{"bundle_type":"pith_open_graph_bundle","bundle_version":"1.0","pith_number":"pith:2014:77GEGCXMLX3UG2NNBR2ET4CCY4","short_pith_number":"pith:77GEGCXM","canonical_record":{"source":{"id":"1410.2131","kind":"arxiv","version":1},"metadata":{"license":"http://creativecommons.org/licenses/publicdomain/","primary_cat":"cs.CR","submitted_at":"2014-10-08T14:19:16Z","cross_cats_sorted":[],"title_canon_sha256":"d3330b4ca0cdd8dc57e2d55bf0459aeee88ef474a3e0a37434189f1b2cb3e404","abstract_canon_sha256":"c2378fbffc34e90bdf8162cd1a3456cdb2aa5718f585c19976e4591acec93289"},"schema_version":"1.0"},"canonical_sha256":"ffcc430aec5df74369ad0c7449f042c71ac636001512c62e3bcb53b882e080f1","source":{"kind":"arxiv","id":"1410.2131","version":1},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1410.2131","created_at":"2026-05-18T02:40:48Z"},{"alias_kind":"arxiv_version","alias_value":"1410.2131v1","created_at":"2026-05-18T02:40:48Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1410.2131","created_at":"2026-05-18T02:40:48Z"},{"alias_kind":"pith_short_12","alias_value":"77GEGCXMLX3U","created_at":"2026-05-18T12:28:16Z"},{"alias_kind":"pith_short_16","alias_value":"77GEGCXMLX3UG2NN","created_at":"2026-05-18T12:28:16Z"},{"alias_kind":"pith_short_8","alias_value":"77GEGCXM","created_at":"2026-05-18T12:28:16Z"}],"events":[{"event_type":"record_created","subject_pith_number":"pith:2014:77GEGCXMLX3UG2NNBR2ET4CCY4","target":"record","payload":{"canonical_record":{"source":{"id":"1410.2131","kind":"arxiv","version":1},"metadata":{"license":"http://creativecommons.org/licenses/publicdomain/","primary_cat":"cs.CR","submitted_at":"2014-10-08T14:19:16Z","cross_cats_sorted":[],"title_canon_sha256":"d3330b4ca0cdd8dc57e2d55bf0459aeee88ef474a3e0a37434189f1b2cb3e404","abstract_canon_sha256":"c2378fbffc34e90bdf8162cd1a3456cdb2aa5718f585c19976e4591acec93289"},"schema_version":"1.0"},"canonical_sha256":"ffcc430aec5df74369ad0c7449f042c71ac636001512c62e3bcb53b882e080f1","receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-05-18T02:40:48.156914Z","signature_b64":"/+i77UvPjTCkhdKdWYXeDYaPwne2x3mql5msg0WpIDYcPC0S2PZrVHI/yu4lG3/BzI2w/eiw4wkkSubyWgJOAw==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"ffcc430aec5df74369ad0c7449f042c71ac636001512c62e3bcb53b882e080f1","last_reissued_at":"2026-05-18T02:40:48.156444Z","signature_status":"signed_v1","first_computed_at":"2026-05-18T02:40:48.156444Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"source_kind":"arxiv","source_id":"1410.2131","source_version":1,"attestation_state":"computed"},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T02:40:48Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"d556Whq5WqzxDY35s6zb/dvkOj3hZRGrLbAHVHJhIpLribmdUCfDsAZ2SF/+anIK6L/RwNa5A7CkdS2NLvJuBw==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-07-02T23:28:44.736247Z"},"content_sha256":"510a0f38fc72b0b12256079ceef02da8689c68e5902023823fa266b31f04ec1f","schema_version":"1.0","event_id":"sha256:510a0f38fc72b0b12256079ceef02da8689c68e5902023823fa266b31f04ec1f"},{"event_type":"graph_snapshot","subject_pith_number":"pith:2014:77GEGCXMLX3UG2NNBR2ET4CCY4","target":"graph","payload":{"graph_snapshot":{"paper":{"title":"A Framework for Analysis and Comparison of Dynamic Malware Analysis Tools","license":"http://creativecommons.org/licenses/publicdomain/","headline":"","cross_cats":[],"primary_cat":"cs.CR","authors_text":"Waqas Aman","submitted_at":"2014-10-08T14:19:16Z","abstract_excerpt":"Malware writers have employed various obfuscation and polymorphism techniques to thwart static analysis approaches and bypassing antivirus tools. Dynamic analysis techniques, however, have essentially overcome these deceits by observing the actual behaviour of the code execution. In this regard, various