{"bundle_type":"pith_open_graph_bundle","bundle_version":"1.0","pith_number":"pith:2017:S6EQVS544B66PZKFHFB4JLXFEL","short_pith_number":"pith:S6EQVS54","canonical_record":{"source":{"id":"1703.02244","kind":"arxiv","version":1},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2017-03-07T07:15:43Z","cross_cats_sorted":[],"title_canon_sha256":"5ceb1f52109b880bef3658eeafea6f3cc49d4cb1faa72bd70fd3d419b4be6b04","abstract_canon_sha256":"5ed61e2ee3624266b2d747fe318c3937c5ca761b0a4a7148c3126a625deb2004"},"schema_version":"1.0"},"canonical_sha256":"97890acbbce07de7e5453943c4aee522e7b779bfd764cb4cc5ab44918e383d93","source":{"kind":"arxiv","id":"1703.02244","version":1},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1703.02244","created_at":"2026-05-18T00:49:20Z"},{"alias_kind":"arxiv_version","alias_value":"1703.02244v1","created_at":"2026-05-18T00:49:20Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1703.02244","created_at":"2026-05-18T00:49:20Z"},{"alias_kind":"pith_short_12","alias_value":"S6EQVS544B66","created_at":"2026-05-18T12:31:43Z"},{"alias_kind":"pith_short_16","alias_value":"S6EQVS544B66PZKF","created_at":"2026-05-18T12:31:43Z"},{"alias_kind":"pith_short_8","alias_value":"S6EQVS54","created_at":"2026-05-18T12:31:43Z"}],"events":[{"event_type":"record_created","subject_pith_number":"pith:2017:S6EQVS544B66PZKFHFB4JLXFEL","target":"record","payload":{"canonical_record":{"source":{"id":"1703.02244","kind":"arxiv","version":1},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2017-03-07T07:15:43Z","cross_cats_sorted":[],"title_canon_sha256":"5ceb1f52109b880bef3658eeafea6f3cc49d4cb1faa72bd70fd3d419b4be6b04","abstract_canon_sha256":"5ed61e2ee3624266b2d747fe318c3937c5ca761b0a4a7148c3126a625deb2004"},"schema_version":"1.0"},"canonical_sha256":"97890acbbce07de7e5453943c4aee522e7b779bfd764cb4cc5ab44918e383d93","receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-05-18T00:49:20.414454Z","signature_b64":"9wonQU2evYV86iudoQHRuLRxothVQMJAz2alPfQZBrJRRtUegkV0XiknXmoRYjyon90QKPFDJ/WQoMjEq9cgCw==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"97890acbbce07de7e5453943c4aee522e7b779bfd764cb4cc5ab44918e383d93","last_reissued_at":"2026-05-18T00:49:20.414061Z","signature_status":"signed_v1","first_computed_at":"2026-05-18T00:49:20.414061Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"source_kind":"arxiv","source_id":"1703.02244","source_version":1,"attestation_state":"computed"},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T00:49:20Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"jaf7z74Y80IFfyCVdjevqkzsSuHVYMMpn40v9pkz4fQUvgCiEzq9UX8SYmpV8iGceC2r5JbvingL8gbUVUqECA==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-05-27T10:03:18.827853Z"},"content_sha256":"211835aff377fa6fa9cc768a961a7fe2b4d0ca35c380c337016fa79346cecd99","schema_version":"1.0","event_id":"sha256:211835aff377fa6fa9cc768a961a7fe2b4d0ca35c380c337016fa79346cecd99"},{"event_type":"graph_snapshot","subject_pith_number":"pith:2017:S6EQVS544B66PZKFHFB4JLXFEL","target":"graph","payload":{"graph_snapshot":{"paper":{"title":"Open Set Intrusion Recognition for Fine-Grained Attack Categorization","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":[],"primary_cat":"cs.CR","authors_text":"Cora Coleman, Ethan M. Rudd, Steve Cruz, Terrance E. Boult","submitted_at":"2017-03-07T07:15:43Z","abstract_excerpt":"Confidently distinguishing a malicious intrusion over a network is an important challenge. Most intrusion detection system evaluations have been performed in a closed set protocol in which only classes seen during training are considered during classification. Thus far, there has been no realistic application in which novel types of behaviors unseen