Research Article
PhishCage: Reproduction of Fraudulent Websites in the Emulated Internet
@INPROCEEDINGS{10.4108/icst.simutools.2013.251707, author={Daisuke Miyamoto and Yuzo Taenaka and Toshiyuki Miyachi and Hiroaki Hazeyama}, title={PhishCage: Reproduction of Fraudulent Websites in the Emulated Internet}, proceedings={1st Workshop on Emulation Tools, Methodology and Techniques}, publisher={ACM}, proceedings_a={EMUTOOLS WORKSHOP}, year={2013}, month={7}, keywords={phishing detection testbed emulation}, doi={10.4108/icst.simutools.2013.251707} }- Daisuke Miyamoto
Yuzo Taenaka
Toshiyuki Miyachi
Hiroaki Hazeyama
Year: 2013
PhishCage: Reproduction of Fraudulent Websites in the Emulated Internet
EMUTOOLS WORKSHOP
ICST
DOI: 10.4108/icst.simutools.2013.251707
Abstract
This paper introduces PhishCage, an experimental infrastructure for phishing detection systems. Due to the short life time of phishing sites, comparative study of effectiveness, especially universality, among the detection systems is difficult. Our key idea is developing a testbed in which preserved phishing sites can be browsed as if they existed in the wild. According to our survey for phishing detection systems, this paper defines the requirements for the testbed, and designs PhishCage to meet with the requirements. The experiment of PhishCage demonstrates our mapping algorithm for 121 phishing sites into the emulated Japanese Internet topology. We confirm that phishing detection systems can obtain the realistic IP address and autonomous system number of the phishing sites in PhishCage, and few modifications enable the systems to work as if they are in the real Internet. With regard to the experimental results, we analyze the limitation of PhishCage, and finally discuss the feasibility of our emulation technique.