{"bundle_type":"pith_open_graph_bundle","bundle_version":"1.0","pith_number":"pith:2016:EDNFUGENA3GZ72XF5WVQ5RU4BI","short_pith_number":"pith:EDNFUGEN","canonical_record":{"source":{"id":"1609.03322","kind":"arxiv","version":2},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2016-09-12T09:33:37Z","cross_cats_sorted":[],"title_canon_sha256":"81f88984952ba8cd2af388c94b9d1620d7f7d3553dc0d4c057c1c94aa0921380","abstract_canon_sha256":"828177a861314fb47419d998de023a084b5ac66045283f0da35a4ce7f46b9dc2"},"schema_version":"1.0"},"canonical_sha256":"20da5a188d06cd9feae5edab0ec69c0a08ddc48db780d3e097063c17e498521d","source":{"kind":"arxiv","id":"1609.03322","version":2},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1609.03322","created_at":"2026-05-18T01:04:42Z"},{"alias_kind":"arxiv_version","alias_value":"1609.03322v2","created_at":"2026-05-18T01:04:42Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1609.03322","created_at":"2026-05-18T01:04:42Z"},{"alias_kind":"pith_short_12","alias_value":"EDNFUGENA3GZ","created_at":"2026-05-18T12:30:12Z"},{"alias_kind":"pith_short_16","alias_value":"EDNFUGENA3GZ72XF","created_at":"2026-05-18T12:30:12Z"},{"alias_kind":"pith_short_8","alias_value":"EDNFUGEN","created_at":"2026-05-18T12:30:12Z"}],"events":[{"event_type":"record_created","subject_pith_number":"pith:2016:EDNFUGENA3GZ72XF5WVQ5RU4BI","target":"record","payload":{"canonical_record":{"source":{"id":"1609.03322","kind":"arxiv","version":2},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2016-09-12T09:33:37Z","cross_cats_sorted":[],"title_canon_sha256":"81f88984952ba8cd2af388c94b9d1620d7f7d3553dc0d4c057c1c94aa0921380","abstract_canon_sha256":"828177a861314fb47419d998de023a084b5ac66045283f0da35a4ce7f46b9dc2"},"schema_version":"1.0"},"canonical_sha256":"20da5a188d06cd9feae5edab0ec69c0a08ddc48db780d3e097063c17e498521d","receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-05-18T01:04:42.817898Z","signature_b64":"wrNKHWwi8MpC0SDmb6DZ31q61OFvdrErTrmkRH8wi6Fle2nETxcW0Zj+tslPpDo3eXDrSKZ5xuSRbswWyV9OAA==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"20da5a188d06cd9feae5edab0ec69c0a08ddc48db780d3e097063c17e498521d","last_reissued_at":"2026-05-18T01:04:42.817466Z","signature_status":"signed_v1","first_computed_at":"2026-05-18T01:04:42.817466Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"source_kind":"arxiv","source_id":"1609.03322","source_version":2,"attestation_state":"computed"},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T01:04:42Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"4Q6xxV7n9zNiZTG/ZFtdh15J2JmIBACSDwrEj69IIAvDbWeF8HOG25gZcNLr8OZa4X3yErvLwqRZLAsuVu0UBQ==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-07-05T02:45:39.386418Z"},"content_sha256":"f70773b66e1b3e2ab351956b9f8878c73dd3751c23ffbd4331dcd3baf7652da3","schema_version":"1.0","event_id":"sha256:f70773b66e1b3e2ab351956b9f8878c73dd3751c23ffbd4331dcd3baf7652da3"},{"event_type":"graph_snapshot","subject_pith_number":"pith:2016:EDNFUGENA3GZ72XF5WVQ5RU4BI","target":"graph","payload":{"graph_snapshot":{"paper":{"title":"SecComp: Towards Practically Defending Against Component Hijacking in Android Applications","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":[],"primary_cat":"cs.CR","authors_text":"Daoyuan Wu, Debin Gao, Robert H. Deng, Yingjiu Li","submitted_at":"2016-09-12T09:33:37Z","abstract_excerpt":"Cross-app collaboration via inter-component communication is a fundamental mechanism on Android. Although it brings the benefits such as functionality reuse and data sharing, a threat called component hijacking is also introduced. By hijacking a vulnerable component in victim apps, an attack app can escalate its privilege for originally prohibited