{"bundle_type":"pith_open_graph_bundle","bundle_version":"1.0","pith_number":"pith:2016:UG3TB5X7RAWG3DWDPNZWJUQHHH","short_pith_number":"pith:UG3TB5X7","canonical_record":{"source":{"id":"1602.04693","kind":"arxiv","version":2},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2016-02-15T14:26:20Z","cross_cats_sorted":[],"title_canon_sha256":"78a21db2f6c9dafa5d244dc8688366e0691968731998a2eaf592e5566e8064f0","abstract_canon_sha256":"28dd6092c032888038366645066286a6083723d8d8dcc6418c2327d620130e8a"},"schema_version":"1.0"},"canonical_sha256":"a1b730f6ff882c6d8ec37b7364d20739d749c6f3bf44c54ce405bef682973e45","source":{"kind":"arxiv","id":"1602.04693","version":2},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1602.04693","created_at":"2026-05-18T01:20:16Z"},{"alias_kind":"arxiv_version","alias_value":"1602.04693v2","created_at":"2026-05-18T01:20:16Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1602.04693","created_at":"2026-05-18T01:20:16Z"},{"alias_kind":"pith_short_12","alias_value":"UG3TB5X7RAWG","created_at":"2026-05-18T12:30:46Z"},{"alias_kind":"pith_short_16","alias_value":"UG3TB5X7RAWG3DWD","created_at":"2026-05-18T12:30:46Z"},{"alias_kind":"pith_short_8","alias_value":"UG3TB5X7","created_at":"2026-05-18T12:30:46Z"}],"events":[{"event_type":"record_created","subject_pith_number":"pith:2016:UG3TB5X7RAWG3DWDPNZWJUQHHH","target":"record","payload":{"canonical_record":{"source":{"id":"1602.04693","kind":"arxiv","version":2},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2016-02-15T14:26:20Z","cross_cats_sorted":[],"title_canon_sha256":"78a21db2f6c9dafa5d244dc8688366e0691968731998a2eaf592e5566e8064f0","abstract_canon_sha256":"28dd6092c032888038366645066286a6083723d8d8dcc6418c2327d620130e8a"},"schema_version":"1.0"},"canonical_sha256":"a1b730f6ff882c6d8ec37b7364d20739d749c6f3bf44c54ce405bef682973e45","receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-05-18T01:20:16.123680Z","signature_b64":"777uw9Qa92KDIMrx97sRpmS3j/ruDb5hoK58qoLZNaygoaHCNVw+iM0UPJGyUPz1dT/Dz6YzukOsfHiRn10cAg==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"a1b730f6ff882c6d8ec37b7364d20739d749c6f3bf44c54ce405bef682973e45","last_reissued_at":"2026-05-18T01:20:16.123077Z","signature_status":"signed_v1","first_computed_at":"2026-05-18T01:20:16.123077Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"source_kind":"arxiv","source_id":"1602.04693","source_version":2,"attestation_state":"computed"},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T01:20:16Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"5kNq6qTXUJcz575lZhOqMQ9oMmVmeV9+D9qszXAbLzKXZGv0ZOZuiayS2a9MMP/J71oVBa/rKlJMgrW7IWm1AQ==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-06-26T11:42:38.297135Z"},"content_sha256":"7f6a3ff9c4ce523f2224f609814672ae2a77c0bde68b2a7f2ed4013ba66dc276","schema_version":"1.0","event_id":"sha256:7f6a3ff9c4ce523f2224f609814672ae2a77c0bde68b2a7f2ed4013ba66dc276"},{"event_type":"graph_snapshot","subject_pith_number":"pith:2016:UG3TB5X7RAWG3DWDPNZWJUQHHH","target":"graph","payload":{"graph_snapshot":{"paper":{"title":"DroidNative: Semantic-Based Detection of Android Native Code Malware","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":[],"primary_cat":"cs.CR","authors_text":"Ryan Riley, Shahid Alam, Vaibhav Rastogi, Yan Chen, Zhengyang Qu","submitted_at":"2016-02-15T14:26:20Z","abstract_excerpt":"According to the Symantec and F-Secure threat reports, mobile malware development in 2013 and 2014 has continued to focus almost exclusively ~99% on the Android platform. Malware writers are applying stealthy mutations (obfuscations) to create malware variants, thwarting detection by signature based detectors. In addition, the plethora of more