_key, message=canonical_sha256_bytes, signature=base64decode(signature_b64))."}],"merge_version":"pith-open-graph-merge-v1","built_at":"2026-05-27T13:08:11Z","links":{"resolver":"https://pith.science/pith/RMHXE7IVFT7SN5GMU6HLT3JKPA","bundle":"https://pith.science/pith/RMHXE7IVFT7SN5GMU6HLT3JKPA/bundle.json","state":"https://pith.science/pith/RMHXE7IVFT7SN5GMU6HLT3JKPA/state.json","well_known_bundle":"https://pith.science/.well-known/pith/RMHXE7IVFT7SN5GMU6HLT3JKPA/bundle.json"},"state":{"state_type":"pith_open_graph_state","state_version":"1.0","pith_number":"pith:2017:RMHXE7IVFT7SN5GMU6HLT3JKPA","merge_version":"pith-open-graph-merge-v1","event_count":2,"valid_event_count":2,"invalid_event_count":0,"equivocation_count":0,"current":{"canonical_record":{"metadata":{"abstract_canon_sha256":"505c587797f14438992aa2273c74a29aec19e84c6792e60380cfbc193301514c","cross_cats_sorted":["cs.AI"],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2017-09-20T22:21:14Z","title_canon_sha256":"d541b46981f17751052f5bcc50e2cc0e263fca1a24450ea905dc9e4a58bd3790"},"schema_version":"1.0","source":{"id":"1709.07095","kind":"arxiv","version":1}},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1709.07095","created_at":"2026-05-18T00:34:36Z"},{"alias_kind":"arxiv_version","alias_value":"1709.07095v1","created_at":"2026-05-18T00:34:36Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1709.07095","created_at":"2026-05-18T00:34:36Z"},{"alias_kind":"pith_short_12","alias_value":"RMHXE7IVFT7S","created_at":"2026-05-18T12:31:39Z"},{"alias_kind":"pith_short_16","alias_value":"RMHXE7IVFT7SN5GM","created_at":"2026-05-18T12:31:39Z"},{"alias_kind":"pith_short_8","alias_value":"RMHXE7IV","created_at":"2026-05-18T12:31:39Z"}],"graph_snapshots":[{"event_id":"sha256:b3dd760aefde2ab994725a8ff2e74b5aed3fa169f4e3a58f591f4092f28a81b7","target":"graph","created_at":"2026-05-18T00:34:36Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"graph_snapshot":{"author_claims":{"count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","strong_count":0},"builder_version":"pith-number-builder-2026-05-17-v1","claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"paper":{"abstract_excerpt":"Operationalizing machine learning based security detections is extremely challenging, especially in a continuously evolving cloud environment. Conventional anomaly detection does not produce satisfactory results for analysts that are investigating security incidents in the cloud. Model evaluation alone presents its own set of problems due to a lack of benchmark datasets. When deploying these detections, we must deal with model compliance, localization, and data silo issues, among many others. We pose the problem of \"attack disruption\" as a way forward in the security data science space. In thi","authors_text":"Andrew Wicker, Matt Swann, Ram Shankar Siva Kumar","cross_cats":["cs.AI"],"headline":"","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2017-09-20T22:21:14Z","title":"Practical Machine Learning for Cloud Intrusion Detection: Challenges and the Way Forward"},"references":{"count":0,"internal_anchors":0,"resolved_work":0,"sample":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1709.07095","kind":"arxiv","version":1},"verdict":{"created_at":null,"id":null,"model_set":{},"one_line_summary":"","pipeline_version":null,"pith_extraction_headline":"","strongest_claim":"","weakest_assumption":""}},"verdict_id":null}}],"author_attestations":[],"timestamp_anchors":[],"storage_attestations":[],"citation_signatures":[],"replication_records":[],"corrections":[],"mirror_hints":[],"record_created":{"event_id":"sha256:05e82511181a69b436629271d7ad60fd14ef387a94179e2ca08368f3ae623ddb","target":"record","created_at":"2026-05-18T00:34:36Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"attestation_state":"computed","canonical_record":{"metadata":{"abstract_canon_sha256":"505c587797f14438992aa2273c74a29aec19e84c6792e60380cfbc193301514c","cross_cats_sorted":["cs.AI"],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2017-09-20T22:21:14Z","title_canon_sha256":"d541b46981f17751052f5bcc50e2cc0e263fca1a24450ea905dc9e4a58bd3790"},"schema_version":"1.0","source":{"id":"1709.07095","kind":"arxiv","version":1}},"canonical_sha256":"8b0f727d152cff26f4cca78eb9ed2a780aeab813389fb97d3f4a65091822e17b","receipt":{"algorithm":"ed25519","builder_version":"pith-number-builder-2026-05-17-v1","canonical_sha256":"8b0f727d152cff26f4cca78eb9ed2a780aeab813389fb97d3f4a65091822e17b","first_computed_at":"2026-05-18T00:34:36.579678Z","key_id":"pith-v1-2026-05","kind":"pith_receipt","last_reissued_at":"2026-05-18T00:34:36.579678Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","receipt_version":"0.3","signature_b64":"A5UMKhSVae1ADR+9G5OwXAgw8kI3uAfJn0kRtohuLtCjza+yOp4ikQhRYrLKp5N6pHOtWC3UN59hOUzLBsSIDg==","signature_status":"signed_v1","signed_at":"2026-05-18T00:34:36.580227Z","signed_message":"canonical_sha256_bytes"},"source_id":"1709.07095","source_kind":"arxiv","source_version":1}}},"equivocations":[],"invalid_events":[],"applied_event_ids":["sha256:05e82511181a69b436629271d7ad60fd14ef387a94179e2ca08368f3ae623ddb","sha256:b3dd760aefde2ab994725a8ff2e74b5aed3fa169f4e3a58f591f4092f28a81b7"],"state_sha256":"11431b2e68df6797adaaacc07146ee292fb6b071bf345aa93eff341f1271c691"},"bundle_signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"VYWA7kxIgW/nOTtOhGDxZEMCoJx4nvUYR2yLKMDPaH8/N0QfiTSsnMki2Xj03Fy0BZxgbbzDar/4H1TXpJJxDA==","signed_message":"bundle_sha256_bytes","signed_at":"2026-05-27T13:08:11.152393Z","bundle_sha256":"c54a210b412ef1297c2f27a91db1168e7844b0c44bfa7d60bb9d3cdcd8891e6e"}}