operations. Many prior studies have been performed to understand and mitigate this issue, but component hijacking remains a serious open problem in the Android ecosystem due to no effective defense deployed in the wild. In this paper, we present our "},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1609.03322","kind":"arxiv","version":2},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"verdict_id":null},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T01:04:42Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"X82vdrix4wFaB84LplD3MPkYzfbwzOtEgaYFeqWJqI3dDJhr+ajEbHdZBGfdlsCJW7oBIOzy09Fzq02uT/L2CQ==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-07-05T02:45:39.386754Z"},"content_sha256":"266d5d6c83fd27bbb3e6851e04bee20b16b9b332479ad4444afcda0b9789fbe1","schema_version":"1.0","event_id":"sha256:266d5d6c83fd27bbb3e6851e04bee20b16b9b332479ad4444afcda0b9789fbe1"}],"timestamp_proofs":[],"mirror_hints":[{"mirror_type":"https","name":"Pith Resolver","base_url":"https://pith.science","bundle_url":"https://pith.science/pith/EDNFUGENA3GZ72XF5WVQ5RU4BI/bundle.json","state_url":"https://pith.science/pith/EDNFUGENA3GZ72XF5WVQ5RU4BI/state.json","well_known_bundle_url":"https://pith.science/.well-known/pith/EDNFUGENA3GZ72XF5WVQ5RU4BI/bundle.json","status":"primary"}],"public_keys":[{"key_id":"pith-v1-2026-05","algorithm":"ed25519","format":"raw","public_key_b64":"stVStoiQhXFxp4s2pdzPNoqVNBMojDU/fJ2db5S3CbM=","public_key_hex":"b2d552b68890857171a78b36a5dccf368a953413288c353f7c9d9d6f94b709b3","fingerprint_sha256_b32_first128bits":"RVFV5Z2OI2J3ZUO7ERDEBCYNKS","fingerprint_sha256_hex":"8d4b5ee74e4693bcd1df2446408b0d54","rotates_at":null,"url":"https://pith.science/pith-signing-key.json","notes":"Pith uses this Ed25519 key to sign canonical record SHA-256 digests. Verify with: ed25519_verify(public_key, message=canonical_sha256_bytes, signature=base64decode(signature_b64))."}],"merge_version":"pith-open-graph-merge-v1","built_at":"2026-07-05T02:45:39Z","links":{"resolver":"https://pith.science/pith/EDNFUGENA3GZ72XF5WVQ5RU4BI","bundle":"https://pith.science/pith/EDNFUGENA3GZ72XF5WVQ5RU4BI/bundle.json","state":"https://pith.science/pith/EDNFUGENA3GZ72XF5WVQ5RU4BI/state.json","well_known_bundle":"https://pith.science/.well-known/pith/EDNFUGENA3GZ72XF5WVQ5RU4BI/bundle.json"},"state":{"state_type":"pith_open_graph_state","state_version":"1.0","pith_number":"pith:2016:EDNFUGENA3GZ72XF5WVQ5RU4BI","merge_version":"pith-open-graph-merge-v1","event_count":2,"valid_event_count":2,"invalid_event_count":0,"equivocation_count":0,"current":{"canonical_record":{"metadata":{"abstract_canon_sha256":"828177a861314fb47419d998de023a084b5ac66045283f0da35a4ce7f46b9dc2","cross_cats_sorted":[],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2016-09-12T09:33:37Z","title_canon_sha256":"81f88984952ba8cd2af388c94b9d1620d7f7d3553dc0d4c057c1c94aa0921380"},"schema_version":"1.0","source":{"id":"1609.03322","kind":"arxiv","version":2}},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1609.03322","created_at":"2026-05-18T01:04:42Z"},{"alias_kind":"arxiv_version","alias_value":"1609.03322v2","created_at":"2026-05-18T01:04:42Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1609.03322","created_at":"2026-05-18T01:04:42Z"},{"alias_kind":"pith_short_12","alias_value":"EDNFUGENA3GZ","created_at":"2026-05-18T12:30:12Z"},{"alias_kind":"pith_short_16","alias_value":"EDNFUGENA3GZ72XF","created_at":"2026-05-18T12:30:12Z"},{"alias_kind":"pith_short_8","alias_value":"EDNFUGEN","created_at":"2026-05-18T12:30:12Z"}],"graph_snapshots":[{"event_id":"sha256:266d5d6c83fd27bbb3e6851e04bee20b16b9b332479ad4444afcda0b9789fbe1","target":"graph","created_at":"2026-05-18T01:04:42Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"graph_snapshot":{"author_claims":{"count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","strong_count":0},"builder_version":"pith-number-builder-2026-05-17-v1","claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"paper":{"abstract_excerpt":"Cross-app