{"bundle_type":"pith_open_graph_bundle","bundle_version":"1.0","pith_number":"pith:2017:XVKVQ5R3HC7NBT755FOGP7CQC7","short_pith_number":"pith:XVKVQ5R3","canonical_record":{"source":{"id":"1711.07477","kind":"arxiv","version":2},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2017-11-20T11:11:52Z","cross_cats_sorted":["cs.AI"],"title_canon_sha256":"045734da6a31d4f10780be8c0eb35457c02a460b70b2bae9ec8c6ed48d0460bd","abstract_canon_sha256":"48a91d511923cb9674848bc5cf023e8556d2067c395544aea762f9fa37190b61"},"schema_version":"1.0"},"canonical_sha256":"bd5558763b38bed0cffde95c67fc5017cb4f00a12d286daf322533b26f4baddd","source":{"kind":"arxiv","id":"1711.07477","version":2},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1711.07477","created_at":"2026-05-17T23:52:18Z"},{"alias_kind":"arxiv_version","alias_value":"1711.07477v2","created_at":"2026-05-17T23:52:18Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1711.07477","created_at":"2026-05-17T23:52:18Z"},{"alias_kind":"pith_short_12","alias_value":"XVKVQ5R3HC7N","created_at":"2026-05-18T12:31:56Z"},{"alias_kind":"pith_short_16","alias_value":"XVKVQ5R3HC7NBT75","created_at":"2026-05-18T12:31:56Z"},{"alias_kind":"pith_short_8","alias_value":"XVKVQ5R3","created_at":"2026-05-18T12:31:56Z"}],"events":[{"event_type":"record_created","subject_pith_number":"pith:2017:XVKVQ5R3HC7NBT755FOGP7CQC7","target":"record","payload":{"canonical_record":{"source":{"id":"1711.07477","kind":"arxiv","version":2},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2017-11-20T11:11:52Z","cross_cats_sorted":["cs.AI"],"title_canon_sha256":"045734da6a31d4f10780be8c0eb35457c02a460b70b2bae9ec8c6ed48d0460bd","abstract_canon_sha256":"48a91d511923cb9674848bc5cf023e8556d2067c395544aea762f9fa37190b61"},"schema_version":"1.0"},"canonical_sha256":"bd5558763b38bed0cffde95c67fc5017cb4f00a12d286daf322533b26f4baddd","receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-05-17T23:52:18.746804Z","signature_b64":"PadUAtQyN6Ok1YozkI8E/0RCxWoeC6+y7a77/W5NLN5Fx1oVIebmUJht4EEm+E3mam+Yo04ZoUv77MO26mkKDw==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"bd5558763b38bed0cffde95c67fc5017cb4f00a12d286daf322533b26f4baddd","last_reissued_at":"2026-05-17T23:52:18.746118Z","signature_status":"signed_v1","first_computed_at":"2026-05-17T23:52:18.746118Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"source_kind":"arxiv","source_id":"1711.07477","source_version":2,"attestation_state":"computed"},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-17T23:52:18Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"wglQmCA5zSjsfvF4BfWf6t4tYfQp5b9nEzyvxhiUCm+6teywHmsVmEsg4ys9hBIubGoZ8cWXpFmjMRWOWEykCw==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-05-27T05:07:51.363903Z"},"content_sha256":"91642eaca9992797bf9e7d8936c3d48856ccc7228d389813ff4dd60451bcae8b","schema_version":"1.0","event_id":"sha256:91642eaca9992797bf9e7d8936c3d48856ccc7228d389813ff4dd60451bcae8b"},{"event_type":"graph_snapshot","subject_pith_number":"pith:2017:XVKVQ5R3HC7NBT755FOGP7CQC7","target":"graph","payload":{"graph_snapshot":{"paper":{"title":"MaMaDroid: Detecting Android Malware by Building Markov Chains of Behavioral Models (Extended Version)","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":["cs.AI"],"primary_cat":"cs.CR","authors_text":"Emiliano De Cristofaro, Enrico Mariconti, Gianluca Stringhini, Gordon Ross, Lucky Onwuzurike, Panagiotis Andriotis","submitted_at":"2017-11-20T11:11:52Z","abstract_excerpt":"As Android has become increasingly popular, so has malware targeting it, thus pushing the research community to propose different detection techniques. However, the constant evolution of the Android ecosystem, and of malware itself, makes it hard to design robust tools that can operate for long periods of time