Encrypted code is often present in some types of advanced malware, while such code virtually never appears in legitimate applications. Hence, the presence of encrypted code within an executable file could serve as a strong heuristic for detecting malware. In this research, we consider the feasibility of detecting encrypted code using hidden Markov models.
Dhanasekar, Dhiviya, "Detecting Encrypted Malware Using Hidden Markov Models" (2017). Master's Projects. 574.