{"bundle_type":"pith_open_graph_bundle","bundle_version":"1.0","pith_number":"pith:2018:GBNA6FG5NYNWU6DENNWMTO332V","short_pith_number":"pith:GBNA6FG5","canonical_record":{"source":{"id":"1812.00257","kind":"arxiv","version":1},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.LG","submitted_at":"2018-12-01T20:20:49Z","cross_cats_sorted":["cs.CR","stat.ML"],"title_canon_sha256":"f436bfbfc7665497c45e171ff32fa08dbde51f7bef4d1ec171cead4217127401","abstract_canon_sha256":"25a167b394b2dbbc8d630ba3570a34e5359d47ba3203efe7fb41d680a91d55a5"},"schema_version":"1.0"},"canonical_sha256":"305a0f14dd6e1b6a78646b6cc9bb7bd54e0e5c2d1b185abd9ff8439725eb4968","source":{"kind":"arxiv","id":"1812.00257","version":1},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1812.00257","created_at":"2026-05-17T23:59:21Z"},{"alias_kind":"arxiv_version","alias_value":"1812.00257v1","created_at":"2026-05-17T23:59:21Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1812.00257","created_at":"2026-05-17T23:59:21Z"},{"alias_kind":"pith_short_12","alias_value":"GBNA6FG5NYNW","created_at":"2026-05-18T12:32:25Z"},{"alias_kind":"pith_short_16","alias_value":"GBNA6FG5NYNWU6DE","created_at":"2026-05-18T12:32:25Z"},{"alias_kind":"pith_short_8","alias_value":"GBNA6FG5","created_at":"2026-05-18T12:32:25Z"}],"events":[{"event_type":"record_created","subject_pith_number":"pith:2018:GBNA6FG5NYNWU6DENNWMTO332V","target":"record","payload":{"canonical_record":{"source":{"id":"1812.00257","kind":"arxiv","version":1},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.LG","submitted_at":"2018-12-01T20:20:49Z","cross_cats_sorted":["cs.CR","stat.ML"],"title_canon_sha256":"f436bfbfc7665497c45e171ff32fa08dbde51f7bef4d1ec171cead4217127401","abstract_canon_sha256":"25a167b394b2dbbc8d630ba3570a34e5359d47ba3203efe7fb41d680a91d55a5"},"schema_version":"1.0"},"canonical_sha256":"305a0f14dd6e1b6a78646b6cc9bb7bd54e0e5c2d1b185abd9ff8439725eb4968","receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-05-17T23:59:21.734956Z","signature_b64":"L5epc0D19zOk8wmAd32LYEuyPPEERWJpf8u+cOE8pCsl50Nzqs56ixL8+VWH5mFRQGvqrOtPL680at+ryyTmBg==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"305a0f14dd6e1b6a78646b6cc9bb7bd54e0e5c2d1b185abd9ff8439725eb4968","last_reissued_at":"2026-05-17T23:59:21.734602Z","signature_status":"signed_v1","first_computed_at":"2026-05-17T23:59:21.734602Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"source_kind":"arxiv","source_id":"1812.00257","source_version":1,"attestation_state":"computed"},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-17T23:59:21Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"FpvPx8ekMGDKzHgjmkxk+tTfppQR4jSKNamq9XC+NeWyrTQe8gcIdoNZUXpGfhSZmkxuAc7SeF5AVGmvodWLAA==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-06-27T15:08:39.649641Z"},"content_sha256":"68bef6b046f330a0b8a5f3f3e51df64089c8d9d4805c5bdf07c077e25ddfbed9","schema_version":"1.0","event_id":"sha256:68bef6b046f330a0b8a5f3f3e51df64089c8d9d4805c5bdf07c077e25ddfbed9"},{"event_type":"graph_snapshot","subject_pith_number":"pith:2018:GBNA6FG5NYNWU6DENNWMTO332V","target":"graph","payload":{"graph_snapshot":{"paper":{"title":"AnyThreat: An Opportunistic Knowledge Discovery Approach to Insider Threat Detection","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":["cs.CR","stat.ML"],"primary_cat":"cs.LG","authors_text":"Diana Haidar, Mohamed Medhat Gaber, Yevgeniya Kovalchuk","submitted_at":"2018-12-01T20:20:49Z","abstract_excerpt":"Insider threat detection is getting an increased concern from academia, industry, and governments due to the growing number of malicious insider incidents. The existing approaches proposed for detecting insider threats still have a common shortcoming, which is the high number of false alarms (false positives). The challenge