import React from 'react'; import { DEVICE_DATABASE } from '../utils/formatters'; const HelpModal = ({ isOpen, onClose }) => { if (!isOpen) return null; return (
e.stopPropagation()}>

🎯 Activity Simulation Detection Dashboard - Help Guide

📊 Machine Risk

Shows the overall risk score for the monitored machine. The score ranges from 0.0 (definitely human) to 1.0 (definitely a jiggler). The color coding helps you quickly identify risk levels:

  • Green (0.0-0.3): Low risk - likely human activity
  • Orange (0.3-0.7): Medium risk - suspicious activity
  • Red (0.7-1.0): High risk - likely jiggler activity

🔍 Evidence

Raw data and calculations behind the risk score. Key components:

  • onnxScore: ML model prediction (Level 2 AI analysis)
  • heuristicRisk: Rule-based analysis (Level 1 behavioral patterns)
  • features: Individual measurements like timing patterns, mouse movement smoothness
  • unknownDevice: Whether the hardware is recognized

🛡️ Device Trust

List of hardware devices (mice, keyboards) observed on this machine. Known devices contribute to lower risk scores, while unknown devices increase suspicion.

Device ID Format: VID/PID (Vendor ID/Product ID) - unique identifiers for hardware.

🧠 Heuristics

Level 1 behavioral analysis that measures human vs robotic patterns:

  • Inter-event Entropy: How random are timing patterns? High = suspicious
  • Interval Regularity: How consistent are time gaps? Perfect consistency = robotic
  • Path Straightness: How straight are mouse movements? Too straight = jiggler

🤖 ML Model (Level 2)

Advanced AI/ML contribution to risk assessment:

  • ML Anomaly Score: What the machine learning models think (0.0-1.0)
  • Model Confidence: How sure the AI is about its prediction
  • Model Status: Which ML models are currently active

Models Used: Isolation Forest and One-Class SVM for anomaly detection.

💻 Machines

List of computers currently being monitored:

  • hb: Last heartbeat (when activity was last detected)
  • ft: First seen timestamp (when monitoring started)

📈 Risk History

Timeline showing how the risk score has changed over time. Helps identify patterns and trends in activity behavior.

🎮 Control Buttons

  • Seed Demo: Generates realistic test data with both human and jiggler patterns
  • Clear: Removes all demo data and resets the system
  • Evict Stale (120m): Removes data for machines inactive for 120+ minutes
  • Help: Opens this help guide

🔧 Device Reference Database

Common device manufacturers and their VID codes:

{Object.entries(DEVICE_DATABASE).map(([vid, vendor]) => ( ))}
VID Manufacturer Popular Models
{vid} {vendor.name} {Object.values(vendor.devices).slice(0, 3).join(', ')} {Object.keys(vendor.devices).length > 3 && '...'}

🔬 How It Works

The system combines three detection methods for maximum accuracy:

  1. Device Trust (30%): Recognized hardware = lower risk
  2. Heuristics (30%): Behavioral pattern analysis
  3. ML Models (40%): AI-powered anomaly detection

The final risk score is a weighted blend of all three methods, providing enterprise-grade detection of mouse jigglers and simulated activity.

); }; export default HelpModal;