{"bundle_type":"pith_open_graph_bundle","bundle_version":"1.0","pith_number":"pith:2018:XZD5HI2O6RUBYP7WB3YZPIIK3L","short_pith_number":"pith:XZD5HI2O","canonical_record":{"source":{"id":"1803.03544","kind":"arxiv","version":2},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.LG","submitted_at":"2018-03-09T14:56:36Z","cross_cats_sorted":["cs.CR","stat.ML"],"title_canon_sha256":"bdb01c86c7aa7d624972beaf38df2d48fd39d2b0a5b855b2f370e872d861f27b","abstract_canon_sha256":"574ad676506bfc25fa4bf8f757cf155ba74dedfa92041a9721215c638b2af097"},"schema_version":"1.0"},"canonical_sha256":"be47d3a34ef4681c3ff60ef197a10adafdc9d54b2d673c171910292bd141e1f5","source":{"kind":"arxiv","id":"1803.03544","version":2},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1803.03544","created_at":"2026-05-18T00:02:12Z"},{"alias_kind":"arxiv_version","alias_value":"1803.03544v2","created_at":"2026-05-18T00:02:12Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1803.03544","created_at":"2026-05-18T00:02:12Z"},{"alias_kind":"pith_short_12","alias_value":"XZD5HI2O6RUB","created_at":"2026-05-18T12:33:04Z"},{"alias_kind":"pith_short_16","alias_value":"XZD5HI2O6RUBYP7W","created_at":"2026-05-18T12:33:04Z"},{"alias_kind":"pith_short_8","alias_value":"XZD5HI2O","created_at":"2026-05-18T12:33:04Z"}],"events":[{"event_type":"record_created","subject_pith_number":"pith:2018:XZD5HI2O6RUBYP7WB3YZPIIK3L","target":"record","payload":{"canonical_record":{"source":{"id":"1803.03544","kind":"arxiv","version":2},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.LG","submitted_at":"2018-03-09T14:56:36Z","cross_cats_sorted":["cs.CR","stat.ML"],"title_canon_sha256":"bdb01c86c7aa7d624972beaf38df2d48fd39d2b0a5b855b2f370e872d861f27b","abstract_canon_sha256":"574ad676506bfc25fa4bf8f757cf155ba74dedfa92041a9721215c638b2af097"},"schema_version":"1.0"},"canonical_sha256":"be47d3a34ef4681c3ff60ef197a10adafdc9d54b2d673c171910292bd141e1f5","receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-05-18T00:02:12.714701Z","signature_b64":"MAwUHpzsBsEn0K6CQ/ao7JDC7GLFvG+yD9nw2CHAAX1GlYbeCA9bgW3iXBIo8weQP4OKvhA9gn5qyR4qDD3QDQ==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"be47d3a34ef4681c3ff60ef197a10adafdc9d54b2d673c171910292bd141e1f5","last_reissued_at":"2026-05-18T00:02:12.713865Z","signature_status":"signed_v1","first_computed_at":"2026-05-18T00:02:12.713865Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"source_kind":"arxiv","source_id":"1803.03544","source_version":2,"attestation_state":"computed"},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T00:02:12Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"xrcdzZ5TbOIfyFc4lRhiBT+BndZ1eYqqg28/HEWU3ppDzmZI9g8Cj9Dfvn68tiolz2GvfpghWXjOh9hwj4H8CA==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-06-01T17:52:05.997291Z"},"content_sha256":"2a8574abcd504c56e61eeb4e9f582ab3e21746643b561246ba0b5843a821ef73","schema_version":"1.0","event_id":"sha256:2a8574abcd504c56e61eeb4e9f582ab3e21746643b561246ba0b5843a821ef73"},{"event_type":"graph_snapshot","subject_pith_number":"pith:2018:XZD5HI2O6RUBYP7WB3YZPIIK3L","target":"graph","payload":{"graph_snapshot":{"paper":{"title":"Explaining Black-box Android Malware Detection","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":["cs.CR","stat.ML"],"primary_cat":"cs.LG","authors_text":"Battista Biggio, Davide Maiorca, Fabio Roli, Giorgio Giacinto, Marco Melis","submitted_at":"2018-03-09T14:56:36Z","abstract_excerpt":"Machine-learning models have been recently used for detecting malicious Android applications, reporting impressive performances on benchmark datasets, even when trained only on features statically extracted from the application, such as system calls and permissions. However, recent findings have highlighted the fragility of such