Evaluating Synthetic Cyber Deception Strategies Under Uncertainty via Game Theory Approach: Linking Information Leakage and Game Outcomes in Cyber Deception

Abstract

The study develops a game-theoretic evaluation framework for cyber deception that quantifies deception benefit relative to an otherwise matched non-deceptive baseline and links strategic outcomes to information disclosure. A defender–attacker interaction is modeled through a paired design consisting of a baseline game without deception and a corresponding decoy-enabled deception game, enabling direct measurement of deception impact through two operational metrics: the value of deception, defined as the baseline-referenced change in defender equilibrium utility attributable to deception, and the price of transparency, defined as the marginal loss induced by increased observability of the true system state. The analysis characterizes defender-optimal deception strategies, derives interpretable bounds and break-even conditions under which deception becomes ineffective due to cost or detectability, and establishes approximation properties that support scalable allocation rules. To complement equilibrium-based evaluation, the study introduces an information-theoretic uncertainty construct that captures the extent to which deception preserves attacker uncertainty after observation, providing a mechanism-level interpretation of when and why value of deception degrades as transparency increases. Computational experiments across heterogeneous scenarios demonstrate consistent cross-setting comparability, reveal tradeoffs among decoy realism, budget, and attacker rationality, and identify regimes in which simplified allocation heuristics approach optimal performance.

1. Introduction

In the dynamic domain of cybersecurity, defenders are progressively transitioning from passive, reactive approaches to proactive techniques aimed at misleading, deterring, and detecting adversaries. Cyber deception, a contemporary manifestation of traditional military deception, has garnered substantial recognition as an effective proactive defense strategy [1]. By implementing decoy systems, honeytokens, and other synthetic artifacts, defenders can establish a misleading environment that entices attackers, depletes their resources, and yields critical intelligence regarding their tactics, techniques, and procedures (TTPs) [2].

This study frames synthetic cyber deception as a detector-mediated decision problem in which attacker behavior is shaped by the information produced by sensing and monitoring systems. In the proposed formulation, the attacker’s observations are treated as evidence generated by detectors (e.g., intrusion detection or monitoring pipelines) with explicit operating characteristics such as false-positive behavior on real assets and detectability behavior on decoys. This perspective enables cyber deception to be analyzed using formal models that connect detector outputs, uncertainty in target authenticity, and strategic attacker responses under defender commitment.

Within this framing, the study uses a game-theoretic structure to compare a baseline transparent security setting to a corresponding deceptive setting under consistent assumptions, thereby enabling the effect of decoys to be interpreted relative to a non-deceptive reference. The resulting evaluation interface emphasizes utility-based measures that remain tied to observable detector outcomes and deployment costs, rather than relying on qualitative claims about deception effectiveness. The study further supports its theoretical statements with reproducible computational validations that are aligned to the assumptions stated for each theorem, including explicit equilibrium computation when required by the value-comparison results.

Notwithstanding its theoretical allure, the practical implementation of cyber deception is frequently obstructed by the challenges associated with assessing its efficacy. Conventional security measures, including the quantity of alerts or thwarted assaults, are inadequate for assessing the efficacy of deception. The efficacy of a deception approach beyond mere assault prevention involves influencing the attacker’s decision-making, heightening their uncertainty, and finally imposing costs that exceed their prospective benefits. This complex interplay of actions and reactions is difficult to capture and quantify, especially in the absence of large-scale, real-world datasets of attacker behavior in deceptive environments [3].

This study presents a method for assessing cyber deception methods grounded in game theory principles. Game theory offers a mathematical framework for examining strategic interactions among rational decision-makers, rendering it an optimal tool for simulating the adversarial dynamics of cybersecurity [4]. We formulate a game-theoretic model that encapsulates the fundamental aspects of cyber deception, encompassing the defender’s utilization of synthetic decoys, the attacker’s efforts to differentiate genuine assets from decoys, and the intrinsic uncertainty and incomplete information that define these interactions. The contributions of this study were the results of experiments that have been suggested in previous work in the literature:

• * Standardized, reusable baseline for evaluating cyber deception: The study frames cyber deception evaluation around a fixed, reproducible comparison between an otherwise matched no-deception baseline and a deception-enabled setting. The contribution is not the general idea of using a baseline, but the study’s formalization of this comparison as a repeatable evaluation protocol intended to make results comparable across the heterogeneous deception mechanisms, attacker models, and cost regimes that are an explicit response to the well-documented fragmentation of deception evaluation in the literature [1].
• * Baseline-referenced reporting metrics for comparable deception claims (VoD and PoT): The study contributes two explicitly defined, equilibrium-grounded reporting measures, value of deception (VoD) and price of transparency (PoT), that are constructed to be interpreted relative to a matched no-deception baseline, rather than as standalone payoff numbers. This enables cross-setting comparison of deception benefit and transparency cost under differing attacker mixtures, decoy costs, and observability conditions, thereby moving beyond the common practice of reporting isolated “defender utility improved” results that are difficult to compare across models and scenarios [5,6,7,8].
• * Formal bounds and break-even conditions that delimit when deception cannot pay off: The study derives explicit, assumption-scoped theoretical results stated as theorems and corollaries that bound the achievable benefit of deception and identify “break-even” regimes in which deception becomes ineffective. These results provide checkable analytical statements showing how deception value must diminish or vanish as key factors worsen (for example, rising decoy costs, increasing attacker discernment, or increasing transparency), thereby clarifying where deception is defensible as a strategy and where it is not within the model class [9].
• * Algorithmic structure for heterogeneous decoy allocation with defensible performance claims: The study formulates a heterogeneous decoy-allocation design problem that goes beyond uniform “place decoys everywhere” settings by allowing decoys to differ in cost and effectiveness. Within this formulation, the study identifies structural properties that can be exploited algorithmically, develops scalable allocation rules (including greedy-style selection), and supports them with analytically stated performance properties (and benchmarking against optimal solutions on tractable instances) [10,11,12].
• * An uncertainty leakage interpretation layer that explains why deception value changes: The study adds an information-theoretic lens based on attacker uncertainty (conditional entropy) and information leakage to interpret the game-theoretic results, so that shifts in equilibrium value under different transparency and detectability regimes are explained mechanistically through “how much the attacker can infer” rather than reported only as changes in utility [13].
• * Robustness analysis under bounded rationality, tied directly to the evaluation metrics: The study strengthens the credibility of its conclusions by moving beyond the assumption of perfectly optimizing attackers and incorporating a bounded-rationality response model (e.g., a quantal-response formulation). The analysis treats attacker rationality as a sensitivity parameter and shows how VoD/PoT and the recommended decoy level change systematically as rationality and attacker-type composition vary. This positions bounded rationality as a structured robustness test of the proposed evaluation framework, rather than as an extension [14,15].
• * Reproducible, data-independent benchmarking protocol as a supporting contribution: The study provides a controlled simulation and benchmarking workflow that enables systematic sensitivity analysis across attacker mixtures, decoy costs, and observability regimes when real-world deception datasets are unavailable, incomplete, or difficult to share. A reproducible evaluation artifact is aligned with the paper’s theoretical quantities (equilibrium utilities and the proposed metrics), rather than as a substitute for empirical validation; thus, addressing a widely recognized obstacle in cyber-deception research, namely the difficulty of obtaining standardized datasets and comparable evaluation evidence [16].

The modeling backbone of this study is intentionally aligned with the canonical defender–attacker leader–follower structure used in Stackelberg security games, in which the defender commits to a strategy and the attacker responds given that commitment [17,18]. In this sense, this study contributes a set of evaluation and mechanism-linking constructs that build on this foundation while changing how deception is defined, compared, and interpreted across settings.

First, the study formalizes deception evaluation as an explicit paired-game interface consisting of a transparent baseline security game and a deception-enabled counterpart that are matched in targets, valuations, and accounting conventions, differing only in the availability and structure of deceptive artifacts [1,19]. This pairing provides a controlled baseline-referenced comparison that is distinct from common practice in deception modeling, where deception performance is frequently reported in a single model instance without a systematically matched non-deceptive comparator [20,21].

Second, the study introduces two equilibrium-grounded reporting functionals—the value of deception and the price of transparency—defined directly from equilibrium utilities of the paired games [22]. The conceptual innovation is that these measures are constructed as baseline-referenced objects intended to support cross-scenario comparability under consistent equilibrium selection and cost accounting, rather than as model-specific payoff summaries that are difficult to interpret across different deception mechanisms, attacker populations, and observability regimes [23].