sophisticated detectors making use of static analysis techniques to detect such variants operate only at the bytecode level, meaning that malware embedded in native code goes undetected. A recent study shows that 86% of the most popular Android applicati"},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1602.04693","kind":"arxiv","version":2},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"verdict_id":null},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T01:20:16Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"xRasMiPURlSNr51PJ0GGrezNY8NNFL076h14Lh45qBAMeQC3h8BeI/7Dd40GO3vmHBUsej4QKNGJEELUDutfAg==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-06-26T11:42:38.297496Z"},"content_sha256":"95895f8244bbb8d5db918b72007c8faad339fb6ded827f6b7e11772a8d3b59f1","schema_version":"1.0","event_id":"sha256:95895f8244bbb8d5db918b72007c8faad339fb6ded827f6b7e11772a8d3b59f1"}],"timestamp_proofs":[],"mirror_hints":[{"mirror_type":"https","name":"Pith Resolver","base_url":"https://pith.science","bundle_url":"https://pith.science/pith/UG3TB5X7RAWG3DWDPNZWJUQHHH/bundle.json","state_url":"https://pith.science/pith/UG3TB5X7RAWG3DWDPNZWJUQHHH/state.json","well_known_bundle_url":"https://pith.science/.well-known/pith/UG3TB5X7RAWG3DWDPNZWJUQHHH/bundle.json","status":"primary"}],"public_keys":[{"key_id":"pith-v1-2026-05","algorithm":"ed25519","format":"raw","public_key_b64":"stVStoiQhXFxp4s2pdzPNoqVNBMojDU/fJ2db5S3CbM=","public_key_hex":"b2d552b68890857171a78b36a5dccf368a953413288c353f7c9d9d6f94b709b3","fingerprint_sha256_b32_first128bits":"RVFV5Z2OI2J3ZUO7ERDEBCYNKS","fingerprint_sha256_hex":"8d4b5ee74e4693bcd1df2446408b0d54","rotates_at":null,"url":"https://pith.science/pith-signing-key.json","notes":"Pith uses this Ed25519 key to sign canonical record SHA-256 digests. Verify with: ed25519_verify(public_key, message=canonical_sha256_bytes, signature=base64decode(signature_b64))."}],"merge_version":"pith-open-graph-merge-v1","built_at":"2026-06-26T11:42:38Z","links":{"resolver":"https://pith.science/pith/UG3TB5X7RAWG3DWDPNZWJUQHHH","bundle":"https://pith.science/pith/UG3TB5X7RAWG3DWDPNZWJUQHHH/bundle.json","state":"https://pith.science/pith/UG3TB5X7RAWG3DWDPNZWJUQHHH/state.json","well_known_bundle":"https://pith.science/.well-known/pith/UG3TB5X7RAWG3DWDPNZWJUQHHH/bundle.json"},"state":{"state_type":"pith_open_graph_state","state_version":"1.0","pith_number":"pith:2016:UG3TB5X7RAWG3DWDPNZWJUQHHH","merge_version":"pith-open-graph-merge-v1","event_count":2,"valid_event_count":2,"invalid_event_count":0,"equivocation_count":0,"current":{"canonical_record":{"metadata":{"abstract_canon_sha256":"28dd6092c032888038366645066286a6083723d8d8dcc6418c2327d620130e8a","cross_cats_sorted":[],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2016-02-15T14:26:20Z","title_canon_sha256":"78a21db2f6c9dafa5d244dc8688366e0691968731998a2eaf592e5566e8064f0"},"schema_version":"1.0","source":{"id":"1602.04693","kind":"arxiv","version":2}},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1602.04693","created_at":"2026-05-18T01:20:16Z"},{"alias_kind":"arxiv_version","alias_value":"1602.04693v2","created_at":"2026-05-18T01:20:16Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1602.04693","created_at":"2026-05-18T01:20:16Z"},{"alias_kind":"pith_short_12","alias_value":"UG3TB5X7RAWG","created_at":"2026-05-18T12:30:46Z"},{"alias_kind":"pith_short_16","alias_value":"UG3TB5X7RAWG3DWD","created_at":"2026-05-18T12:30:46Z"},{"alias_kind":"pith_short_8","alias_value":"UG3TB5X7","created_at":"2026-05-18T12:30:46Z"}],"graph_snapshots":[{"event_id":"sha256:95895f8244bbb8d5db918b72007c8faad339fb6ded827f6b7e11772a8d3b59f1","target":"graph","created_at":"2026-05-18T01:20:16Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"graph_snapshot":{"author_claims":{"count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","strong_count":0},"builder_version":"pith-number-builder-2026-05-17-v1","claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"paper":{"abstract_excerpt":"According