University of Bahrain
College of Information Technology
Department of Information Systems
College of Information Technology
Department of Information Systems
PhishArena is an interactive cybersecurity platform designed to simulate real-world phishing attacks and improve user awareness through practical experience. Instead of relying only on theoretical knowledge, the system provides structured, scenario-based training where users engage with realistic phishing situations.
Powered by AI and Large Language Models (LLMs), the platform evaluates user responses based on professionalism, realism, and completeness, providing intelligent feedback to improve understanding of social engineering attacks.
Enhance users’ ability to identify and respond to phishing attacks through realistic training scenarios.
Create an engaging and practical environment that goes beyond traditional theoretical awareness methods.
Replicate real-world email environments such as Outlook and Thunderbird to improve hands-on experience.
Use AI and LLM technologies to analyze responses and provide intelligent feedback and explanations.
Many cybersecurity awareness programs focus mainly on theoretical knowledge rather than practical phishing detection skills.
Attackers continuously improve phishing methods, making malicious emails harder for users to identify and detect.
Human mistakes remain one of the leading causes of cybersecurity breaches, highlighting the need for better awareness solutions.
Simulates real-world email environments to help users experience phishing scenarios in a practical way.
Uses AI and Large Language Models to evaluate user responses and provide intelligent explanations and feedback.
Provides a gamified and engaging learning experience instead of traditional static cybersecurity training methods.
Helps users improve their ability to identify suspicious emails and reduce risks caused by phishing attacks.
Analyzes submitted responses instantly and generates quick feedback to improve user decision-making skills.
The PhishArena architecture combines realistic email communication with AI-powered evaluation services using Flask, SMTP/IMAP servers, and Large Language Models (LLMs).
Ollama (LLM)
Flask (Python)
Ubuntu Operating System
HTML
CSS
JavaScript
The platform is deployed on Ubuntu Linux to provide a stable and secure environment for backend services and AI integration.
Postfix is used to manage SMTP communication and simulate realistic phishing email delivery scenarios.
Dovecot handles IMAP services and mailbox access for receiving and managing user email interactions.
Ollama powers the AI evaluation process by analyzing user responses and generating intelligent feedback.
Flask connects all system components together and processes communication between the frontend and AI services.
The web interface allows users to interact with the platform, submit responses, and receive evaluation results instantly.
The PhishArena platform operates within a dedicated experimental environment that integrates Ubuntu-based services, AI evaluation modules, and email simulation systems. The following workflow demonstrates how the platform is launched and used during testing and demonstrations.
Start the Ubuntu-based environment containing Flask services, SMTP/IMAP servers, and AI modules.
Access PhishArena through Thunderbird or the web-based interface for phishing simulation.
The system analyzes user responses using Large Language Models and generates intelligent feedback.
Users receive feedback, scores, and progress tracking after completing phishing scenarios.
Different Large Language Models (LLMs) were tested to evaluate their phishing detection performance based on accuracy, response time, and practical usability within the PhishArena platform.
| Model Configuration | Response Speed | Real-Time Suitability | Deployment Efficiency |
|---|---|---|---|
| Llama 3.2:1B + mxbai-embed-large | 4.8s | Excellent | Lightweight & Stable |
| Qwen3:1.7b + mxbai-embed-large | 6.2s | Good | Moderate Resource Usage |
| Gemma3:1b + mxbai-embed-large | 5.9s | Moderate | Stable Deployment |
| Qwen3:1.7b + all-minilm | 4.5s | Good | Efficient Embedding |
| Phi4-mini + all-minilm | 4.1s | Limited | Fast but Less Reliable |
Llama 3.2:1B was selected because it achieved the best balance between response speed, lightweight deployment, and real-time interaction quality. The model integrates efficiently with Ollama and supports smooth phishing awareness simulations without requiring high computational resources.
PhishArena bridges the gap between theoretical cybersecurity awareness and practical phishing awareness training by creating an immersive AI-assisted training environment
Impact: PhishArena bridges the gap between theoretical cybersecurity awareness and practical phishing detection by creating an immersive AI-driven training environment that improves user readiness against phishing attacks.
This project is a Final Year Senior Project completed during Semester 2 of the Academic Year 2025/2026 at the College of Information Technology — University of Bahrain.
Cybersecurity Graduates - Batch 2026