in-vitro evaluations with benchmark datasets, showing that very few changes to the content of Android malware may suffice to evade detection. How can we thus trust that a malware detector performing well on benchmark data will continue to do so when deployed in an oper"},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1803.03544","kind":"arxiv","version":2},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"verdict_id":null},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T00:02:12Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"jaajiwmls6OHtMfIMyHf5bPdkKDrGlkAEkhEtRNCwi+KDO4dOF3P63HGFt/PMvsTc17IFPp5Zynd0+gnjDNnBg==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-06-01T17:52:05.997667Z"},"content_sha256":"221b343613c790ad59f441a83fe2b34de769f184a0ce5eaec8fc7f708a78fa67","schema_version":"1.0","event_id":"sha256:221b343613c790ad59f441a83fe2b34de769f184a0ce5eaec8fc7f708a78fa67"}],"timestamp_proofs":[],"mirror_hints":[{"mirror_type":"https","name":"Pith Resolver","base_url":"https://pith.science","bundle_url":"https://pith.science/pith/XZD5HI2O6RUBYP7WB3YZPIIK3L/bundle.json","state_url":"https://pith.science/pith/XZD5HI2O6RUBYP7WB3YZPIIK3L/state.json","well_known_bundle_url":"https://pith.science/.well-known/pith/XZD5HI2O6RUBYP7WB3YZPIIK3L/bundle.json","status":"primary"}],"public_keys":[{"key_id":"pith-v1-2026-05","algorithm":"ed25519","format":"raw","public_key_b64":"stVStoiQhXFxp4s2pdzPNoqVNBMojDU/fJ2db5S3CbM=","public_key_hex":"b2d552b68890857171a78b36a5dccf368a953413288c353f7c9d9d6f94b709b3","fingerprint_sha256_b32_first128bits":"RVFV5Z2OI2J3ZUO7ERDEBCYNKS","fingerprint_sha256_hex":"8d4b5ee74e4693bcd1df2446408b0d54","rotates_at":null,"url":"https://pith.science/pith-signing-key.json","notes":"Pith uses this Ed25519 key to sign canonical record SHA-256 digests. Verify with: ed25519_verify(public_key, message=canonical_sha256_bytes, signature=base64decode(signature_b64))."}],"merge_version":"pith-open-graph-merge-v1","built_at":"2026-06-01T17:52:05Z","links":{"resolver":"https://pith.science/pith/XZD5HI2O6RUBYP7WB3YZPIIK3L","bundle":"https://pith.science/pith/XZD5HI2O6RUBYP7WB3YZPIIK3L/bundle.json","state":"https://pith.science/pith/XZD5HI2O6RUBYP7WB3YZPIIK3L/state.json","well_known_bundle":"https://pith.science/.well-known/pith/XZD5HI2O6RUBYP7WB3YZPIIK3L/bundle.json"},"state":{"state_type":"pith_open_graph_state","state_version":"1.0","pith_number":"pith:2018:XZD5HI2O6RUBYP7WB3YZPIIK3L","merge_version":"pith-open-graph-merge-v1","event_count":2,"valid_event_count":2,"invalid_event_count":0,"equivocation_count":0,"current":{"canonical_record":{"metadata":{"abstract_canon_sha256":"574ad676506bfc25fa4bf8f757cf155ba74dedfa92041a9721215c638b2af097","cross_cats_sorted":["cs.CR","stat.ML"],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.LG","submitted_at":"2018-03-09T14:56:36Z","title_canon_sha256":"bdb01c86c7aa7d624972beaf38df2d48fd39d2b0a5b855b2f370e872d861f27b"},"schema_version":"1.0","source":{"id":"1803.03544","kind":"arxiv","version":2}},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1803.03544","created_at":"2026-05-18T00:02:12Z"},{"alias_kind":"arxiv_version","alias_value":"1803.03544v2","created_at":"2026-05-18T00:02:12Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1803.03544","created_at":"2026-05-18T00:02:12Z"},{"alias_kind":"pith_short_12","alias_value":"XZD5HI2O6RUB","created_at":"2026-05-18T12:33:04Z"},{"alias_kind":"pith_short_16","alias_value":"XZD5HI2O6RUBYP7W","created_at":"2026-05-18T12:33:04Z"},{"alias_kind":"pith_short_8","alias_value":"XZD5HI2O","created_at":"2026-05-18T12:33:04Z"}],"graph_snapshots":[{"event_id":"sha256:221b343613c790ad59f441a83fe2b34de769f184a0ce5eaec8fc7f708a78fa67","target":"graph","created_at":"2026-05-18T00:02:12Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"graph_snapshot":{"author_claims":{"count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","strong_count":0},"builder_version":"pith-number-builder-2026-05-17-v1","claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"paper":{"abstract_excerpt":"Machine-learning