search menu icon-carat-right cmu-wordmark

The MAL: A Malware Analysis Lexicon

February 2013 Technical Note
Dave Mundie, David McIntire

In this report, the authors present results of the Malware Analysis Lexicon (MAL) initiative, which developed the first common vocabulary for malware analysis.


Software Engineering Institute

CMU/SEI Report Number


DOI (Digital Object Identifier):


The lack of a controlled vocabulary for malware analysis is a symptom of the field's immaturity and an impediment to its growth. Malware analysis is a splintered discipline, with many small teams that for cultural reasons do not, or cannot, readily communicate among themselves; this condition encourages the growth of many local dialects. This report presents the results of the Malware Analysis Lexicon (MAL) initiative, a small project to develop the discipline's first common vocabulary.