collaboration via inter-component communication is a fundamental mechanism on Android. Although it brings the benefits such as functionality reuse and data sharing, a threat called component hijacking is also introduced. By hijacking a vulnerable component in victim apps, an attack app can escalate its privilege for originally prohibited operations. Many prior studies have been performed to understand and mitigate this issue, but component hijacking remains a serious open problem in the Android ecosystem due to no effective defense deployed in the wild. In this paper, we present our ","authors_text":"Daoyuan Wu, Debin Gao, Robert H. Deng, Yingjiu Li","cross_cats":[],"headline":"","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2016-09-12T09:33:37Z","title":"SecComp: Towards Practically Defending Against Component Hijacking in Android Applications"},"references":{"count":0,"internal_anchors":0,"resolved_work":0,"sample":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1609.03322","kind":"arxiv","version":2},"verdict":{"created_at":null,"id":null,"model_set":{},"one_line_summary":"","pipeline_version":null,"pith_extraction_headline":"","strongest_claim":"","weakest_assumption":""}},"verdict_id":null}}],"author_attestations":[],"timestamp_anchors":[],"storage_attestations":[],"citation_signatures":[],"replication_records":[],"corrections":[],"mirror_hints":[],"record_created":{"event_id":"sha256:f70773b66e1b3e2ab351956b9f8878c73dd3751c23ffbd4331dcd3baf7652da3","target":"record","created_at":"2026-05-18T01:04:42Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"attestation_state":"computed","canonical_record":{"metadata":{"abstract_canon_sha256":"828177a861314fb47419d998de023a084b5ac66045283f0da35a4ce7f46b9dc2","cross_cats_sorted":[],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2016-09-12T09:33:37Z","title_canon_sha256":"81f88984952ba8cd2af388c94b9d1620d7f7d3553dc0d4c057c1c94aa0921380"},"schema_version":"1.0","source":{"id":"1609.03322","kind":"arxiv","version":2}},"canonical_sha256":"20da5a188d06cd9feae5edab0ec69c0a08ddc48db780d3e097063c17e498521d","receipt":{"algorithm":"ed25519","builder_version":"pith-number-builder-2026-05-17-v1","canonical_sha256":"20da5a188d06cd9feae5edab0ec69c0a08ddc48db780d3e097063c17e498521d","first_computed_at":"2026-05-18T01:04:42.817466Z","key_id":"pith-v1-2026-05","kind":"pith_receipt","last_reissued_at":"2026-05-18T01:04:42.817466Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","receipt_version":"0.3","signature_b64":"wrNKHWwi8MpC0SDmb6DZ31q61OFvdrErTrmkRH8wi6Fle2nETxcW0Zj+tslPpDo3eXDrSKZ5xuSRbswWyV9OAA==","signature_status":"signed_v1","signed_at":"2026-05-18T01:04:42.817898Z","signed_message":"canonical_sha256_bytes"},"source_id":"1609.03322","source_kind":"arxiv","source_version":2}}},"equivocations":[],"invalid_events":[],"applied_event_ids":["sha256:f70773b66e1b3e2ab351956b9f8878c73dd3751c23ffbd4331dcd3baf7652da3","sha256:266d5d6c83fd27bbb3e6851e04bee20b16b9b332479ad4444afcda0b9789fbe1"],"state_sha256":"cfcf87d20a32ea5a97e9b99c4ef43401e614a3d4e21a9667cd7746da00c366c7"},"bundle_signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"PyYoG3bey6gIIuM924EDlmgnSz1icu9KFjOR6uCssoGey8cdPjt/ds2IazQYvT6sggctrDYmhhpGp4beoQZLDA==","signed_message":"bundle_sha256_bytes","signed_at":"2026-07-05T02:45:39.388596Z","bundle_sha256":"2a5809ac88daa3d611df7c10ee8151a6e8f1d521db0c68a32da9defd6ed0bc58"}}