methods, techniques and tools have been proposed. However, because of the diverse concepts and strategies used in the implementation of these methods and tools, security researchers and malware analysts find it difficult to select the required optimum tool to investigate the behaviour of a malw"},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1410.2131","kind":"arxiv","version":1},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"verdict_id":null},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T02:40:48Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"0ux7RG68ptXBd5ZxZCuYahA1Qp4BtKWdRrCxi//nlZJxgPoEtdc9busfzeYIXO/O8Qay8EC8PpJfEEstDDbAAw==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-07-02T23:28:44.736609Z"},"content_sha256":"42c70938a56d252739e5d120d49b2b822e864d550a9a8d315e50791c4da50f41","schema_version":"1.0","event_id":"sha256:42c70938a56d252739e5d120d49b2b822e864d550a9a8d315e50791c4da50f41"}],"timestamp_proofs":[],"mirror_hints":[{"mirror_type":"https","name":"Pith Resolver","base_url":"https://pith.science","bundle_url":"https://pith.science/pith/77GEGCXMLX3UG2NNBR2ET4CCY4/bundle.json","state_url":"https://pith.science/pith/77GEGCXMLX3UG2NNBR2ET4CCY4/state.json","well_known_bundle_url":"https://pith.science/.well-known/pith/77GEGCXMLX3UG2NNBR2ET4CCY4/bundle.json","status":"primary"}],"public_keys":[{"key_id":"pith-v1-2026-05","algorithm":"ed25519","format":"raw","public_key_b64":"stVStoiQhXFxp4s2pdzPNoqVNBMojDU/fJ2db5S3CbM=","public_key_hex":"b2d552b68890857171a78b36a5dccf368a953413288c353f7c9d9d6f94b709b3","fingerprint_sha256_b32_first128bits":"RVFV5Z2OI2J3ZUO7ERDEBCYNKS","fingerprint_sha256_hex":"8d4b5ee74e4693bcd1df2446408b0d54","rotates_at":null,"url":"https://pith.science/pith-signing-key.json","notes":"Pith uses this Ed25519 key to sign canonical record SHA-256 digests. Verify with: ed25519_verify(public_key, message=canonical_sha256_bytes, signature=base64decode(signature_b64))."}],"merge_version":"pith-open-graph-merge-v1","built_at":"2026-07-02T23:28:44Z","links":{"resolver":"https://pith.science/pith/77GEGCXMLX3UG2NNBR2ET4CCY4","bundle":"https://pith.science/pith/77GEGCXMLX3UG2NNBR2ET4CCY4/bundle.json","state":"https://pith.science/pith/77GEGCXMLX3UG2NNBR2ET4CCY4/state.json","well_known_bundle":"https://pith.science/.well-known/pith/77GEGCXMLX3UG2NNBR2ET4CCY4/bundle.json"},"state":{"state_type":"pith_open_graph_state","state_version":"1.0","pith_number":"pith:2014:77GEGCXMLX3UG2NNBR2ET4CCY4","merge_version":"pith-open-graph-merge-v1","event_count":2,"valid_event_count":2,"invalid_event_count":0,"equivocation_count":0,"current":{"canonical_record":{"metadata":{"abstract_canon_sha256":"c2378fbffc34e90bdf8162cd1a3456cdb2aa5718f585c19976e4591acec93289","cross_cats_sorted":[],"license":"http://creativecommons.org/licenses/publicdomain/","primary_cat":"cs.CR","submitted_at":"2014-10-08T14:19:16Z","title_canon_sha256":"d3330b4ca0cdd8dc57e2d55bf0459aeee88ef474a3e0a37434189f1b2cb3e404"},"schema_version":"1.0","source":{"id":"1410.2131","kind":"arxiv","version":1}},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1410.2131","created_at":"2026-05-18T02:40:48Z"},{"alias_kind":"arxiv_version","alias_value":"1410.2131v1","created_at":"2026-05-18T02:40:48Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1410.2131","created_at":"2026-05-18T02:40:48Z"},{"alias_kind":"pith_short_12","alias_value":"77GEGCXMLX3U","created_at":"2026-05-18T12:28:16Z"},{"alias_kind":"pith_short_16","alias_value":"77GEGCXMLX3UG2NN","created_at":"2026-05-18T12:28:16Z"},{"alias_kind":"pith_short_8","alias_value":"77GEGCXM","created_at":"2026-05-18T12:28:16Z"}],"graph_snapshots":[{"event_id":"sha256:42c70938a56d252739e5d120d49b2b822e864d550a9a8d315e50791c4da50f41","target":"graph","created_at":"2026-05-18T02:40:48Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"graph_snapshot":{"author_claims":{"count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","strong_count":0},"builder_version":"pith-number-builder-2026-05-17-v1","claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"paper":{"abstract_excerpt":"Malware