Third, the framework embeds deception mechanisms into detector-mediated and learning-mediated information structures and links these information structures to equilibrium outcomes through explicit, computable decision rules and regime characterizations, including cost- and transparency-driven conditions under which deception becomes ineffective [24]. This mechanism-level emphasis treats deception not only as an expanded defender action set, but as an information-shaping process whose value depends on observability, detectability, and attacker inference [25].

Finally, the study links equilibrium outcomes to a complementary information-disclosure interpretation, providing a mechanism-level explanation for how and why deception value degrades as transparency increases, rather than reporting utility changes alone [26,27]. Overall, the contribution is best understood as an integrative advance over existing Stackelberg security game and deception-based attacker–defender models: it retains the established leader–follower equilibrium backbone while contributing a baseline-referenced paired-game evaluation interface, equilibrium-derived reporting measures, and an information-disclosure linkage intended to be reusable across deception mechanisms and attacker response models [28].

Synopsis

The conceptual novelty of this study lies not in proposing a wholly new Stackelberg game class, but in establishing a unified evaluation architecture for cyber deception within an existing leader–follower foundation. Specifically, the study formalizes deception assessment through a paired-game interface that couples a transparent security game with a matched deceptive security game under identical targets, payoff conventions, attacker action space, and equilibrium selection, thereby making deception value a baseline-referenced strategic object rather than an isolated utility result. Within this interface, the study introduces the value of deception and the price of transparency as equilibrium-derived comparative measures designed to support cross-setting comparability under consistent cost accounting and attacker response assumptions. The study further contributes a theorem-level regime characterization of deception performance, including explicit break-even conditions, diminishing-returns behavior, upper bounds, and ineffective-deception regimes, and it links these equilibrium outcomes to an information-disclosure interpretation that explains how transparency erodes deception value. Taken together, these contributions position the work as an integrative advance: the novelty resides in the construction of a reusable, baseline-comparable, theorem-supported framework that unifies evaluation, interpretation, and extension of cyber deception models across multiple attacker and observability settings.

This paper is organized as follows. Section 2 provides a brief review of the relevant literature on cyber deception and game theory in cybersecurity. Section 3 presents our game-theoretic framework in detail. Section 4 describes the extensions to sophisticated game models. Section 5 analyzes heterogeneous deception games. Section 6 discusses computational complexity. Section 7 presents the information-theoretic analysis. Section 8 introduces the VoD framework. Section 9 presents and discusses implications, future research directions, and concludes the study.

2. Background

Cybersecurity and the contemporary industrial landscape are intricately linked, as Industry 4.0 though to Industry 6.0 increasingly rely on digitization, connection, and automation, all of which broaden the cyber-attack surface. No modern industrial entity can operate securely or dependably without cybersecurity [29,30]. Effective cybersecurity has emerged as a fundamental component of contemporary existence, essential for defense, key infrastructure, and commerce [31,32]. This is primarily attributable to the catastrophic outcomes resulting from inadequate cyber defenses. Recent instances in critical infrastructure include the 2021 Colonial Pipeline breach, which resulted in a six-day shutdown and an approximate increase of four cents in gas prices across 18 states. Additionally, between 2009 and 2017, 133.8 million patients in the United States had their protected health information compromised due to the hacking or IT-related incidents. Therefore, it is of paramount importance that cybersecurity is regarded with seriousness and implemented effectively [31,33,34].

Cybersecurity is inherently interdisciplinary [35,36] and enhancing one’s cybersecurity posture can manifest in several ways [37,38]; however, a critical aspect to consider is cyber decision-making. Cyber defenders universally possess limited resources, although improving cybersecurity typically entails certain expenses. An example of a prevalent cyber protection tool is the intrusion detection system (IDS), which analyzes host or network records to detect anomalous activities [39,40].

These activities inherently incur costs and consume resources (e.g., allocating domain experts to assess IDS alarms) that could be utilized for alternative purposes [41,42]. Consequently, an essential trade-off in cybersecurity decision-making emerges: What level of investment in cybersecurity is warranted considering the advantages of enhanced security against the expenditure of system resources? Addressing this trade-off is a critical issue in cybersecurity, and it is evident that improvised decision-making is inadequate, as any mistakes could incur significant costs [43,44,45].

The application of game theory, which examines the interactions among decision-makers, has been suggested to address this issue. Game theory provides two notable advantages: firstly, its solutions are mathematically optimal, rendering them disciplined and rigorous. Secondly, it expressly addresses the strategic interactions among numerous parties, indicating that the attacker’s reactions to any specific defensive policy are considered. Both traits are essential for disciplined cybersecurity decision-making to achieve an optimal balance between security and efficiency.

Cyber deception under uncertainty examines how information leakage affects attacker–defender outcomes [46]. This is especially relevant in human–AI collaborative manufacturing environments where predictive maintenance and collaborative robots require strong protection [47]. Our research is situated at the intersection of three key domains: cyber deception, game theory in cybersecurity, and attacker modeling. This section provides a comprehensive review of the foundational and recent literature in these areas, establishing the context and identifying the research gap that our proposed framework addresses.

2.1. Cyber Deception Techniques and Taxonomies

Cyber deception is a proactive defense strategy designed to deceive enemies by altering their perspective of the cyber landscape. The objective is to impose expenses on assailants, deplete their resources, and collect intelligence on their TTPs [48]. The literature defines a diverse range of deception tactics (see Figure 1) that can be generally classified as follows:

• Honeypots: These are decoy systems intended for probing and assault. They vary from low-interaction honeypots that simulate basic services to high-interaction honeypots that offer a comprehensive, monitored environment for attackers. Game-theoretic models have been devised to enhance honeypot deployment, taking into account variables such as attacker probing and the utilization of attack graphs [49,50,51,52].
• Honeytokens: These are deceptive digital artifacts (e.g., fake credentials, API keys, files) that trigger an alert when accessed, serving as high-fidelity intrusion indicators [53,54].
• Moving target defense (MTD): MTD is a proactive defense strategy that dynamically shifts the attack surface (e.g., by changing IP addresses or randomizing memory layouts) to increase uncertainty for attackers. Game theory has been instrumental in analyzing MTD, with models exploring the trade-offs between the security benefits and the operational costs of reconfiguration [55].

Numerous taxonomies have been suggested to organize the extensive array of deception techniques. Pawlick, Colbert, and Zhu’s game-theoretic taxonomy [19] offers a systematic classification grounded in fundamental game-theoretic principles, facilitating comprehension of the strategic intent behind various misleading behaviors.

2.2. Game-Theoretic Models for Cybersecurity

Game theory provides a robust mathematical framework for examining strategic interactions in cybersecurity [56]. Signaling games are particularly effective for modeling deception under information asymmetry, where the defender can send signals to influence attacker beliefs and actions. Similarly, GPT-based AI systems, capable of processing multiple languages, can interpret subtle patterns in complex data, enabling adaptive strategies and more informed decision-making under uncertainty. Diverse categories of games have been utilized to simulate various facets of the attacker–defender conflict, as follows:

• Stackelberg security games: These leader–follower models, where the defender commits to a defensive strategy first, are highly applicable to security domains where defensive postures are observable. They have been effectively implemented in practical solutions for infrastructure security. Nonetheless, determining the optimal strategy in these games is frequently NP-hard [57], which has spurred the development of efficient algorithms like the decomposed optimal Bayesian Stackelberg solver (DOBSS) [58].
• Signaling games: These games are optimal for simulating deception in conditions of information asymmetry. The defender (sender) can transmit a signal to the attacker (receiver) to affect their beliefs and behaviors. Pawlick and Zhu’s key work on signaling games with evidence establishes a formal framework for examining leaky deception, when the attacker might potentially discern the deception with a certain probability [59].
• Dynamic and repeated games: Cyber conflicts are seldom isolated incidents. Dynamic and repetitive games represent the long-term, changing interactions between attackers and defenders [60,61,62]. These models integrate learning and adaptation, wherein players modify their strategy based on historical gameplay [63]. The FlipIt game exemplifies the continuous contest for resource management and has been utilized to examine defenses against advanced persistent threats (APTs) [64].
• Information design and Bayesian persuasion: This current research investigates how a defense can strategically construct an information disclosure mechanism to influence an attacker to do activities advantageous to the defender [65]. This approach offers a robust instrument for examining deceit as a method of strategic information disclosure.

