{"bundle_type":"pith_open_graph_bundle","bundle_version":"1.0","pith_number":"pith:2017:IPSFCUZG45YWQLZADZODKSGGCM","short_pith_number":"pith:IPSFCUZG","canonical_record":{"source":{"id":"1704.02774","kind":"arxiv","version":2},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.SE","submitted_at":"2017-04-10T09:28:12Z","cross_cats_sorted":["cs.CR"],"title_canon_sha256":"4fd27aa5a5da6eb489a8c0f36e7c4a557e087566777eeb4213b58b014abfa05a","abstract_canon_sha256":"efed97a9587a9de1795cbfecc3370ff52cea383f29c56bc5b58231328ef9f737"},"schema_version":"1.0"},"canonical_sha256":"43e4515326e771682f201e5c3548c6133f6f8861e34100093dbcdc2fdc5f1841","source":{"kind":"arxiv","id":"1704.02774","version":2},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1704.02774","created_at":"2026-05-18T00:43:39Z"},{"alias_kind":"arxiv_version","alias_value":"1704.02774v2","created_at":"2026-05-18T00:43:39Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1704.02774","created_at":"2026-05-18T00:43:39Z"},{"alias_kind":"pith_short_12","alias_value":"IPSFCUZG45YW","created_at":"2026-05-18T12:31:21Z"},{"alias_kind":"pith_short_16","alias_value":"IPSFCUZG45YWQLZA","created_at":"2026-05-18T12:31:21Z"},{"alias_kind":"pith_short_8","alias_value":"IPSFCUZG","created_at":"2026-05-18T12:31:21Z"}],"events":[{"event_type":"record_created","subject_pith_number":"pith:2017:IPSFCUZG45YWQLZADZODKSGGCM","target":"record","payload":{"canonical_record":{"source":{"id":"1704.02774","kind":"arxiv","version":2},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.SE","submitted_at":"2017-04-10T09:28:12Z","cross_cats_sorted":["cs.CR"],"title_canon_sha256":"4fd27aa5a5da6eb489a8c0f36e7c4a557e087566777eeb4213b58b014abfa05a","abstract_canon_sha256":"efed97a9587a9de1795cbfecc3370ff52cea383f29c56bc5b58231328ef9f737"},"schema_version":"1.0"},"canonical_sha256":"43e4515326e771682f201e5c3548c6133f6f8861e34100093dbcdc2fdc5f1841","receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-05-18T00:43:39.177802Z","signature_b64":"1PR/jL39VSk1zJDL+adCo7s334sSLqNHQYVWaOGEadMEesZyhuvjcyIrOgVyIMNGoYRBITvI66j9bss/nZnLAw==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"43e4515326e771682f201e5c3548c6133f6f8861e34100093dbcdc2fdc5f1841","last_reissued_at":"2026-05-18T00:43:39.177366Z","signature_status":"signed_v1","first_computed_at":"2026-05-18T00:43:39.177366Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"source_kind":"arxiv","source_id":"1704.02774","source_version":2,"attestation_state":"computed"},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T00:43:39Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"W48LM8R3OdptwmYIpEXQc6pX2HZqkzQWcr31QRBeIf/LgH009lYIv9wpT7YVrsF0ioj2umqHeKSl188jlqncBQ==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-05-26T16:05:15.610175Z"},"content_sha256":"a298ad7b6a7930f36b09628fc1a29d9abc682ebb7ba877c62a1c39bdd69f4471","schema_version":"1.0","event_id":"sha256:a298ad7b6a7930f36b09628fc1a29d9abc682ebb7ba877c62a1c39bdd69f4471"},{"event_type":"graph_snapshot","subject_pith_number":"pith:2017:IPSFCUZG45YWQLZADZODKSGGCM","target":"graph","payload":{"graph_snapshot":{"paper":{"title":"How Professional Hackers Understand Protected Code while Performing Attack Tasks","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":["cs.CR"],"primary_cat":"cs.SE","authors_text":"Bart Coppens, Bjorn De Sutter, Cataldo Basile, Marco Torchiano, Mariano Ceccato, Paolo Falcarin, Paolo Tonella","submitted_at":"2017-04-10T09:28:12Z","abstract_excerpt":"Code protections aim at blocking (or at least delaying) reverse engineering and tampering attacks to critical assets within programs. Knowing the way hackers understand protected code and perform attacks is important to achieve a stronger protection of the software assets, based on realistic assumptions about the