without the need for modifications or costly re-training. Aiming to address this issue, we set to detect malware from a behavioral point of view, modeled as the sequence of abstracted API calls. We introduce MaMaDroid, a static-analysis based system that abstracts the API calls performed"},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1711.07477","kind":"arxiv","version":2},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"verdict_id":null},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-17T23:52:18Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"VjHpcUr0eyWai+B/CggXFYOW2dqowcvJahAJ+ZLLlpFAE+5ZNMuV/ROqHTpTq+m5hu39wPhPcgfJpZYUsWpMAg==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-05-27T05:07:51.364573Z"},"content_sha256":"a8985b956a3379b7906e7608832f7822594dfe067e37f8908dddd5101311c86e","schema_version":"1.0","event_id":"sha256:a8985b956a3379b7906e7608832f7822594dfe067e37f8908dddd5101311c86e"}],"timestamp_proofs":[],"mirror_hints":[{"mirror_type":"https","name":"Pith Resolver","base_url":"https://pith.science","bundle_url":"https://pith.science/pith/XVKVQ5R3HC7NBT755FOGP7CQC7/bundle.json","state_url":"https://pith.science/pith/XVKVQ5R3HC7NBT755FOGP7CQC7/state.json","well_known_bundle_url":"https://pith.science/.well-known/pith/XVKVQ5R3HC7NBT755FOGP7CQC7/bundle.json","status":"primary"}],"public_keys":[{"key_id":"pith-v1-2026-05","algorithm":"ed25519","format":"raw","public_key_b64":"stVStoiQhXFxp4s2pdzPNoqVNBMojDU/fJ2db5S3CbM=","public_key_hex":"b2d552b68890857171a78b36a5dccf368a953413288c353f7c9d9d6f94b709b3","fingerprint_sha256_b32_first128bits":"RVFV5Z2OI2J3ZUO7ERDEBCYNKS","fingerprint_sha256_hex":"8d4b5ee74e4693bcd1df2446408b0d54","rotates_at":null,"url":"https://pith.science/pith-signing-key.json","notes":"Pith uses this Ed25519 key to sign canonical record SHA-256 digests. Verify with: ed25519_verify(public_key, message=canonical_sha256_bytes, signature=base64decode(signature_b64))."}],"merge_version":"pith-open-graph-merge-v1","built_at":"2026-05-27T05:07:51Z","links":{"resolver":"https://pith.science/pith/XVKVQ5R3HC7NBT755FOGP7CQC7","bundle":"https://pith.science/pith/XVKVQ5R3HC7NBT755FOGP7CQC7/bundle.json","state":"https://pith.science/pith/XVKVQ5R3HC7NBT755FOGP7CQC7/state.json","well_known_bundle":"https://pith.science/.well-known/pith/XVKVQ5R3HC7NBT755FOGP7CQC7/bundle.json"},"state":{"state_type":"pith_open_graph_state","state_version":"1.0","pith_number":"pith:2017:XVKVQ5R3HC7NBT755FOGP7CQC7","merge_version":"pith-open-graph-merge-v1","event_count":2,"valid_event_count":2,"invalid_event_count":0,"equivocation_count":0,"current":{"canonical_record":{"metadata":{"abstract_canon_sha256":"48a91d511923cb9674848bc5cf023e8556d2067c395544aea762f9fa37190b61","cross_cats_sorted":["cs.AI"],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2017-11-20T11:11:52Z","title_canon_sha256":"045734da6a31d4f10780be8c0eb35457c02a460b70b2bae9ec8c6ed48d0460bd"},"schema_version":"1.0","source":{"id":"1711.07477","kind":"arxiv","version":2}},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1711.07477","created_at":"2026-05-17T23:52:18Z"},{"alias_kind":"arxiv_version","alias_value":"1711.07477v2","created_at":"2026-05-17T23:52:18Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1711.07477","created_at":"2026-05-17T23:52:18Z"},{"alias_kind":"pith_short_12","alias_value":"XVKVQ5R3HC7N","created_at":"2026-05-18T12:31:56Z"},{"alias_kind":"pith_short_16","alias_value":"XVKVQ5R3HC7NBT75","created_at":"2026-05-18T12:31:56Z"},{"alias_kind":"pith_short_8","alias_value":"XVKVQ5R3","created_at":"2026-05-18T12:31:56Z"}],"graph_snapshots":[{"event_id":"sha256:a8985b956a3379b7906e7608832f7822594dfe067e37f8908dddd5101311c86e","target":"graph","created_at":"2026-05-17T23:52:18Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"graph_snapshot":{"author_claims":{"count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","strong_count":0},"builder_version":"pith-number-builder-2026-05-17-v1","claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"paper":{"abstract_excerpt":"As