2.3. Prior Work on Value of Deception

The notion of quantifying the “value” or efficacy of deception has been addressed in previous literature. Zhu et al. [66] notably proposed the concept of “value of deception” within the framework of deceptive routing games, whereas extensive surveys on defensive deception have examined VoD-type metrics as evaluative criteria [16]. Our research extends these foundations by offering precise operationalization of VoD inside a paired-game framework—transparent security game (low-interaction) vs. deceptive security game (DSG)—facilitating direct return-on-investment (ROI) comparability across various deception scenarios. The primary contrast is such that we see VoD not only as a conceptual metric but as a formal interface for standardized deception assessment, supported by clear theoretical limits.

2.4. Attacker Modeling and Bounded Rationality

A critical component of any security game model is the model of the attacker. While the assumption of perfect rationality is a useful starting point, it is often unrealistic. The field has seen a growing interest in modeling bounded rationality, which acknowledges that real-world attackers may have cognitive limitations, biases, and incomplete information.

• Quantal response equilibrium (QRE): QRE is a solution concept that relaxes the assumption of perfect rationality by allowing players to make mistakes with a certain probability [14]. The probability of choosing a suboptimal action is inversely related to the expected utility loss. QRE has been shown to provide a better fit for real-world security data than traditional equilibrium concepts [67].
• Nested quantal response (NQR): This is an extension of the QRE model that captures correlations in attacker choices, providing a more scalable and accurate model of adversary behavior [68].
• Learning-based models: Researchers are increasingly using machine learning techniques, such as reinforcement learning, to model adaptive adversaries who learn their strategies over time [69,70]. These models can be trained on data from real or simulated interactions to capture the complex decision-making processes of human attackers.

Despite significant progress in these areas, evaluating cyber deception remains a challenge, one that is often hindered by the lack of relevant datasets. Much of the existing work either focuses on a specific type of game, assumes perfect rationality, or lacks a formal connection to the evaluation of deception effectiveness (see Figure 2). Our work aims to bridge this gap by developing a unified Bayesian Stackelberg game framework that can be extended with more sophisticated models like signaling and dynamic games; adapting and operationalizing VoD and PoT as a standardized paired-game evaluation interface; building on prior conceptual work while providing formal bounds and characterization results; providing a formal methodology for evaluating deception strategies based on clear, game-theoretic metrics; analyzing the computational complexity of our proposed framework and discussing scalable solution approaches; and introducing an information-theoretic bridge (“deception capacity”) to quantify residual attacker uncertainty.

3. Formal Game-Theoretic Framework

In this section, the game-theoretic framework for analyzing synthetic cyber deception is formally defined. The interaction is modeled as a Bayesian Stackelberg game, which captures the essential characteristics of the problem: a leader–follower dynamic, where the defender commits to a strategy first, and incomplete information, where the defender is uncertain about the attacker’s type [16]. Integrating game-theoretic deception strategies with service-oriented platforms allows for adaptive defense mechanisms that account for dynamic attacker behavior and system uncertainties.

3.1. Formal Problem Statement

The defender’s problem is to find an optimal deception strategy that maximizes their expected utility, given a set of real assets to protect and a population of strategic attackers with unknown types. The deception strategy involves deploying a certain number of synthetic decoys (see Figure 3). The defender must balance the cost of deploying and maintaining these decoys against the benefits of deceiving attackers, which include wasting attacker resources, gathering intelligence, and preventing attacks on real assets [8].

3.2. The Bayesian Stackelberg Game Model

The model, which is called the synthetic deception game (SDG), is defined by following the tuple [71]:

$$\mathsf{\Gamma }=⟨\mathrm{P},\mathrm{T},\mathsf{\Theta },\mathrm{p},\mathrm{A},\mathrm{S},\mathrm{U}⟩$$

(1)

where we find the following:

• Players (P): The game consists of two players, a defender (D) and an attacker (A). $\mathrm{P}=\{\mathrm{D},\mathrm{A}\}$.
• Targets (T): There is a set of $\mathrm{N}$ targets, partitioned into a set of real assets ${\mathrm{T}}_{\mathrm{R}}$ and a set of synthetic decoys ${\mathrm{T}}_{\mathrm{S}}$. $\mid {\mathrm{T}}_{\mathrm{R}}\mid ={\mathrm{N}}_{\mathrm{R}}$ and $\mid {\mathrm{T}}_{\mathrm{S}}\mid ={\mathrm{N}}_{\mathrm{S}}$, with $\mathrm{N}={\mathrm{N}}_{\mathrm{R}}+{\mathrm{N}}_{\mathrm{S}}$.
• Attacker types (Θ): The attacker has a private type $\mathsf{\theta }\in \mathsf{\Theta }$, where $\mathsf{\Theta }$ is a finite set of possible attacker types. An attacker’s type encapsulates private information, such as skill, resources, and motivations. For example, $\mathsf{\Theta }=\{\mathrm{n}\mathrm{a}\mathrm{i}\mathrm{v}\mathrm{e},\mathrm{i}\mathrm{n}\mathrm{t}\mathrm{e}\mathrm{r}\mathrm{m}\mathrm{e}\mathrm{d}\mathrm{i}\mathrm{a}\mathrm{t}\mathrm{e},\mathrm{a}\mathrm{d}\mathrm{v}\mathrm{a}\mathrm{n}\mathrm{c}\mathrm{e}\mathrm{d}\}$.
• Prior beliefs (p): The defender has a prior belief over the attacker’s type, which is a probability distribution $\mathrm{p}\left(\mathsf{\theta }\right)$ for each $\mathsf{\theta }\in \mathsf{\Theta }$, such that ${\sum }_{\mathsf{\theta }\in \mathsf{\Theta }}\mathrm{p}\left(\mathsf{\theta }\right)=1$.
• Action spaces (A, S): The defender’s strategy space $\mathrm{S}$ is the set of all possible decoy deployment strategies. A pure strategy for the defender is to choose the number of decoys ${\mathrm{n}}_{\mathrm{S}}\in \{\mathrm{0,1},\dots ,{\mathrm{N}}_{\mathrm{m}\mathrm{a}\mathrm{x}}-{\mathrm{N}}_{\mathrm{R}}\}$ to deploy, where ${\mathrm{N}}_{\mathrm{m}\mathrm{a}\mathrm{x}}$ is the maximum number of possible targets. The defender commits to a strategy $\mathrm{s}\in \mathrm{S}$. The attacker’s action space $\mathrm{A}$ is the set of all possible targets to attack. $\mathrm{A}={\mathrm{T}}_{\mathrm{R}}\cup {\mathrm{T}}_{\mathrm{S}}$. The attacker chooses an action $\mathrm{a}\in \mathrm{A}$ after observing the defender’s strategy.
• Utility functions (U): The utility functions ${\mathrm{U}}_{\mathrm{D}}$ and ${\mathrm{U}}_{\mathrm{A}}$ define the payoffs for the defender and the attacker, respectively.

3.2.1. Defender’s Utility

The defender’s utility ${\mathrm{U}}_{\mathrm{D}}(\mathrm{s},\mathrm{a})$ depends on the chosen strategy $\mathrm{s}$ (number of decoys) and the attacker’s action $\mathrm{a}$:

$${\mathrm{U}}_{\mathrm{D}}(\mathrm{s},\mathrm{a})={\mathrm{R}}_{\mathrm{D}}\left(\mathrm{a}\right)-{\mathrm{C}}_{\mathrm{D}}\left(\mathrm{s}\right)$$

(2)

where we find the following:

• ${\mathrm{C}}_{\mathrm{D}}\left(\mathrm{s}\right)$ is the cost of deploying the strategy $\mathrm{s}$. A linear cost function is assumed: ${\mathrm{C}}_{\mathrm{D}}\left({\mathrm{n}}_{\mathrm{S}}\right)={\mathrm{c}}_{\mathrm{S}}\cdot {\mathrm{n}}_{\mathrm{S}}$, where ${\mathrm{c}}_{\mathrm{S}}$ is the cost per decoy.
• ${\mathrm{R}}_{\mathrm{D}}\left(\mathrm{a}\right)$ is the reward (or loss) to the defender based on the attacker’s action:
  If $\mathrm{a}\in {\mathrm{T}}_{\mathrm{S}}$ (attacker attacks a decoy), ${\mathrm{R}}_{\mathrm{D}}\left(\mathrm{a}\right)={\mathrm{B}}_{\mathrm{D}}$, where ${\mathrm{B}}_{\mathrm{D}}$ is the benefit of detecting an attack (e.g., intelligence gain).
  If $\mathrm{a}\in {\mathrm{T}}_{\mathrm{R}}$ (attacker attacks a real asset), ${\mathrm{R}}_{\mathrm{D}}\left(\mathrm{a}\right)=-{\mathrm{L}}_{\mathrm{R}}$, where ${\mathrm{L}}_{\mathrm{R}}$ is the loss incurred from a compromised real asset.