hackers' behaviour. However, building such knowledge is difficult because hackers can hardly be involved in controlled experiments and empirical studies. The FP7 European project Aspire has given the authors of this paper the unique opportunity to have access to the professional penet"},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1704.02774","kind":"arxiv","version":2},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"verdict_id":null},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T00:43:39Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"TAq++K+y4IF9dNR55pNuCTvEBgE0KozHV3eCBhtPv92sitGJ+bmH3F2qcW6IBq1XhREs2OgBh9nYZFf7qOWzAA==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-05-26T16:05:15.610923Z"},"content_sha256":"3f8a9a6547c57b17740fca885415e94b82b8a7cfc9992ee7fca09a5685a6c020","schema_version":"1.0","event_id":"sha256:3f8a9a6547c57b17740fca885415e94b82b8a7cfc9992ee7fca09a5685a6c020"}],"timestamp_proofs":[],"mirror_hints":[{"mirror_type":"https","name":"Pith Resolver","base_url":"https://pith.science","bundle_url":"https://pith.science/pith/IPSFCUZG45YWQLZADZODKSGGCM/bundle.json","state_url":"https://pith.science/pith/IPSFCUZG45YWQLZADZODKSGGCM/state.json","well_known_bundle_url":"https://pith.science/.well-known/pith/IPSFCUZG45YWQLZADZODKSGGCM/bundle.json","status":"primary"}],"public_keys":[{"key_id":"pith-v1-2026-05","algorithm":"ed25519","format":"raw","public_key_b64":"stVStoiQhXFxp4s2pdzPNoqVNBMojDU/fJ2db5S3CbM=","public_key_hex":"b2d552b68890857171a78b36a5dccf368a953413288c353f7c9d9d6f94b709b3","fingerprint_sha256_b32_first128bits":"RVFV5Z2OI2J3ZUO7ERDEBCYNKS","fingerprint_sha256_hex":"8d4b5ee74e4693bcd1df2446408b0d54","rotates_at":null,"url":"https://pith.science/pith-signing-key.json","notes":"Pith uses this Ed25519 key to sign canonical record SHA-256 digests. Verify with: ed25519_verify(public_key, message=canonical_sha256_bytes, signature=base64decode(signature_b64))."}],"merge_version":"pith-open-graph-merge-v1","built_at":"2026-05-26T16:05:15Z","links":{"resolver":"https://pith.science/pith/IPSFCUZG45YWQLZADZODKSGGCM","bundle":"https://pith.science/pith/IPSFCUZG45YWQLZADZODKSGGCM/bundle.json","state":"https://pith.science/pith/IPSFCUZG45YWQLZADZODKSGGCM/state.json","well_known_bundle":"https://pith.science/.well-known/pith/IPSFCUZG45YWQLZADZODKSGGCM/bundle.json"},"state":{"state_type":"pith_open_graph_state","state_version":"1.0","pith_number":"pith:2017:IPSFCUZG45YWQLZADZODKSGGCM","merge_version":"pith-open-graph-merge-v1","event_count":2,"valid_event_count":2,"invalid_event_count":0,"equivocation_count":0,"current":{"canonical_record":{"metadata":{"abstract_canon_sha256":"efed97a9587a9de1795cbfecc3370ff52cea383f29c56bc5b58231328ef9f737","cross_cats_sorted":["cs.CR"],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.SE","submitted_at":"2017-04-10T09:28:12Z","title_canon_sha256":"4fd27aa5a5da6eb489a8c0f36e7c4a557e087566777eeb4213b58b014abfa05a"},"schema_version":"1.0","source":{"id":"1704.02774","kind":"arxiv","version":2}},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1704.02774","created_at":"2026-05-18T00:43:39Z"},{"alias_kind":"arxiv_version","alias_value":"1704.02774v2","created_at":"2026-05-18T00:43:39Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1704.02774","created_at":"2026-05-18T00:43:39Z"},{"alias_kind":"pith_short_12","alias_value":"IPSFCUZG45YW","created_at":"2026-05-18T12:31:21Z"},{"alias_kind":"pith_short_16","alias_value":"IPSFCUZG45YWQLZA","created_at":"2026-05-18T12:31:21Z"},{"alias_kind":"pith_short_8","alias_value":"IPSFCUZG","created_at":"2026-05-18T12:31:21Z"}],"graph_snapshots":[{"event_id":"sha256:3f8a9a6547c57b17740fca885415e94b82b8a7cfc9992ee7fca09a5685a6c020","target":"graph","created_at":"2026-05-18T00:43:39Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"graph_snapshot":{"author_claims":{"count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","strong_count":0},"builder_version":"pith-number-builder-2026-05-17-v1","claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"paper":{"abstract_excerpt":"Code