The ability to forensically analyse malicious software (malware) is becoming an increasingly important discipline in the field of Digital Forensics. This is because malware is becoming stealthier, targeted, profit driven, managed by criminal organizations, harder to detect and much harder to analyse. Malware analysis requires a considerable skill set to delve deep into malware internals when it is designed specifically to detect and hinder such attempts. This paper presents a foundation for a Malware Analysis Body of Knowledge (MABOK) that is required to successfully forensically analyse malware. This body of knowledge has been the result of several years of research into malware dissection.
Available at: http://works.bepress.com/craig_valli/54/