3.2.2. Attacker’s Utility

The attacker’s utility ${\mathrm{U}}_{\mathrm{A}}(\mathrm{a},\mathsf{\theta })$ depends on the action $\mathrm{a}$ and the type $\mathsf{\theta }$:

• If $\mathrm{a}\in {\mathrm{T}}_{\mathrm{S}}$, ${\mathrm{U}}_{\mathrm{A}}(\mathrm{a},\mathsf{\theta })=-{\mathrm{C}}_{\mathrm{A}}\left(\mathsf{\theta }\right)$, where ${\mathrm{C}}_{\mathrm{A}}\left(\mathsf{\theta }\right)$ is the cost to the attacker of type $\mathsf{\theta }$ for being deceived (e.g., wasted resources, exposure).
• If $\mathrm{a}\in {\mathrm{T}}_{\mathrm{R}}$, ${\mathrm{U}}_{\mathrm{A}}(\mathrm{a},\mathsf{\theta })={\mathrm{R}}_{\mathrm{A}}\left(\mathsf{\theta }\right)$, where ${\mathrm{R}}_{\mathrm{A}}\left(\mathsf{\theta }\right)$ is the reward to the attacker of type $\mathsf{\theta }$ for a successful attack.
• The study adopts the following cost-accounting convention. The quantity ${\mathrm{R}}_{\mathrm{A}}\left(\mathsf{\theta }\right)$ is treated as the attacker’s net payoff from successfully compromising a real target, with any target-independent execution cost already absorbed into that term. The parameter ${\mathrm{C}}_{\mathrm{A}}\left(\mathsf{\theta }\right)$ is reserved exclusively for the incremental loss attributable to deception outcomes—namely, the additional operational penalty incurred when a decoy is engaged (e.g., wasted effort, increased exposure, tool attrition, or mission setback). Under this convention, the attacker’s utility subtracts ${\mathrm{C}}_{\mathrm{A}}\left(\mathsf{\theta }\right)$ only in the decoy outcome, thereby preventing double counting of a universal per-attack cost. If an alternative convention is preferred—where ${\mathrm{R}}_{\mathrm{A}}\left(\mathsf{\theta }\right)$ denotes a gross success reward and a universal execution cost is modeled explicitly—the equilibrium statements and proofs remain unchanged after a notational reparameterization that introduces a per-attack cost term and correspondingly redefines ${\mathrm{R}}_{\mathrm{A}}\left(\mathsf{\theta }\right)$ to preserve identical net payoffs.

3.3. Equilibrium Analysis

The strong Stackelberg equilibrium (SSE) is used as the solution concept [12]. In an SSE, the defender chooses a strategy ${\mathrm{s}}^{\ast }$ that maximizes the defender’s expected utility, anticipating the attacker’s best response. The attacker, in turn, chooses an action that maximizes the attacker’s utility, breaking ties in favor of the defender [72,73].

3.3.1. Attacker’s Best Response

For a given defensive strategy $\mathrm{s}$ (i.e., a given number of decoys ${\mathrm{n}}_{\mathrm{S}}$), an attacker of type $\mathsf{\theta }$ will choose an action ${\mathrm{a}}^{\ast }$ that maximizes the attacker’s expected utility. The attacker’s decision depends on the attacker’s ability to distinguish real assets from decoys. Let $\mathrm{P}(\mathrm{a}\in {\mathrm{T}}_{\mathrm{R}}\mid \mathrm{s},\mathsf{\theta })$ be the probability that an attacker of type $\mathsf{\theta }$ correctly identifies and attacks a real asset, given the defender’s strategy $\mathrm{s}$. This probability is a function of the attacker’s discernment $\mathrm{d}\left(\mathsf{\theta }\right)$ and the ratio of real assets to total targets [74]. Thus, the attacker’s expected utility for attacking is as follows:

$$\mathbb{E}\left[{\mathrm{U}}_{\mathrm{A}}\right(\mathrm{s},\mathsf{\theta }\left)\right]=\mathrm{P}(\mathrm{a}\in {\mathrm{T}}_{\mathrm{R}}\mid \mathrm{s},\mathsf{\theta })\cdot {\mathrm{R}}_{\mathrm{A}}\left(\mathsf{\theta }\right)+(1-\mathrm{P}(\mathrm{a}\in {\mathrm{T}}_{\mathrm{R}}\mid \mathrm{s},\mathsf{\theta }\left)\right)\cdot (-{\mathrm{C}}_{\mathrm{A}}(\mathsf{\theta }\left)\right)$$

(3)

The attacker will attack if $\mathbb{E}\left[{\mathrm{U}}_{\mathrm{A}}\right(\mathrm{s},\mathsf{\theta }\left)\right]>0$.

3.3.2. Defender’s Optimal Strategy

The defender’s problem is to choose a strategy ${\mathrm{s}}^{\ast }$ that maximizes the defender’s expected utility [75], $\mathbb{E}\left[{\mathrm{U}}_{\mathrm{D}}\right(\mathrm{s}\left)\right]$, which is the sum of the defender’s utilities against each attacker type, weighted by the prior probabilities $\mathrm{p}\left(\mathsf{\theta }\right)$:

$${\mathrm{s}}^{\ast }=\mathrm{a}\mathrm{r}\mathrm{g}\underset{\mathrm{s}\in \mathrm{S}}{\mathrm{m}\mathrm{a}\mathrm{x}}\mathbb{E}[{\mathrm{U}}_{\mathrm{D}}(\mathrm{s})]=\mathrm{a}\mathrm{r}\mathrm{g}\underset{\mathrm{s}\in \mathrm{S}}{\mathrm{m}\mathrm{a}\mathrm{x}}{\sum }_{\mathsf{\theta }\in \mathsf{\Theta }}\mathrm{p}(\mathsf{\theta })\cdot {\mathrm{U}}_{\mathrm{D}}(\mathrm{s},{\mathrm{a}}^{\ast }(\mathrm{s},\mathsf{\theta }))$$

(4)

where ${\mathrm{a}}^{\ast }(\mathrm{s},\mathsf{\theta })$ is the best response of an attacker of type $\mathsf{\theta }$ to the defender’s strategy $\mathrm{s}$.

3.4. Theorem 1: Existence of Optimal Strategy

Theorem 1.

In SDG with a finite number of attacker types and a finite number of pure strategies for the defender, there always exists an optimal pure strategy for the defender.

Proof. 

Finite strategy space: The defender’s set of pure strategies $\mathrm{S}$ is the set of possible numbers of decoys to deploy, ${\mathrm{n}}_{\mathrm{S}}\in \{\mathrm{0,1},\dots ,{\mathrm{N}}_{\mathrm{m}\mathrm{a}\mathrm{x}}-{\mathrm{N}}_{\mathrm{R}}\}$. This is a finite set. □

Well-defined utility: For any given defender strategy $\mathrm{s}\in \mathrm{S}$, the attacker’s best response is well-defined. As the attacker’s utility function ${\mathrm{U}}_{\mathrm{A}}(\mathrm{a},\mathsf{\theta })$ is defined for all actions and types, an attacker of type $\mathsf{\theta }$ will choose an action ${\mathrm{a}}^{\ast }(\mathrm{s},\mathsf{\theta })$ that maximizes the attacker’s utility. If there are multiple such actions, the tie-breaking rule (in favor of the defender) ensures a unique best response. For each $\mathsf{\theta }\in \mathsf{\Theta }$ and each $\mathrm{s}\in \mathrm{S}$, because $\mathrm{A}$ is finite and ${\mathrm{U}}_{\mathrm{A}}(\mathrm{a},\mathsf{\theta })$ is real-valued, the best-response set, $\mathrm{B}\mathrm{R}(\mathrm{s},\mathsf{\theta })=\mathrm{a}\mathrm{r}\mathrm{g}{\mathrm{m}\mathrm{a}\mathrm{x}}_{\mathrm{a}\in \mathrm{A}}{\mathrm{U}}_{\mathrm{A}}(\mathrm{a},\mathsf{\theta })$, is non-empty. Under the strong/optimistic convention, ${\mathrm{a}}^{\ast }(\mathrm{s},\mathsf{\theta })$ is selected from $\mathrm{B}\mathrm{R}(\mathrm{s},\mathsf{\theta })$ to maximize the defender’s payoff.

