MacPaw's latest research introduces an on-device, real-time phishing detection system to improve Mac users' cybersecurity.
Ivan Petrukha, Senior Research Engineer at MacPaw, will present research on this system at the 14th International Workshop on Socio-Technical Aspects in Security on July 12. The system, initiated by Moonlock, MacPaw's cybersecurity division, overcomes traditional anti-phishing limitations with immediate, on-device detection.
Moonlock's on-device solution detects phishing websites instantly using a reference-based approach for visual content analysis. The system relies on local machine learning models, ensuring user data stays on the device and enhancing privacy.
Leveraging macOS-specific resources, the system processes live screen captures quickly, maintaining high accuracy and low resource usage — 16% of a CPU core and less than 84MB of RAM on an Apple M1 processor. MacPaw's solution achieved 95.7% precision and 87.7% recall on a dataset of 50,000 web pages.
Phishing is a cyberattack method where malicious actors impersonate legitimate entities to trick people into sharing sensitive information, such as passwords, credit card numbers, and personal details. These attacks often occur through deceptive emails, websites, or messages that appear trustworthy but are designed to steal data or install malware on the victim's device.
As phishing techniques become more sophisticated, traditional detection methods struggle to keep up, making real-time, on-device solutions increasingly vital for robust cybersecurity.
Blacklist-based solutions have update delays, classification-based approaches struggle with obfuscation, and reference-based methods depend on slow external databases.
Petrukha's system operates in real-time, directly on the device, eliminating these delays and enhancing security. It has the potential to be adapted to iOS and other applications, such as email and messaging platforms.
It's not known yet how Mac users can benefit from MacPaw's phishing detection system, but the company has apps like CleanMyMac X that act as a malware detection tool, among other features. CleanMyMac X requires macOS 10.13 or later.
2 Comments
I don't know if this is Andrew's error of MacPaw's, however, if this is a system for preventing website incursions, it is Pharming, not Phishing.
The name of the paper Ivan from MacPaw presented at this conference of experts is literally titled "Think Globally, React Locally - Bringing Real-time Reference-based Website Phishing Detection on macOS" (second link in the article).