protections aim at blocking (or at least delaying) reverse engineering and tampering attacks to critical assets within programs. Knowing the way hackers understand protected code and perform attacks is important to achieve a stronger protection of the software assets, based on realistic assumptions about the hackers' behaviour. However, building such knowledge is difficult because hackers can hardly be involved in controlled experiments and empirical studies. The FP7 European project Aspire has given the authors of this paper the unique opportunity to have access to the professional penet","authors_text":"Bart Coppens, Bjorn De Sutter, Cataldo Basile, Marco Torchiano, Mariano Ceccato, Paolo Falcarin, Paolo Tonella","cross_cats":["cs.CR"],"headline":"","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.SE","submitted_at":"2017-04-10T09:28:12Z","title":"How Professional Hackers Understand Protected Code while Performing Attack Tasks"},"references":{"count":0,"internal_anchors":0,"resolved_work":0,"sample":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1704.02774","kind":"arxiv","version":2},"verdict":{"created_at":null,"id":null,"model_set":{},"one_line_summary":"","pipeline_version":null,"pith_extraction_headline":"","strongest_claim":"","weakest_assumption":""}},"verdict_id":null}}],"author_attestations":[],"timestamp_anchors":[],"storage_attestations":[],"citation_signatures":[],"replication_records":[],"corrections":[],"mirror_hints":[],"record_created":{"event_id":"sha256:a298ad7b6a7930f36b09628fc1a29d9abc682ebb7ba877c62a1c39bdd69f4471","target":"record","created_at":"2026-05-18T00:43:39Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"attestation_state":"computed","canonical_record":{"metadata":{"abstract_canon_sha256":"efed97a9587a9de1795cbfecc3370ff52cea383f29c56bc5b58231328ef9f737","cross_cats_sorted":["cs.CR"],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.SE","submitted_at":"2017-04-10T09:28:12Z","title_canon_sha256":"4fd27aa5a5da6eb489a8c0f36e7c4a557e087566777eeb4213b58b014abfa05a"},"schema_version":"1.0","source":{"id":"1704.02774","kind":"arxiv","version":2}},"canonical_sha256":"43e4515326e771682f201e5c3548c6133f6f8861e34100093dbcdc2fdc5f1841","receipt":{"algorithm":"ed25519","builder_version":"pith-number-builder-2026-05-17-v1","canonical_sha256":"43e4515326e771682f201e5c3548c6133f6f8861e34100093dbcdc2fdc5f1841","first_computed_at":"2026-05-18T00:43:39.177366Z","key_id":"pith-v1-2026-05","kind":"pith_receipt","last_reissued_at":"2026-05-18T00:43:39.177366Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","receipt_version":"0.3","signature_b64":"1PR/jL39VSk1zJDL+adCo7s334sSLqNHQYVWaOGEadMEesZyhuvjcyIrOgVyIMNGoYRBITvI66j9bss/nZnLAw==","signature_status":"signed_v1","signed_at":"2026-05-18T00:43:39.177802Z","signed_message":"canonical_sha256_bytes"},"source_id":"1704.02774","source_kind":"arxiv","source_version":2}}},"equivocations":[],"invalid_events":[],"applied_event_ids":["sha256:a298ad7b6a7930f36b09628fc1a29d9abc682ebb7ba877c62a1c39bdd69f4471","sha256:3f8a9a6547c57b17740fca885415e94b82b8a7cfc9992ee7fca09a5685a6c020"],"state_sha256":"54b3a74ece9d0a9d81e24aee81fe26bf1965816a1ec770a16f985fd0e97f9cb4"},"bundle_signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"3Myw4SddmbWfqgRuiUz7pbo074i+u9J8dUCjz96Rtqv6kaZob7b8Hnwo/GUIAYbpN/bUClV/Kx1Xf+CKoV30AQ==","signed_message":"bundle_sha256_bytes","signed_at":"2026-05-26T16:05:15.614571Z","bundle_sha256":"2990686cb600e9d21d726bbd532643e10f5ed10d13c5f2fd32d42395843de4f0"}}