Computable expected utility: For any defender strategy $\mathrm{s}\in \mathrm{S}$, the defender’s expected utility $\mathbb{E}\left[{\mathrm{U}}_{\mathrm{D}}\right(\mathrm{s}\left)\right]$ can be computed by summing over the finite set of attacker types $\mathsf{\Theta }$, as follows:

$$\mathbb{E}[{\mathrm{U}}_{\mathrm{D}}(\mathrm{s})]={\sum }_{\mathsf{\theta }\in \mathsf{\Theta }}\mathrm{p}(\mathsf{\theta })\cdot {\mathrm{U}}_{\mathrm{D}}(\mathrm{s},{\mathrm{a}}^{\ast }(\mathrm{s},\mathsf{\theta }))$$

(5)

As $\mathsf{\Theta }$ is finite and ${\mathrm{U}}_{\mathrm{D}}$ is well-defined for all outcomes, $\mathbb{E}\left[{\mathrm{U}}_{\mathrm{D}}\right(\mathrm{s}\left)\right]$ is a real-valued number for each $\mathrm{s}\in \mathrm{S}$.

Existence of maximum: Because $\mathrm{S}$ is finite, $\mathbb{E}\left[{\mathrm{U}}_{\mathrm{D}}\right(\mathrm{s}\left)\right]$ attains a maximum on $\mathrm{S}$. As $\mathrm{S}$ is a finite set and $\mathbb{E}\left[{\mathrm{U}}_{\mathrm{D}}\right(\mathrm{s}\left)\right]$ is a real-valued function on $\mathrm{S}$, there must exist at least one strategy ${\mathrm{s}}^{\ast }\in \mathrm{S}$ such that $\mathbb{E}\left[{\mathrm{U}}_{\mathrm{D}}\right({\mathrm{s}}^{\ast }\left)\right]\ge \mathbb{E}\left[{\mathrm{U}}_{\mathrm{D}}\right(\mathrm{s}\left)\right]$ for all $\mathrm{s}\in \mathrm{S}$. This ${\mathrm{s}}^{\ast }$ is an optimal pure strategy for the defender.

This theorem provides a formal well-posedness guarantee for the SDG by establishing that the defender’s discrete decoy-deployment decision admits an optimal commitment under finite attacker heterogeneity. In the context of synthetic cyber deception, this result supplies the foundational justification for computing strong Stackelberg solutions over integer decoy counts without relying on implicit existence assumptions.

Validation of Theorem 1

Theorem 1 was validated (see Figure 4) by treating the defender strategy as an integer choice over all feasible decoy counts and computing the defender objective for every feasible value in that finite set. The certificate records the objective profile and the maximizing decoy count. The validation is marked as passing when the reported maximizer attains the largest objective value in the enumeration.

This figure plots the defender objective value across the finite set of feasible decoy counts and marks the maximizing choice. It visually confirms that the optimum is attained within the finite pure-strategy set and by indicating the location of at least one maximizer.

4. Extensions to Sophisticated Game Models

The basic SDG model provides a foundation for analyzing cyber deception. However, real-world scenarios often involve more complex dynamics. This section extends the framework to incorporate signaling games, dynamic games, and bounded rationality.

Each extension retains the same leader–follower commitment structure used in the SDG. The defender (leader) commits first to the extension-specific decision variables (e.g., quality–quantity parameters in signaling-with-evidence, rotation timing in the dynamic model, or the committed decoy-count policy under bounded rationality). The attacker (follower) then observes the defender’s commitment and any extension-specific observations (e.g., evidence from a detector, elapsed time since rotation, or expected utility scores inside the logit rule) and selects an action that maximizes the attacker’s objective under the corresponding behavioral model. Defender utility is always evaluated as the defender’s expected utility under the induced attacker response, and all added extension parameters are defined so that (i) the attacker’s decision rule is explicit, (ii) the defender’s optimization target is explicit, and (iii) the mapping from defender decisions to expected utilities is fully specified by stated probabilities and costs.

4.1. Signaling Games for Leaky Deception

The basic SDG model assumes that the attacker only observes the number of targets, not any specific signals about their authenticity. A more realistic scenario can be modeled using a signaling game, where the defender can send signals to the attacker, and the attacker’s ability to detect deception is explicitly modeled.

Following the work of Pawlick et al. [19,59], the model can be extended to a signaling game with evidence. In this extension, the defender’s decoys are not perfect; they are “leaky” and can be detected with a certain probability. The defender’s strategy now includes not only the number of decoys but also the quality of the decoys, which affects their detectability [76].

4.1.1. Theorem 2: Budgeted Quality–Quantity Tradeoff Under Leaky Deception

Let ${\mathrm{N}}_{\mathrm{R}}$ denote the number of real assets and let the defender deploy $\mathrm{n}$ decoys, so that the total number of targets is ${\mathrm{N}}_{\mathrm{R}}+\mathrm{n}$. A detector emits evidence $\mathrm{e}\in \left\{\mathrm{0,1}\right\}$ for a probed target.

Detector semantics and attack timing: Evidence is binary, $\mathrm{e}\in \left\{\mathrm{0,1}\right\}$. The value $\mathrm{e}=1$ denotes an alarm/flag produced by the detector, whereas $\mathrm{e}=0$ denotes a “no-alarm” outcome. The detector operating characteristics are defined as follows: $\mathsf{\beta }=\mathrm{P}\mathrm{r}(\mathrm{e}=1\mid \mathrm{real})$ is the false-positive rate on real assets and $\mathsf{\delta }\left(\mathrm{q}\right)=\mathrm{P}\mathrm{r}(\mathrm{e}=1\mid \mathrm{decoy}\mathrm{of}\mathrm{quality}\mathrm{q})$ is the decoy detectability function, so $\mathrm{P}\mathrm{r}(\mathrm{e}=0\mid \mathrm{decoy},\mathrm{q})=1-\mathsf{\delta }\left(\mathrm{q}\right)$ is the corresponding false-negative probability on decoys. The attacker observes the realized evidence $\mathrm{e}$ and then decides whether to attack; the model does not restrict attacks to $\mathrm{e}=0$. However, the defender’s deterrence design objective in Theorem 2 is stated as deterrence after $\mathrm{e}=0$ because $\mathrm{e}=0$ corresponds to the operationally important “no-alarm” regime in which an attacker is not immediately warned away by detector output, and deterrence must therefore arise from posterior uncertainty rather than from explicit alarm signaling.

Let $\mathrm{p}=\mathrm{P}\mathrm{r}(\mathrm{real}\mid \mathrm{e})$ denote the attacker’s posterior belief that the probed target is real after observing evidence $\mathrm{e}$. Under the stated payoff convention, attacking yields expected utility $\mathrm{p}\cdot {\mathrm{R}}_{\mathrm{A}}\left(\mathsf{\theta }\right)-(1-\mathrm{p})\cdot {\mathrm{C}}_{\mathrm{A}}\left(\mathsf{\theta }\right)$. The attacker attacks if and only if this quantity is nonnegative, which is equivalent to $\mathrm{p}\ge {\displaystyle \frac{{\mathrm{C}}_{\mathrm{A}}\left(\mathsf{\theta }\right)}{{\mathrm{R}}_{\mathrm{A}}\left(\mathsf{\theta }\right)+{\mathrm{C}}_{\mathrm{A}}\left(\mathsf{\theta }\right)}}$.

