luciabrightcode/FAEA
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
FAEA/implementation_plan.md
Luciabrightcode 32179b2190 feat(phase3): Implement Evasion & Resilience Layer + TLS Alignment 
- Implement GhostCursorEngine with Bezier curves/Fitts's Law in src/browser/ghost_cursor.py
- Implement EntropyScheduler (Gaussian jitter/phase drift) in src/core/scheduler.py
- Implement MobileProxyRotator (sticky sessions) in src/core/proxy.py
- Update CamoufoxManager to target Chrome 124 for TLS consistency
- Add manual TLS verification script (tests/manual/verify_tls.py)
- Update implementation plan and walkthrough documentation
2025-12-23 11:56:20 +08:00

2.9 KiB
Raw Blame History

Phase 3: Evasion & Resilience Implementation Plan

Goal Description

Implement the "Human" behavior layer to defeat behavioral biometrics and temporal analysis. This phase focuses on:

  1. GhostCursorEngine: Simulating human mouse movements (Bezier curves, Fitts's Law).
  2. EntropyScheduler: Maximizing temporal entropy in request scheduling (Gaussian noise, Phase drift).
  3. ProxyRotator: Managing IP reputation with sticky sessions and rapid rotation for new sessions.

User Review Required

Important

GhostCursor tuning: The velocity parameters (a=0.1, b=0.15) are empirical starting points from the ADD. We may need to tune these against a live detection system if possible, or rely on the visual verification tool.

Proposed Changes

Browser Tier (Human Mimesis)

[NEW] src/browser/ghost_cursor.py

  • Class: GhostCursorEngine
  • Features:
    • move_to(page, x, y): Generates composite cubic Bezier curves.
    • _generate_waypoints(): Adds Gaussian perturbation to path.
    • _execute_submovement(): Applies velocity profile based on Fitts's Law.
    • random_micro_movement(): Simulates reading/idling jitter.

Core Tier (Temporal & Network Entropy)

[NEW] src/core/scheduler.py

  • Class: EntropyScheduler
  • Features:
    • next_execution_time(): Calculates delays using Base + Gaussian(0, 5s) + PhaseDrift.
    • Phase shift accumulating over time to avoid periodic harmonics.

[NEW] src/core/proxy.py

  • Class: MobileProxyRotator
  • Features:
    • select_proxy(session_id): Enforces sticky sessions (same session -> same IP).
    • Cooldown tracking: Prevents reusing IPs too quickly after session termination.

Remediation: TLS Fingerprint Alignment

[UPDATE] src/extractor/client.py

  • Objective: Match curl_cffi JA3 fingerprint to Camoufox (Chromium).
  • Strategy:
    • Analyze Camoufox's specific Chromium version/build.
    • Tune curl_cffi impersonate parameter (e.g., chrome120, chrome124, or specific interaction_args).
    • Verify using tests/manual/verify_tls.py.

Verification Plan

Automated Tests

  • Unit Tests: Verify math logic for Bezier curves and Scheduler distribution.
    • tests/unit/test_ghost_cursor.py (check point generation bounds)
    • tests/unit/test_scheduler.py (verify distribution mean/stddev)

Manual Verification

  • Visual Check: Use tests/manual/verify_cursor.py (to be created) to visualize the cursor path on a canvas or plot, ensuring it looks "human-like" and not robotic straight lines.
  • Log Analysis: Review scheduler logs to ensure no obvious repeatable patterns in timing.