Host-based hiding techniques
Host based hiding techniques are designed to allow an adversary to remain undetected on a machine upon which they have taken action. They may do this through the use of static linking of binaries, polymorphic code, exploiting weakness in file formats, parsers, or self-deleting code. 
DetectionDetectable by Common Defenses (Yes/No/Partial): No
Explanation: Techniques are difficult to detect and might occur in uncommon use-cases (e.g., patching, anti-malware, anti-exploitation software).
Difficulty for the AdversaryEasy for the Adversary (Yes/No): No
Explanation: Some of the host-based hiding techniques require advanced knowledge combined with an understanding and awareness of the target's environment (e.g., exploiting weaknesses in file formats, parsers and detection capabilities).
- Microsoft Malware Protection Center. (2008, July 30). Virus: Win32/Virut.AP. Retrieved March 6, 2017.