The detector’s false-positive rate is $\mathsf{\beta }\in \left(\mathrm{0,1}\right)$, where $\mathrm{P}\mathrm{r}(\mathrm{e}=1\mid \mathrm{real})=\mathsf{\beta }$. A decoy has “quality” $\mathrm{q}\ge 0$, and its detectability is $\mathsf{\alpha }\left(\mathrm{q}\right)\in \left(\mathrm{0,1}\right)$, where $\mathrm{P}\mathrm{r}(\mathrm{e}=1\mid \mathrm{decoy})=\mathsf{\alpha }\left(\mathrm{q}\right)$, with ${\mathsf{\alpha }}^{\prime }\left(\mathrm{q}\right)<0$ and $\mathsf{\alpha }$ continuous. The per-decoy cost is $\mathrm{c}\left(\mathrm{q}\right)$, with ${\mathrm{c}}^{\prime }\left(\mathrm{q}\right)>0$, $\mathrm{c}$ continuous, and the deception budget is $\mathrm{B}>0$, so $\mathrm{n}\mathrm{c}\left(\mathrm{q}\right)\le \mathrm{B}$. For an attacker type $\mathsf{\theta }$, we define the attack threshold as follows:

$$\mathsf{\tau }(\mathsf{\theta })={\displaystyle \frac{{\mathrm{C}}_{\mathrm{A}}\left(\mathsf{\theta }\right)}{{\mathrm{R}}_{\mathrm{A}}(\mathsf{\theta })+{\mathrm{C}}_{\mathrm{A}}(\mathsf{\theta })}}\in (\mathrm{0,1}),$$

(6)

Equation (6) defines this quantity as ${\mathsf{\tau }}_{\mathsf{\theta }}$ and thus provides the posterior-belief cutoff separating “attack” from “decline to attack” for each attacker type $\mathsf{\theta }$. Therefore, the attacker attacks a target after observing evidence $\mathrm{e}$ if and only if the posterior probability that the target is real satisfies $\mathrm{P}\mathrm{r}(\mathrm{real}\mid \mathrm{e})\ge \mathsf{\tau }\left(\mathsf{\theta }\right)$.

Theorem 2.

Fix any attacker type $\mathsf{\theta }$. Suppose the defender’s design objective in the signaling-with-evidence extension is to choose $(\mathrm{n},\mathrm{q})$ to make the attacker decline to attack after observing $\mathrm{e}=0$ (the “no-alarm” signal), while respecting the budget $\mathrm{n}\mathrm{c}\left(\mathrm{q}\right)\le \mathrm{B}$. If the feasibility conditions $\mathrm{B}>0$ and $\mathsf{\beta }<\mathsf{\tau }\left(\mathsf{\theta }\right)$ hold, then the set of feasible designs $(\mathrm{n},\mathrm{q})$ is non-empty. Moreover, for any two detectors with the same $\mathsf{\beta }$ and decoy detectability functions ${\mathsf{\alpha }}_1\left(\mathrm{q}\right)$ and ${\mathsf{\alpha }}_2\left(\mathrm{q}\right)$ such that ${\mathsf{\alpha }}_2\left(\mathrm{q}\right)\ge {\mathsf{\alpha }}_1\left(\mathrm{q}\right)$ for all $\mathrm{q}$ (i.e., detector 2 is weakly more likely to flag decoys at every quality level), the minimal required decoy proportion ${\displaystyle \frac{\mathrm{n}}{{\mathrm{N}}_{\mathrm{R}}+\mathrm{n}}}$ to deter attack after $\mathrm{e}=0$ is weakly larger under detector 2 at every fixed $\mathrm{q}$. Under the budget constraint, this implies that any optimal deterrence-feasible design shifts weakly toward higher quality $\mathrm{q}$ and lower quantity $\mathrm{n}$ when $\mathsf{\alpha }\left(\mathrm{q}\right)$ increases pointwise (holding $\mathsf{\beta }$ fixed), provided $\mathrm{c}\left(\mathrm{q}\right)$ is strictly increasing.

Proof. 

Let ${\mathsf{\pi }}_{\mathrm{R}}={\displaystyle \frac{{\mathrm{N}}_{\mathrm{R}}}{{\mathrm{N}}_{\mathrm{R}}+\mathrm{n}}}$ and ${\mathsf{\pi }}_{\mathrm{S}}={\displaystyle \frac{\mathrm{n}}{{\mathrm{N}}_{\mathrm{R}}+\mathrm{n}}}=1-{\mathsf{\pi }}_{\mathrm{R}}$. Under Bayes’ rule, the posterior after observing $\mathrm{e}=0$ is as follows:

$$\mathrm{P}\mathrm{r}(\mathrm{real}\mid \mathrm{e}=0)={\displaystyle \frac{{\mathsf{\pi }}_{\mathrm{R}}(1-\mathsf{\beta })}{{\mathsf{\pi }}_{\mathrm{R}}(1-\mathsf{\beta })+{\mathsf{\pi }}_{\mathrm{S}}(1-\mathsf{\alpha }(\mathrm{q}\left)\right)}}.$$

(7)

□

Deterrence after $\mathrm{e}=0$ requires $\mathrm{P}\mathrm{r}(\mathrm{real}\mid \mathrm{e}=0)<\mathsf{\tau }\left(\mathsf{\theta }\right)$. This inequality is equivalent to the following:

$${\mathsf{\pi }}_{\mathrm{R}}(1-\mathsf{\beta })<\mathsf{\tau }\left(\mathsf{\theta }\right)\left({\mathsf{\pi }}_{\mathrm{R}}\right(1-\mathsf{\beta })+{\mathsf{\pi }}_{\mathrm{S}}(1-\mathsf{\alpha }\left(\mathrm{q}\right)\left)\right),$$

(8)

which rearranges to the following:

$${\displaystyle \frac{{\mathsf{\pi }}_{\mathrm{S}}}{{\mathsf{\pi }}_{\mathrm{R}}}}>{\displaystyle \frac{\left(1-\mathsf{\beta }\left)\right(1-\mathsf{\tau }\left(\mathsf{\theta }\right)\right)}{\mathsf{\tau }\left(\mathsf{\theta }\right)(1-\mathsf{\alpha }(\mathrm{q}\left)\right)}}.$$

(9)

As ${\displaystyle \frac{{\mathsf{\pi }}_{\mathrm{S}}}{{\mathsf{\pi }}_{\mathrm{R}}}}={\displaystyle \frac{\mathrm{n}}{{\mathrm{N}}_{\mathrm{R}}}}$, deterrence is equivalent to the following:

$$\mathrm{n}>{\mathrm{N}}_{\mathrm{R}}\cdot {\displaystyle \frac{\left(1-\mathsf{\beta }\left)\right(1-\mathsf{\tau }\left(\mathsf{\theta }\right)\right)}{\mathsf{\tau }\left(\mathsf{\theta }\right)(1-\mathsf{\alpha }(\mathrm{q}\left)\right)}}.$$

(10)

Define the right-hand side as $\mathrm{h}\left(\mathsf{\alpha }\right(\mathrm{q}\left)\right)$. Because $1-\mathsf{\alpha }\left(\mathrm{q}\right)\in \left(\mathrm{0,1}\right)$, $\mathrm{h}$ is strictly increasing in $\mathsf{\alpha }\left(\mathrm{q}\right)$. Therefore, for any fixed $\mathrm{q}$, if ${\mathsf{\alpha }}_2\left(\mathrm{q}\right)\ge {\mathsf{\alpha }}_1\left(\mathrm{q}\right)$, then $\mathrm{h}\left({\mathsf{\alpha }}_2\right(\mathrm{q}\left)\right)\ge \mathrm{h}\left({\mathsf{\alpha }}_1\right(\mathrm{q}\left)\right)$, implying the minimal required $\mathrm{n}$ (hence the minimal required decoy proportion ${\mathsf{\pi }}_{\mathrm{S}}$) is weakly larger under detector 2 at that $\mathrm{q}$. Under the budget $\mathrm{n}\mathrm{c}\left(\mathrm{q}\right)\le \mathrm{B}$, if the required $\mathrm{n}$ increases at fixed $\mathrm{q}$, feasibility can be restored only by decreasing $\mathsf{\alpha }\left(\mathrm{q}\right)$, which—as ${\mathsf{\alpha }}^{\prime }\left(\mathrm{q}\right)<0$—requires increasing $\mathrm{q}$. Because $\mathrm{c}\left(\mathrm{q}\right)$ is strictly increasing, raising $\mathrm{q}$ tightens the budget and forces $\mathrm{n}\le \mathrm{B}/\mathrm{c}\left(\mathrm{q}\right)$ downward. Hence the shift is weakly toward higher $\mathrm{q}$ and lower $\mathrm{n}$. Non-emptiness under $\mathsf{\beta }<\mathsf{\tau }\left(\mathsf{\theta }\right)$ follows because $\mathrm{h}\left(\mathsf{\alpha }\right(\mathrm{q}\left)\right)$ is finite for any $\mathrm{q}$ with $\mathsf{\alpha }\left(\mathrm{q}\right)<1$, and a sufficiently large $\mathrm{q}$ makes $\mathsf{\alpha }\left(\mathrm{q}\right)$ sufficiently small to reduce $\mathrm{h}$, while a sufficiently large $\mathrm{B}$ permits $\mathrm{n}$ to satisfy both constraints. Thus, providing a precise deterrence condition and derives a budget-mediated quality–quantity implication from that condition.

