K. Clemens, M. C. Paolo, C. K. Engin, K. Xiaoyong, and Z. , Xiaofeng W.: effective and efficient malware detection at the end host, 2009.

I. You and K. Yim, Malware Obfuscation Techniques: A Brief Survey, 2010 International Conference on Broadband, Wireless Computing, Communication and Applications, 2010.
DOI : 10.1109/BWCCA.2010.85
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.452.9461

M. Fredrikson, S. Jha, M. Christodorescu, and R. Sailer, Xifeng Yan: Synthesizing Near-Optimal Malware Specifications from Suspicious Behaviors, Proceedings of the 2010 IEEE Symposium on Security and Privacy, 2010.

A. Srivastava, A. Lanzi, and J. Giffin, System Call API Obfuscation (Extended Abstract), 2008.
DOI : 10.1007/978-3-540-87403-4_36
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.225.4668

M. Christodorescu, S. Jha, and C. , Mining specifications of malicious behavior, Proc. of the 6th joint meeting of the European software engineering conf. and the ACM SIGSOFT symp. on The foundations of software engineering, 2007.

G. Hoglund and J. Butler, Rootkits: Subverting the Windows kernel, 2005.

Z. Li, M. Sanghi, and Y. Chen, Hamsa: Fast Signature Generation for Zero-day Polymorphic Worms with Provable Attack Resilience, IEEE Symposium on Security and Privacy, 2006.

H. Dreger, A. Feldmann, M. Mai, V. Paxson, and R. Sommer, Dynamic Application-Layer Protocol Analysis for Network Intrusion Detection, 15th USENIX Security Symposium, 2005.

U. Bayer, I. Habibi, and D. Balzarotti, A View on Current Malware Behaviors, 2nd USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET'09, 2009.

A. Lanzi, D. Balzarotti, C. Kruegel, M. Christodorescu, and E. Kirda, AccessMiner, Proceedings of the 17th ACM conference on Computer and communications security, CCS '10, 2010.
DOI : 10.1145/1866307.1866353