models have been recently used for detecting malicious Android applications, reporting impressive performances on benchmark datasets, even when trained only on features statically extracted from the application, such as system calls and permissions. However, recent findings have highlighted the fragility of such in-vitro evaluations with benchmark datasets, showing that very few changes to the content of Android malware may suffice to evade detection. How can we thus trust that a malware detector performing well on benchmark data will continue to do so when deployed in an oper","authors_text":"Battista Biggio, Davide Maiorca, Fabio Roli, Giorgio Giacinto, Marco Melis","cross_cats":["cs.CR","stat.ML"],"headline":"","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.LG","submitted_at":"2018-03-09T14:56:36Z","title":"Explaining Black-box Android Malware Detection"},"references":{"count":0,"internal_anchors":0,"resolved_work":0,"sample":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1803.03544","kind":"arxiv","version":2},"verdict":{"created_at":null,"id":null,"model_set":{},"one_line_summary":"","pipeline_version":null,"pith_extraction_headline":"","strongest_claim":"","weakest_assumption":""}},"verdict_id":null}}],"author_attestations":[],"timestamp_anchors":[],"storage_attestations":[],"citation_signatures":[],"replication_records":[],"corrections":[],"mirror_hints":[],"record_created":{"event_id":"sha256:2a8574abcd504c56e61eeb4e9f582ab3e21746643b561246ba0b5843a821ef73","target":"record","created_at":"2026-05-18T00:02:12Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"attestation_state":"computed","canonical_record":{"metadata":{"abstract_canon_sha256":"574ad676506bfc25fa4bf8f757cf155ba74dedfa92041a9721215c638b2af097","cross_cats_sorted":["cs.CR","stat.ML"],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.LG","submitted_at":"2018-03-09T14:56:36Z","title_canon_sha256":"bdb01c86c7aa7d624972beaf38df2d48fd39d2b0a5b855b2f370e872d861f27b"},"schema_version":"1.0","source":{"id":"1803.03544","kind":"arxiv","version":2}},"canonical_sha256":"be47d3a34ef4681c3ff60ef197a10adafdc9d54b2d673c171910292bd141e1f5","receipt":{"algorithm":"ed25519","builder_version":"pith-number-builder-2026-05-17-v1","canonical_sha256":"be47d3a34ef4681c3ff60ef197a10adafdc9d54b2d673c171910292bd141e1f5","first_computed_at":"2026-05-18T00:02:12.713865Z","key_id":"pith-v1-2026-05","kind":"pith_receipt","last_reissued_at":"2026-05-18T00:02:12.713865Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","receipt_version":"0.3","signature_b64":"MAwUHpzsBsEn0K6CQ/ao7JDC7GLFvG+yD9nw2CHAAX1GlYbeCA9bgW3iXBIo8weQP4OKvhA9gn5qyR4qDD3QDQ==","signature_status":"signed_v1","signed_at":"2026-05-18T00:02:12.714701Z","signed_message":"canonical_sha256_bytes"},"source_id":"1803.03544","source_kind":"arxiv","source_version":2}}},"equivocations":[],"invalid_events":[],"applied_event_ids":["sha256:2a8574abcd504c56e61eeb4e9f582ab3e21746643b561246ba0b5843a821ef73","sha256:221b343613c790ad59f441a83fe2b34de769f184a0ce5eaec8fc7f708a78fa67"],"state_sha256":"bc9cd72ba96fa31ef572f971e59f1b43b7e62cbea6efb5b22d163f2c187882c6"},"bundle_signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"AZDcVfAkqsQiwEKIJPpL6CKkme4KwHbj/YFEtpY3qPqJ+YfArSLMbZsKvpCEgMPihF1kVaD+F+N/cwxxy3qFBw==","signed_message":"bundle_sha256_bytes","signed_at":"2026-06-01T17:52:05.999638Z","bundle_sha256":"8af5db1eea846721636416e2a85a438028aee2752ff17aa195c1a01a972f437e"}}