writers have employed various obfuscation and polymorphism techniques to thwart static analysis approaches and bypassing antivirus tools. Dynamic analysis techniques, however, have essentially overcome these deceits by observing the actual behaviour of the code execution. In this regard, various methods, techniques and tools have been proposed. However, because of the diverse concepts and strategies used in the implementation of these methods and tools, security researchers and malware analysts find it difficult to select the required optimum tool to investigate the behaviour of a malw","authors_text":"Waqas Aman","cross_cats":[],"headline":"","license":"http://creativecommons.org/licenses/publicdomain/","primary_cat":"cs.CR","submitted_at":"2014-10-08T14:19:16Z","title":"A Framework for Analysis and Comparison of Dynamic Malware Analysis Tools"},"references":{"count":0,"internal_anchors":0,"resolved_work":0,"sample":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1410.2131","kind":"arxiv","version":1},"verdict":{"created_at":null,"id":null,"model_set":{},"one_line_summary":"","pipeline_version":null,"pith_extraction_headline":"","strongest_claim":"","weakest_assumption":""}},"verdict_id":null}}],"author_attestations":[],"timestamp_anchors":[],"storage_attestations":[],"citation_signatures":[],"replication_records":[],"corrections":[],"mirror_hints":[],"record_created":{"event_id":"sha256:510a0f38fc72b0b12256079ceef02da8689c68e5902023823fa266b31f04ec1f","target":"record","created_at":"2026-05-18T02:40:48Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"attestation_state":"computed","canonical_record":{"metadata":{"abstract_canon_sha256":"c2378fbffc34e90bdf8162cd1a3456cdb2aa5718f585c19976e4591acec93289","cross_cats_sorted":[],"license":"http://creativecommons.org/licenses/publicdomain/","primary_cat":"cs.CR","submitted_at":"2014-10-08T14:19:16Z","title_canon_sha256":"d3330b4ca0cdd8dc57e2d55bf0459aeee88ef474a3e0a37434189f1b2cb3e404"},"schema_version":"1.0","source":{"id":"1410.2131","kind":"arxiv","version":1}},"canonical_sha256":"ffcc430aec5df74369ad0c7449f042c71ac636001512c62e3bcb53b882e080f1","receipt":{"algorithm":"ed25519","builder_version":"pith-number-builder-2026-05-17-v1","canonical_sha256":"ffcc430aec5df74369ad0c7449f042c71ac636001512c62e3bcb53b882e080f1","first_computed_at":"2026-05-18T02:40:48.156444Z","key_id":"pith-v1-2026-05","kind":"pith_receipt","last_reissued_at":"2026-05-18T02:40:48.156444Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","receipt_version":"0.3","signature_b64":"/+i77UvPjTCkhdKdWYXeDYaPwne2x3mql5msg0WpIDYcPC0S2PZrVHI/yu4lG3/BzI2w/eiw4wkkSubyWgJOAw==","signature_status":"signed_v1","signed_at":"2026-05-18T02:40:48.156914Z","signed_message":"canonical_sha256_bytes"},"source_id":"1410.2131","source_kind":"arxiv","source_version":1}}},"equivocations":[],"invalid_events":[],"applied_event_ids":["sha256:510a0f38fc72b0b12256079ceef02da8689c68e5902023823fa266b31f04ec1f","sha256:42c70938a56d252739e5d120d49b2b822e864d550a9a8d315e50791c4da50f41"],"state_sha256":"55ee3aa35b227ff987f6614728cd8f1a71e3784c78e4b049f003563547349572"},"bundle_signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"YkMjNTQ96WqFYcFahG2p1eRCOqqDCuAk6e6crjjjRhHBkx5URoDQmp4WSBAHZs0tG4BMpEiDnUUV7UhnVRzZBg==","signed_message":"bundle_sha256_bytes","signed_at":"2026-07-02T23:28:44.738603Z","bundle_sha256":"092051bf2d14454892b16c87f6aae9cc063583b5c1fc03223a028ea3a62749ee"}}