Multi-layer Analysis
A defense-in-depth approach that combines local speed with cloud intelligence.
No single detection method is perfect. Arx stacks multiple analysis techniques on top of each other. If a threat bypasses one layer, it runs into the next.
The Analysis Pipeline
Threats are analyzed through a cascading three-layer system. Each layer provides faster or deeper analysis depending on the threat level.
Local Pre-Filter
Checks the URL string itself. Is it on a trusted list? Is it a known safe domain? Does it have obvious anomalies?
✓ Whitelist check
✓ Domain age verification
✓ TLD analysis
✓ URL pattern matching
Behavioral Heuristics
The extension analyzes the page structure, scans visible context for risk indicators, and evaluates visual elements.
✓ DOM structure analysis
✓ Visual fingerprinting
✓ Form detection
✓ Typosquatting & Punycode checks
AI Visual Matching
For login pages and suspicious content, AI-powered visual matching analyzes page structure and visual elements to identify sophisticated phishing attempts.
✓ AI visual similarity detection
✓ Brand logo recognition
✓ Layout structure comparison
✓ Trusted site fingerprinting
Fast by default, deeper only when needed
This hybrid model ensures that browsing stays fast. Most traffic is cleared instantly in Layer 1, while only unknown or suspicious pages move through deeper analysis.