in these approaches is that it is essential to detect all anomalous behaviours which belong to a particular threat. To address this shortcoming, we propose an opportunistic knowledge discovery system, namely AnyThreat, with the aim to detect any anomalous behaviour in all m"},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1812.00257","kind":"arxiv","version":1},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"verdict_id":null},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-17T23:59:21Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"XVhqbDh1Li8a4m4MAbR6MTy63X3Qvyeopww6KXAWTbHCZJjxqf3x+1rcQWPURZjz9Gx/ubl13KT1NnJmXvkFBw==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-06-27T15:08:39.649980Z"},"content_sha256":"0bfa28f167a782134839820a88a9a6aaf55d61fadb6a228d93d3a516e76b919b","schema_version":"1.0","event_id":"sha256:0bfa28f167a782134839820a88a9a6aaf55d61fadb6a228d93d3a516e76b919b"}],"timestamp_proofs":[],"mirror_hints":[{"mirror_type":"https","name":"Pith Resolver","base_url":"https://pith.science","bundle_url":"https://pith.science/pith/GBNA6FG5NYNWU6DENNWMTO332V/bundle.json","state_url":"https://pith.science/pith/GBNA6FG5NYNWU6DENNWMTO332V/state.json","well_known_bundle_url":"https://pith.science/.well-known/pith/GBNA6FG5NYNWU6DENNWMTO332V/bundle.json","status":"primary"}],"public_keys":[{"key_id":"pith-v1-2026-05","algorithm":"ed25519","format":"raw","public_key_b64":"stVStoiQhXFxp4s2pdzPNoqVNBMojDU/fJ2db5S3CbM=","public_key_hex":"b2d552b68890857171a78b36a5dccf368a953413288c353f7c9d9d6f94b709b3","fingerprint_sha256_b32_first128bits":"RVFV5Z2OI2J3ZUO7ERDEBCYNKS","fingerprint_sha256_hex":"8d4b5ee74e4693bcd1df2446408b0d54","rotates_at":null,"url":"https://pith.science/pith-signing-key.json","notes":"Pith uses this Ed25519 key to sign canonical record SHA-256 digests. Verify with: ed25519_verify(public_key, message=canonical_sha256_bytes, signature=base64decode(signature_b64))."}],"merge_version":"pith-open-graph-merge-v1","built_at":"2026-06-27T15:08:39Z","links":{"resolver":"https://pith.science/pith/GBNA6FG5NYNWU6DENNWMTO332V","bundle":"https://pith.science/pith/GBNA6FG5NYNWU6DENNWMTO332V/bundle.json","state":"https://pith.science/pith/GBNA6FG5NYNWU6DENNWMTO332V/state.json","well_known_bundle":"https://pith.science/.well-known/pith/GBNA6FG5NYNWU6DENNWMTO332V/bundle.json"},"state":{"state_type":"pith_open_graph_state","state_version":"1.0","pith_number":"pith:2018:GBNA6FG5NYNWU6DENNWMTO332V","merge_version":"pith-open-graph-merge-v1","event_count":2,"valid_event_count":2,"invalid_event_count":0,"equivocation_count":0,"current":{"canonical_record":{"metadata":{"abstract_canon_sha256":"25a167b394b2dbbc8d630ba3570a34e5359d47ba3203efe7fb41d680a91d55a5","cross_cats_sorted":["cs.CR","stat.ML"],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.LG","submitted_at":"2018-12-01T20:20:49Z","title_canon_sha256":"f436bfbfc7665497c45e171ff32fa08dbde51f7bef4d1ec171cead4217127401"},"schema_version":"1.0","source":{"id":"1812.00257","kind":"arxiv","version":1}},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1812.00257","created_at":"2026-05-17T23:59:21Z"},{"alias_kind":"arxiv_version","alias_value":"1812.00257v1","created_at":"2026-05-17T23:59:21Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1812.00257","created_at":"2026-05-17T23:59:21Z"},{"alias_kind":"pith_short_12","alias_value":"GBNA6FG5NYNW","created_at":"2026-05-18T12:32:25Z"},{"alias_kind":"pith_short_16","alias_value":"GBNA6FG5NYNWU6DE","created_at":"2026-05-18T12:32:25Z"},{"alias_kind":"pith_short_8","alias_value":"GBNA6FG5","created_at":"2026-05-18T12:32:25Z"}],"graph_snapshots":[{"event_id":"sha256:0bfa28f167a782134839820a88a9a6aaf55d61fadb6a228d93d3a516e76b919b","target":"graph","created_at":"2026-05-17T23:59:21Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"graph_snapshot":{"author_claims":{"count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","strong_count":0},"builder_version":"pith-number-builder-2026-05-17-v1","claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"paper":{"abstract_excerpt":"Insider