This theorem formalizes the leaky-decoy setting by linking detector operating characteristics and decoy design choices to the defender’s optimal deception posture within a signaling-with-evidence extension of the SDG. In the context of cyber deception engineering, the result yields a principled design interpretation for how detector strength and decoy credibility jointly shape the defender’s optimal quality–quantity tradeoff.

The signaling-with-evidence extension parameterizes decoy “quality” $\mathrm{q}$ through two functional relationships: a decoy detectability function $\mathsf{\alpha }\left(\mathrm{q}\right)$ (capturing how easily a decoy is flagged/recognized under the detector’s evidence process) and a per-decoy cost function $\mathrm{c}\left(\mathrm{q}\right)$ (capturing the marginal expense of deploying higher-fidelity decoys). These are two qualitative assumptions that reflect standard operational regularities in deception engineering. First, $\mathsf{\alpha }\left(\mathrm{q}\right)$ is assumed to be monotone in $\mathrm{q}$, meaning that increases in quality shift detectability in a single direction (in the realism interpretation used in this section, higher $\mathrm{q}$ corresponds to higher fidelity and therefore weakly lower detectability). This monotonicity is intended as an order property rather than a commitment to a particular parametric curve shape; it covers smooth forms (e.g., saturating or S-shaped behavior) as well as piecewise-smooth forms that may arise when quality improvements remove salient fingerprints. Second, $\mathrm{c}\left(\mathrm{q}\right)$ is assumed to be strictly increasing in $\mathrm{q}$, and is taken to be convex when the analysis requires an increasing marginal cost of realism. This captures the empirical engineering pattern that low-fidelity decoys are cheap to deploy, whereas high-fidelity decoys require greater integration effort, maintenance, and monitoring overhead, so that incremental realism becomes progressively more expensive.

These assumptions are introduced to ensure that (i) quality choices are economically meaningful under a budget and that (ii) the deterrence-feasible set exhibits an interpretable quality–quantity trade-off. Importantly, the core deterrence condition in this model is not tied to a specific smooth functional form: the posterior expression $\mathrm{P}\mathrm{r}(\mathrm{real}\mid \mathrm{e})$ is computed by Bayes’ rule using the detector operating characteristics, and the attacker’s attack decision depends on whether this posterior crosses the type-dependent threshold. Consequently, for any admissible $\mathsf{\alpha }\left(\mathrm{q}\right)$ and $\mathrm{c}\left(\mathrm{q}\right)$ (including non-smooth or threshold-like behavior), the deterrence criterion is evaluated exactly through the posterior inequality; what changes across functional forms is the geometry of the feasible design region and, therefore, which $(\mathrm{q},\mathrm{K})$ pairs satisfy the budget and posterior constraints. When $\mathsf{\alpha }\left(\mathrm{q}\right)$ exhibits threshold effects or other non-smooth behavior, the same posterior-based deterrence inequality continues to define feasibility, but the implied optimal designs naturally become piecewise, with quality choices concentrating at levels that cross or avoid the threshold—an outcome consistent with engineering practice in which eliminating a single fingerprint can produce a discrete jump in adversary discrimination capability [77].

Validation of Theorem 2

Theorem 2 was validated (see Figure 5 and Figure 6) by implementing the signaling-with-evidence model exactly as stated, including binary evidence, a real-target false-positive rate beta, and a quality-dependent decoy detectability function $\mathsf{\alpha }$(q) that decreases with quality, together with a per-decoy cost c(q) that increases with quality and a budget constraint. The validation computes the Bayes posterior Pr(real | e = 0) and verifies the deterrence condition Pr(real | e = 0) < $\mathsf{\tau }\left(\mathsf{\theta }\right)$.

A second check enforces the theorem’s comparative static by evaluating two detectability functions with pointwise ordering and confirming that, at fixed quality, the minimal required decoy proportion is weakly larger under the more detectable decoy function; under the budget, the deterrence-feasible design is observed to shift toward higher quality and lower quantity.

This figure compares the minimum required decoy proportion or the deterrence-feasible design region under two detectability functions that are pointwise ordered. It shows that, at fixed quality, the minimal required decoy proportion is weakly larger when the detector flags decoys more frequently, and by illustrating the induced shift toward higher quality and lower quantity under a binding budget constraint.

The x-axis reports decoy quality $\mathrm{q}$, which parameterizes decoy detectability through $\mathsf{\delta }\left(\mathrm{q}\right)=\mathrm{P}\mathrm{r}(\mathrm{e}=1\mid \mathrm{decoy},\mathrm{q})$ and cost through $\mathrm{c}\left(\mathrm{q}\right)$. The y-axis reports the minimum deterrence-feasible decoy proportion ${\mathsf{\rho }}_{\mathrm{m}\mathrm{i}\mathrm{n}}\left(\mathrm{q}\right)$ (equivalently, the minimum decoy count ${\mathrm{K}}_{\mathrm{m}\mathrm{i}\mathrm{n}}\left(\mathrm{q}\right)$ at fixed ${\mathrm{N}}_{\mathrm{R}}$) required to satisfy the posterior deterrence inequality $\mathrm{P}\mathrm{r}(\mathrm{real}\mid \mathrm{e}=0)<{\mathsf{\tau }}_{\mathsf{\theta }}$, where the posterior is computed by Bayes’ rule using $\mathsf{\beta }=\mathrm{P}\mathrm{r}(\mathrm{e}=1\mid \mathrm{real})$ and $\mathsf{\delta }\left(\mathrm{q}\right)$. “Detector strength” is operationalized via the pointwise ordering of detectability functions (higher $\mathsf{\delta }\left(\mathrm{q}\right)$ implies that the detector flags decoys more frequently at the same $\mathrm{q}$). For each $\mathrm{q}$, ${\mathsf{\rho }}_{\mathrm{m}\mathrm{i}\mathrm{n}}\left(\mathrm{q}\right)$ is obtained by solving the rearranged deterrence condition (Equation (10)) for the smallest feasible $\mathrm{K}$ satisfying the budget and posterior constraints; thus, the plotted curve represents a computed feasibility boundary rather than a fitted regression.

This figure visualizes the Bayes posterior deterrence condition after observing the no-alarm evidence signal e = 0 and shows how the minimum deterrence-feasible decoy count varies with quality. It exhibits the computed posterior-based feasibility boundary that defines the required decoy proportion for deterrence at each quality level under the stated parameters.

4.2. Repeated and Dynamic Games for Advanced Persistent Threats

Advanced persistent threats (APTs) are characterized by their long-term, stealthy nature [78]. To model the interaction with APTs, the framework is extended to a dynamic game setting [79]. In a repeated game setting, the defender and attacker interact over multiple rounds [78]. The defender can adapt the deception strategy based on the attacker’s past actions, and the attacker can learn about the defender’s strategy over time [80]. This introduces the possibility of reputation and punishment strategies [81].

The FlipIt game model [82] is particularly relevant here. The control of each asset can be modeled as a separate FlipIt game, where the defender and attacker compete for control. The defender’s deception strategy would then involve deciding which assets to “flip” (i.e., turn into decoys or back into real assets) and when [83].

4.2.1. Theorem 3: Closed-Form Optimal Rotation Period Under APT Learning

Consider a dynamic deception policy in which the defender “rotates” the configuration of assets/decoys periodically with a period $\mathsf{\Delta }>0$. Rotation resets the attacker’s knowledge to baseline. Let the attacker’s probability of correctly identifying real assets at elapsed time $\mathrm{t}\in [0,\mathsf{\Delta }]$ after rotation be as follows:

$$\mathsf{\rho }\left(\mathrm{t}\right)=1-{\mathrm{e}}^{-\mathsf{\kappa }\mathrm{t}},$$

(11)

where $\mathsf{\kappa }>0$ is the attacker learning rate. Let the expected loss rate (per unit time) from successful targeting when knowledge level is $\mathsf{\rho }$ be $\mathrm{L}\mathsf{\rho }\left(\mathrm{t}\right)$, where $\mathrm{L}>0$. Each rotation incurs cost $\mathrm{K}>0$. The defender minimizes long-run average cost per unit time.

Interpretation of attacker knowledge and learning-rate parameter: The quantity $\mathrm{p}\left(\mathrm{t}\right)$ in Equation (11) represents the attacker’s knowledge level, operationalized as a probability—specifically, the probability that the attacker correctly identifies real assets (or equivalently, avoids decoys) at elapsed time $\mathrm{t}$ after the last rotation. The parameter $\mathsf{\lambda }$ is the attacker learning-rate constant, governing how rapidly this probability increases over time. Earlier drafts may denote the same learning-rate parameter by $\mathrm{L}$; for consistency throughout the study, the learning rate is denoted by $\mathsf{\lambda }$ in all dynamic-rotation statements and validations.