at training -- unknown classes as it were -- must be recognized for manual categorization. This paper comparatively evaluates malware classification using both closed set and open set protocols for intrusion recognition on the KDDCUP'99 dataset. In"},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1703.02244","kind":"arxiv","version":1},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"verdict_id":null},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T00:49:20Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"cc+jOjIWpgTWA6MmlZp1l5f25xQaqepdR7i7+3jr76fLIF246ymn+yOkg16MkttXjNLeRSIZPiywD8dBA9xJAA==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-05-27T10:03:18.828560Z"},"content_sha256":"1a589a32d9d1bac1f86aa56a354b0368ab570fa4acb5c5265a2c0056202e8754","schema_version":"1.0","event_id":"sha256:1a589a32d9d1bac1f86aa56a354b0368ab570fa4acb5c5265a2c0056202e8754"}],"timestamp_proofs":[],"mirror_hints":[{"mirror_type":"https","name":"Pith Resolver","base_url":"https://pith.science","bundle_url":"https://pith.science/pith/S6EQVS544B66PZKFHFB4JLXFEL/bundle.json","state_url":"https://pith.science/pith/S6EQVS544B66PZKFHFB4JLXFEL/state.json","well_known_bundle_url":"https://pith.science/.well-known/pith/S6EQVS544B66PZKFHFB4JLXFEL/bundle.json","status":"primary"}],"public_keys":[{"key_id":"pith-v1-2026-05","algorithm":"ed25519","format":"raw","public_key_b64":"stVStoiQhXFxp4s2pdzPNoqVNBMojDU/fJ2db5S3CbM=","public_key_hex":"b2d552b68890857171a78b36a5dccf368a953413288c353f7c9d9d6f94b709b3","fingerprint_sha256_b32_first128bits":"RVFV5Z2OI2J3ZUO7ERDEBCYNKS","fingerprint_sha256_hex":"8d4b5ee74e4693bcd1df2446408b0d54","rotates_at":null,"url":"https://pith.science/pith-signing-key.json","notes":"Pith uses this Ed25519 key to sign canonical record SHA-256 digests. Verify with: ed25519_verify(public_key, message=canonical_sha256_bytes, signature=base64decode(signature_b64))."}],"merge_version":"pith-open-graph-merge-v1","built_at":"2026-05-27T10:03:18Z","links":{"resolver":"https://pith.science/pith/S6EQVS544B66PZKFHFB4JLXFEL","bundle":"https://pith.science/pith/S6EQVS544B66PZKFHFB4JLXFEL/bundle.json","state":"https://pith.science/pith/S6EQVS544B66PZKFHFB4JLXFEL/state.json","well_known_bundle":"https://pith.science/.well-known/pith/S6EQVS544B66PZKFHFB4JLXFEL/bundle.json"},"state":{"state_type":"pith_open_graph_state","state_version":"1.0","pith_number":"pith:2017:S6EQVS544B66PZKFHFB4JLXFEL","merge_version":"pith-open-graph-merge-v1","event_count":2,"valid_event_count":2,"invalid_event_count":0,"equivocation_count":0,"current":{"canonical_record":{"metadata":{"abstract_canon_sha256":"5ed61e2ee3624266b2d747fe318c3937c5ca761b0a4a7148c3126a625deb2004","cross_cats_sorted":[],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2017-03-07T07:15:43Z","title_canon_sha256":"5ceb1f52109b880bef3658eeafea6f3cc49d4cb1faa72bd70fd3d419b4be6b04"},"schema_version":"1.0","source":{"id":"1703.02244","kind":"arxiv","version":1}},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1703.02244","created_at":"2026-05-18T00:49:20Z"},{"alias_kind":"arxiv_version","alias_value":"1703.02244v1","created_at":"2026-05-18T00:49:20Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1703.02244","created_at":"2026-05-18T00:49:20Z"},{"alias_kind":"pith_short_12","alias_value":"S6EQVS544B66","created_at":"2026-05-18T12:31:43Z"},{"alias_kind":"pith_short_16","alias_value":"S6EQVS544B66PZKF","created_at":"2026-05-18T12:31:43Z"},{"alias_kind":"pith_short_8","alias_value":"S6EQVS54","created_at":"2026-05-18T12:31:43Z"}],"graph_snapshots":[{"event_id":"sha256:1a589a32d9d1bac1f86aa56a354b0368ab570fa4acb5c5265a2c0056202e8754","target":"graph","created_at":"2026-05-18T00:49:20Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"graph_snapshot":{"author_claims":{"count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","strong_count":0},"builder_version":"pith-number-builder-2026-05-17-v1","claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"paper":{"abstract_excerpt":"Confidently