threat detection is getting an increased concern from academia, industry, and governments due to the growing number of malicious insider incidents. The existing approaches proposed for detecting insider threats still have a common shortcoming, which is the high number of false alarms (false positives). The challenge in these approaches is that it is essential to detect all anomalous behaviours which belong to a particular threat. To address this shortcoming, we propose an opportunistic knowledge discovery system, namely AnyThreat, with the aim to detect any anomalous behaviour in all m","authors_text":"Diana Haidar, Mohamed Medhat Gaber, Yevgeniya Kovalchuk","cross_cats":["cs.CR","stat.ML"],"headline":"","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.LG","submitted_at":"2018-12-01T20:20:49Z","title":"AnyThreat: An Opportunistic Knowledge Discovery Approach to Insider Threat Detection"},"references":{"count":0,"internal_anchors":0,"resolved_work":0,"sample":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1812.00257","kind":"arxiv","version":1},"verdict":{"created_at":null,"id":null,"model_set":{},"one_line_summary":"","pipeline_version":null,"pith_extraction_headline":"","strongest_claim":"","weakest_assumption":""}},"verdict_id":null}}],"author_attestations":[],"timestamp_anchors":[],"storage_attestations":[],"citation_signatures":[],"replication_records":[],"corrections":[],"mirror_hints":[],"record_created":{"event_id":"sha256:68bef6b046f330a0b8a5f3f3e51df64089c8d9d4805c5bdf07c077e25ddfbed9","target":"record","created_at":"2026-05-17T23:59:21Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"attestation_state":"computed","canonical_record":{"metadata":{"abstract_canon_sha256":"25a167b394b2dbbc8d630ba3570a34e5359d47ba3203efe7fb41d680a91d55a5","cross_cats_sorted":["cs.CR","stat.ML"],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.LG","submitted_at":"2018-12-01T20:20:49Z","title_canon_sha256":"f436bfbfc7665497c45e171ff32fa08dbde51f7bef4d1ec171cead4217127401"},"schema_version":"1.0","source":{"id":"1812.00257","kind":"arxiv","version":1}},"canonical_sha256":"305a0f14dd6e1b6a78646b6cc9bb7bd54e0e5c2d1b185abd9ff8439725eb4968","receipt":{"algorithm":"ed25519","builder_version":"pith-number-builder-2026-05-17-v1","canonical_sha256":"305a0f14dd6e1b6a78646b6cc9bb7bd54e0e5c2d1b185abd9ff8439725eb4968","first_computed_at":"2026-05-17T23:59:21.734602Z","key_id":"pith-v1-2026-05","kind":"pith_receipt","last_reissued_at":"2026-05-17T23:59:21.734602Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","receipt_version":"0.3","signature_b64":"L5epc0D19zOk8wmAd32LYEuyPPEERWJpf8u+cOE8pCsl50Nzqs56ixL8+VWH5mFRQGvqrOtPL680at+ryyTmBg==","signature_status":"signed_v1","signed_at":"2026-05-17T23:59:21.734956Z","signed_message":"canonical_sha256_bytes"},"source_id":"1812.00257","source_kind":"arxiv","source_version":1}}},"equivocations":[],"invalid_events":[],"applied_event_ids":["sha256:68bef6b046f330a0b8a5f3f3e51df64089c8d9d4805c5bdf07c077e25ddfbed9","sha256:0bfa28f167a782134839820a88a9a6aaf55d61fadb6a228d93d3a516e76b919b"],"state_sha256":"f9cf86d9a6f259353ce0aaff0670ee11d056f87c5841a0b1dcbed34911f77927"},"bundle_signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"DMhpwy5rJ8cHCQ8Xf+Er79j/u0G6RN0xHFu233bumCen7/goGohQuvZQvEr4vBC772MddhOhKCDVvo3lnTqKCg==","signed_message":"bundle_sha256_bytes","signed_at":"2026-06-27T15:08:39.651848Z","bundle_sha256":"25b38a960b20dc929fdb98321490dfaf5dd4a373864f67f9a38fa8304bb9c6ab"}}