Android has become increasingly popular, so has malware targeting it, thus pushing the research community to propose different detection techniques. However, the constant evolution of the Android ecosystem, and of malware itself, makes it hard to design robust tools that can operate for long periods of time without the need for modifications or costly re-training. Aiming to address this issue, we set to detect malware from a behavioral point of view, modeled as the sequence of abstracted API calls. We introduce MaMaDroid, a static-analysis based system that abstracts the API calls performed","authors_text":"Emiliano De Cristofaro, Enrico Mariconti, Gianluca Stringhini, Gordon Ross, Lucky Onwuzurike, Panagiotis Andriotis","cross_cats":["cs.AI"],"headline":"","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2017-11-20T11:11:52Z","title":"MaMaDroid: Detecting Android Malware by Building Markov Chains of Behavioral Models (Extended Version)"},"references":{"count":0,"internal_anchors":0,"resolved_work":0,"sample":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1711.07477","kind":"arxiv","version":2},"verdict":{"created_at":null,"id":null,"model_set":{},"one_line_summary":"","pipeline_version":null,"pith_extraction_headline":"","strongest_claim":"","weakest_assumption":""}},"verdict_id":null}}],"author_attestations":[],"timestamp_anchors":[],"storage_attestations":[],"citation_signatures":[],"replication_records":[],"corrections":[],"mirror_hints":[],"record_created":{"event_id":"sha256:91642eaca9992797bf9e7d8936c3d48856ccc7228d389813ff4dd60451bcae8b","target":"record","created_at":"2026-05-17T23:52:18Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"attestation_state":"computed","canonical_record":{"metadata":{"abstract_canon_sha256":"48a91d511923cb9674848bc5cf023e8556d2067c395544aea762f9fa37190b61","cross_cats_sorted":["cs.AI"],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2017-11-20T11:11:52Z","title_canon_sha256":"045734da6a31d4f10780be8c0eb35457c02a460b70b2bae9ec8c6ed48d0460bd"},"schema_version":"1.0","source":{"id":"1711.07477","kind":"arxiv","version":2}},"canonical_sha256":"bd5558763b38bed0cffde95c67fc5017cb4f00a12d286daf322533b26f4baddd","receipt":{"algorithm":"ed25519","builder_version":"pith-number-builder-2026-05-17-v1","canonical_sha256":"bd5558763b38bed0cffde95c67fc5017cb4f00a12d286daf322533b26f4baddd","first_computed_at":"2026-05-17T23:52:18.746118Z","key_id":"pith-v1-2026-05","kind":"pith_receipt","last_reissued_at":"2026-05-17T23:52:18.746118Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","receipt_version":"0.3","signature_b64":"PadUAtQyN6Ok1YozkI8E/0RCxWoeC6+y7a77/W5NLN5Fx1oVIebmUJht4EEm+E3mam+Yo04ZoUv77MO26mkKDw==","signature_status":"signed_v1","signed_at":"2026-05-17T23:52:18.746804Z","signed_message":"canonical_sha256_bytes"},"source_id":"1711.07477","source_kind":"arxiv","source_version":2}}},"equivocations":[],"invalid_events":[],"applied_event_ids":["sha256:91642eaca9992797bf9e7d8936c3d48856ccc7228d389813ff4dd60451bcae8b","sha256:a8985b956a3379b7906e7608832f7822594dfe067e37f8908dddd5101311c86e"],"state_sha256":"514083dca2f5d3eb9a014375c2536813dd632e0cee9ba709a6290f1762ab6b68"},"bundle_signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"m+yQK9xVE6tGZ9AAFOhUwsAgn4ZTmBQb9swroYgIjCWRr98VGsXdXWUzzBH7+30QTbril2wn6kWRO9U9ucq4Bw==","signed_message":"bundle_sha256_bytes","signed_at":"2026-05-27T05:07:51.369098Z","bundle_sha256":"2a8e759494b911c1bd53ad5634295727fc6340308c5544cb6402be1c6565daf4"}}