Skip to main content
The Malware Analysis Body of Knowledge (MABOK)
Australian Digital Forensics Conference
  • Craig Valli, Edith Cowan University
Publication Date
Document Type
Conference Proceeding
School of Computer and Information Science, Edith Cowan University, Perth, Western Australia
The ability to forensically analyse malicious software (malware) is becoming an increasingly important discipline in the field of Digital Forensics. This is because malware is becoming stealthier, targeted, profit driven, managed by criminal organizations, harder to detect and much harder to analyse. Malware analysis requires a considerable skill set to delve deep into malware internals when it is designed specifically to detect and hinder such attempts. This paper presents a foundation for a Malware Analysis Body of Knowledge (MABOK) that is required to successfully forensically analyse malware. This body of knowledge has been the result of several years of research into malware dissection.

Originally published in the Proceedings of the 6th Australian Digital Forensics Conference, Edith Cowan University, Perth Western Australia, December 3rd 2008.

Citation Information
Craig Valli. "The Malware Analysis Body of Knowledge (MABOK)" (2008)
Available at: