National University of Computer and Emerging Sciences
Embedded malware is a recently discovered security threat that allows malcode to be hidden inside a benign file. This hidden malcode can be remotely executed using a simple trigger program. It has been shown that embedded malware is not detected by commercial antivirus software even when the malware signature is present in their antivirus database. Therefore, embedded malware can be, more suitably, termed as a 'Disaster in disguise'. In this paper, the authors present a novel anomaly detection scheme to detect embedded malware.