In attacks called phishing scams, attackers send fake emails disguised as messages from financial institutions such as banks to steer users toward malicious websites. Attackers can create websites remarkably similar to the actual site as a means to extract user information such as bank account and credit card numbers.

As a countermeasure to phishing attacks, we use machine learning to analyze data sampled from website URLs and site content. We are also doing work on phishing site detection, automation of adjustments to phishing countermeasures based on an individual user’s weaknesses, and damage prediction and application of countermeasures sourced from analyzation of users’ eye movement on phishing sites.

Security and user interface

The interface plays an important role in allowing the user to determine whether or not a website or an email contains malicious content. Our research group has drafted the International Standard ITU-T X.1212 proposal, which looks at interface wording, image color, size, shape, and non-visual information.

Security big data analysis

Security-related events are increasing in frequency, creating a need for big data analytics applied to the handling of increasing data volumes, faster data generation, diversification, and reliability. In addressing this issue, we are researching an experimental data analysis method, a high-speed log collection platform, and security log visualization technology.


In order to analyze the causes and trends of cyber threats, we are working on honeypot technology that invites attacks, using a reality-based system as a trigger. In addition, we are conducting research on giving false responses to OS scans, recording system call history on concealed disk devices, and creating honeypots dynamically by migrating a virtual machine.

Cyber risk

As the complete elimination of all cyber threats is not realistic, the concept of cyber resilience becomes important. Not resigned to simply accepting a certain level of risk, we are also developing a method to enhance the skill level of CSIRT’s by using game-based and simulation-type teaching materials, and a method of considering conversion of risk by assigning numerical values to risk from probability processes.