to the Symantec and F-Secure threat reports, mobile malware development in 2013 and 2014 has continued to focus almost exclusively ~99% on the Android platform. Malware writers are applying stealthy mutations (obfuscations) to create malware variants, thwarting detection by signature based detectors. In addition, the plethora of more sophisticated detectors making use of static analysis techniques to detect such variants operate only at the bytecode level, meaning that malware embedded in native code goes undetected. A recent study shows that 86% of the most popular Android applicati","authors_text":"Ryan Riley, Shahid Alam, Vaibhav Rastogi, Yan Chen, Zhengyang Qu","cross_cats":[],"headline":"","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2016-02-15T14:26:20Z","title":"DroidNative: Semantic-Based Detection of Android Native Code Malware"},"references":{"count":0,"internal_anchors":0,"resolved_work":0,"sample":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1602.04693","kind":"arxiv","version":2},"verdict":{"created_at":null,"id":null,"model_set":{},"one_line_summary":"","pipeline_version":null,"pith_extraction_headline":"","strongest_claim":"","weakest_assumption":""}},"verdict_id":null}}],"author_attestations":[],"timestamp_anchors":[],"storage_attestations":[],"citation_signatures":[],"replication_records":[],"corrections":[],"mirror_hints":[],"record_created":{"event_id":"sha256:7f6a3ff9c4ce523f2224f609814672ae2a77c0bde68b2a7f2ed4013ba66dc276","target":"record","created_at":"2026-05-18T01:20:16Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"attestation_state":"computed","canonical_record":{"metadata":{"abstract_canon_sha256":"28dd6092c032888038366645066286a6083723d8d8dcc6418c2327d620130e8a","cross_cats_sorted":[],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2016-02-15T14:26:20Z","title_canon_sha256":"78a21db2f6c9dafa5d244dc8688366e0691968731998a2eaf592e5566e8064f0"},"schema_version":"1.0","source":{"id":"1602.04693","kind":"arxiv","version":2}},"canonical_sha256":"a1b730f6ff882c6d8ec37b7364d20739d749c6f3bf44c54ce405bef682973e45","receipt":{"algorithm":"ed25519","builder_version":"pith-number-builder-2026-05-17-v1","canonical_sha256":"a1b730f6ff882c6d8ec37b7364d20739d749c6f3bf44c54ce405bef682973e45","first_computed_at":"2026-05-18T01:20:16.123077Z","key_id":"pith-v1-2026-05","kind":"pith_receipt","last_reissued_at":"2026-05-18T01:20:16.123077Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","receipt_version":"0.3","signature_b64":"777uw9Qa92KDIMrx97sRpmS3j/ruDb5hoK58qoLZNaygoaHCNVw+iM0UPJGyUPz1dT/Dz6YzukOsfHiRn10cAg==","signature_status":"signed_v1","signed_at":"2026-05-18T01:20:16.123680Z","signed_message":"canonical_sha256_bytes"},"source_id":"1602.04693","source_kind":"arxiv","source_version":2}}},"equivocations":[],"invalid_events":[],"applied_event_ids":["sha256:7f6a3ff9c4ce523f2224f609814672ae2a77c0bde68b2a7f2ed4013ba66dc276","sha256:95895f8244bbb8d5db918b72007c8faad339fb6ded827f6b7e11772a8d3b59f1"],"state_sha256":"639df82ab1ba5c4770c3c7396d5cce306e456464780d46583d2ba96736837511"},"bundle_signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"DC1FPt02RzevW37MJA0JCgniW87kIu8eqOD8zGZuWIEKPr0rhFRmwD/3XnJLijETnF04RqnTT92VMBqUKwwqBQ==","signed_message":"bundle_sha256_bytes","signed_at":"2026-06-26T11:42:38.299467Z","bundle_sha256":"4c7a9d679610f9b1579012961e0e6a3c8f8a5266e913fa30b2f358778c683ca8"}}