distinguishing a malicious intrusion over a network is an important challenge. Most intrusion detection system evaluations have been performed in a closed set protocol in which only classes seen during training are considered during classification. Thus far, there has been no realistic application in which novel types of behaviors unseen at training -- unknown classes as it were -- must be recognized for manual categorization. This paper comparatively evaluates malware classification using both closed set and open set protocols for intrusion recognition on the KDDCUP'99 dataset. In","authors_text":"Cora Coleman, Ethan M. Rudd, Steve Cruz, Terrance E. Boult","cross_cats":[],"headline":"","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2017-03-07T07:15:43Z","title":"Open Set Intrusion Recognition for Fine-Grained Attack Categorization"},"references":{"count":0,"internal_anchors":0,"resolved_work":0,"sample":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1703.02244","kind":"arxiv","version":1},"verdict":{"created_at":null,"id":null,"model_set":{},"one_line_summary":"","pipeline_version":null,"pith_extraction_headline":"","strongest_claim":"","weakest_assumption":""}},"verdict_id":null}}],"author_attestations":[],"timestamp_anchors":[],"storage_attestations":[],"citation_signatures":[],"replication_records":[],"corrections":[],"mirror_hints":[],"record_created":{"event_id":"sha256:211835aff377fa6fa9cc768a961a7fe2b4d0ca35c380c337016fa79346cecd99","target":"record","created_at":"2026-05-18T00:49:20Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"attestation_state":"computed","canonical_record":{"metadata":{"abstract_canon_sha256":"5ed61e2ee3624266b2d747fe318c3937c5ca761b0a4a7148c3126a625deb2004","cross_cats_sorted":[],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2017-03-07T07:15:43Z","title_canon_sha256":"5ceb1f52109b880bef3658eeafea6f3cc49d4cb1faa72bd70fd3d419b4be6b04"},"schema_version":"1.0","source":{"id":"1703.02244","kind":"arxiv","version":1}},"canonical_sha256":"97890acbbce07de7e5453943c4aee522e7b779bfd764cb4cc5ab44918e383d93","receipt":{"algorithm":"ed25519","builder_version":"pith-number-builder-2026-05-17-v1","canonical_sha256":"97890acbbce07de7e5453943c4aee522e7b779bfd764cb4cc5ab44918e383d93","first_computed_at":"2026-05-18T00:49:20.414061Z","key_id":"pith-v1-2026-05","kind":"pith_receipt","last_reissued_at":"2026-05-18T00:49:20.414061Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","receipt_version":"0.3","signature_b64":"9wonQU2evYV86iudoQHRuLRxothVQMJAz2alPfQZBrJRRtUegkV0XiknXmoRYjyon90QKPFDJ/WQoMjEq9cgCw==","signature_status":"signed_v1","signed_at":"2026-05-18T00:49:20.414454Z","signed_message":"canonical_sha256_bytes"},"source_id":"1703.02244","source_kind":"arxiv","source_version":1}}},"equivocations":[],"invalid_events":[],"applied_event_ids":["sha256:211835aff377fa6fa9cc768a961a7fe2b4d0ca35c380c337016fa79346cecd99","sha256:1a589a32d9d1bac1f86aa56a354b0368ab570fa4acb5c5265a2c0056202e8754"],"state_sha256":"f367d7c1f68f8fea46170348ef155920712db8496840c014bad355f1cd2855fb"},"bundle_signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"l3G5fDRoNAWanxCKbiu2Vn1oLFGZiNv4ykWTkXeMZAzRROJwZbwAgYBRbJxbycm+xuoKP7le0A9wBztDvVQWCw==","signed_message":"bundle_sha256_bytes","signed_at":"2026-05-27T10:03:18.832790Z","bundle_sha256":"267e2a679723097bc81425efe5c0524a8f038eda06feb5c031e1119e34a4558e"}}