Estimating Malware Impact on Network Traffic Analysis by Using Wireshark

Abstract

With the increasing prevalence of advanced cyber threats, there is a growing need for effective cybersecurity measures that can detect and visualize malware attacks. This research introduces an integrated approach that combines malware detection techniques with geospatial visualization methods to enhance the identification and analysis of cyber-attacks. By analyzing packets in the HTTP protocol, we identify suspicious file transfers and compute their hash values for further examination. To assess the threat level of these transferred files, we utilize the Virus Total platform to conduct comprehensive scans for malware. At the same time, by utilizing geolocation data, we map out both the origins and destinations of these attacks, providing valuable spatial context for understanding global patterns in cyber threats. In addition to enabling the identification of potentially harmful files, the proposed approach also provides a comprehensive visualization of how these threats are spread geographically. Our findings contribute to advancing cybersecurity strategies by facilitating proactive threat mitigation and enhancing incident response capabilities. The integration of malware detection, hash analysis, and geospatial visualization emphasizes the importance of adopting a multidimensional approach in strengthening network security infrastructure.