Theorem 3.

The long-run average cost of a periodic rotation policy with period $\mathsf{\Delta }$ is as follows:

$$\mathrm{J}(\mathsf{\Delta })={\displaystyle \frac{\mathrm{K}}{\mathsf{\Delta }}}+{\displaystyle \frac{1}{\mathsf{\Delta }}}{\int }_0^{\mathsf{\Delta }}\mathrm{L}(1-{\mathrm{e}}^{-\mathsf{\kappa }\mathrm{t}})\mathrm{d}\mathrm{t}={\displaystyle \frac{\mathrm{K}}{\mathsf{\Delta }}}+\mathrm{L}(1-{\displaystyle \frac{1-{\mathrm{e}}^{-\mathsf{\kappa }\mathsf{\Delta }}}{\mathsf{\kappa }\mathsf{\Delta }}})$$

(12)

If $0<\mathrm{K}<{\displaystyle \frac{\mathrm{L}}{\mathsf{\kappa }}}$, there exists a unique minimizer ${\mathsf{\Delta }}^{\ast }\in (0,\mathrm{\infty })$ characterized by the first-order condition, as follows:

$$\mathrm{K}={\displaystyle \frac{\mathrm{L}}{\mathsf{\kappa }}}(1-{\mathrm{e}}^{-\mathsf{\kappa }{\mathsf{\Delta }}^{\ast }}-\mathsf{\kappa }{\mathsf{\Delta }}^{\ast }{\mathrm{e}}^{-\mathsf{\kappa }{\mathsf{\Delta }}^{\ast }})$$

(13)

If $\mathrm{K}\ge {\displaystyle \frac{\mathrm{L}}{\mathsf{\kappa }}}$, then $\mathrm{J}\left(\mathsf{\Delta }\right)$ is minimized in the limit $\mathsf{\Delta }\to \mathrm{\infty }$, and the optimal policy is to not rotate.

Proof. 

The expression for $\mathrm{J}\left(\mathsf{\Delta }\right)$ follows by direct integration is as follows:

$${\int }_0^{\mathsf{\Delta }}(1-{\mathrm{e}}^{-\mathsf{\kappa }\mathrm{t}})\mathrm{d}\mathrm{t}=\mathsf{\Delta }-{\displaystyle \frac{1-{\mathrm{e}}^{-\mathsf{\kappa }\mathsf{\Delta }}}{\mathsf{\kappa }}}$$

(14)

□

Differentiating $\mathrm{J}\left(\mathsf{\Delta }\right)$ yields the following:

$${\mathrm{J}}^{\prime }(\mathsf{\Delta })=-{\displaystyle \frac{\mathrm{K}}{{\mathsf{\Delta }}^2}}+\mathrm{L}\cdot {\displaystyle \frac{(1-{\mathrm{e}}^{-\mathsf{\kappa }\mathsf{\Delta }})-\mathsf{\kappa }\mathsf{\Delta }{\mathrm{e}}^{-\mathsf{\kappa }\mathsf{\Delta }}}{\mathsf{\kappa }{\mathsf{\Delta }}^2}}$$

(15)

Setting ${\mathrm{J}}^{\prime }\left(\mathsf{\Delta }\right)=0$ gives the stated first-order condition. Define the following:

$$\mathrm{g}(\mathsf{\Delta })={\displaystyle \frac{\mathrm{L}}{\mathsf{\kappa }}}(1-{\mathrm{e}}^{-\mathsf{\kappa }\mathsf{\Delta }}-\mathsf{\kappa }\mathsf{\Delta }{\mathrm{e}}^{-\mathsf{\kappa }\mathsf{\Delta }})$$

(16)

Then $\mathrm{g}\left(0\right)=0$ (by a second-order expansion) and ${\mathrm{l}\mathrm{i}\mathrm{m}}_{\mathsf{\Delta }\to \mathrm{\infty }}\mathrm{g}(\mathsf{\Delta })={\displaystyle \frac{\mathrm{L}}{\mathsf{\kappa }}}$. Moreover, we find the following:

$${\mathrm{g}}^{\prime }\left(\mathsf{\Delta }\right)={\displaystyle \frac{\mathrm{L}}{\mathsf{\kappa }}}\cdot {\mathsf{\kappa }}^2\mathsf{\Delta }{\mathrm{e}}^{-\mathsf{\kappa }\mathsf{\Delta }}=\mathrm{L}\mathsf{\kappa }\mathsf{\Delta }{\mathrm{e}}^{-\mathsf{\kappa }\mathsf{\Delta }}>0\mathrm{for}\mathrm{all}\mathsf{\Delta }>0,$$

(17)

Thus, $\mathrm{g}$ is strictly increasing on $(0,\mathrm{\infty })$. Therefore, if $0<\mathrm{K}<{\displaystyle \frac{\mathrm{L}}{\mathsf{\kappa }}}$, there exists a unique ${\mathsf{\Delta }}^{\ast }$ solving $\mathrm{K}=\mathrm{g}\left({\mathsf{\Delta }}^{\ast }\right)$. If $\mathrm{K}\ge {\displaystyle \frac{\mathrm{L}}{\mathsf{\kappa }}}$, no finite $\mathsf{\Delta }$ solves $\mathrm{K}=\mathrm{g}\left(\mathsf{\Delta }\right)$, and, since ${\displaystyle \frac{\mathrm{K}}{\mathsf{\Delta }}}\to 0$, while the second term approaches $\mathrm{L}$, the infimum is attained as $\mathsf{\Delta }\to \mathrm{\infty }$. This establishes existence and uniqueness as stated. The time-and-control interpretation is consistent with FlipIt-style APT modeling where control/knowledge evolves over time and timing decisions are central, thus providing an explicit optimal timing rule (with parameter dependence on $\mathsf{\kappa }$, $\mathrm{K}$, and $\mathrm{L}$).

This theorem introduces a dynamic structural implication for synthetic deception against APTs by characterizing why optimal decoy management must be policy-driven rather than static, with timing governed by learning and reconfiguration costs. In the SDG extension to repeated/dynamic interaction, the result identifies a concrete policy lever—decoy rotation timing—that is directly actionable for operational deception deployments.

Validation of Theorem 3

Theorem 3 was validated (see Figure 7) by instantiating a finite-horizon dynamic deception model in which the defender chooses time-indexed reconfiguration actions and the attacker effectiveness evolves according to an explicit learning-rate parameter, while the defender pays a stated reconfiguration cost. The validation computes an optimal policy over the model’s state space using dynamic programming and records the resulting policy and value function. The validation is marked as passing when the optimal action is not constant over time or state, and when policy changes occur in the directions predicted by the learning-rate and cost parameters used in the instantiated model class.

This figure shows the defender’s computed time-dependent reconfiguration policy or rotation threshold as model parameters vary, including the attacker learning rate and the defender reconfiguration cost. It demonstrates that the optimal deception strategy is not static by showing systematic policy shifts with the learning-rate and cost parameters within the instantiated dynamic model class.

4.3. Bounded Rationality and Quantal Response

The assumption of perfect attacker rationality is often unrealistic. To address this, the QRE model is incorporated [84,85]. In a QRE model, players choose their actions stochastically. The probability of choosing a particular action is an increasing function of its expected utility. This means that players are more likely to choose better actions, but they do not always choose the best one. The defender’s expected utility is now calculated by taking the expectation over the attacker’s stochastic choices. The defender’s problem is still to choose a strategy that maximizes this expected utility [76].

4.3.1. Theorem 4: Finite-$\lambda$ Rationality Bound for Logit QRE in SDG

For a fixed defender commitment $\mathrm{s}$ and attacker type $\mathsf{\theta }$, let the attacker’s expected utility for action $\mathrm{a}\in \mathrm{A}$ be $\mathrm{u}\left(\mathrm{a}\right)=\mathbb{E}\left[{\mathrm{U}}_{\mathrm{A}}\right(\mathrm{a},\mathrm{s},\mathsf{\theta }\left)\right]$. Under logit QRE with rationality ${\mathsf{\lambda }}_{\mathrm{A}}\ge 0$, the attacker chooses the following:

$${\mathrm{P}}_{{\mathsf{\lambda }}_{\mathrm{A}}}(\mathrm{a})={\displaystyle \frac{\mathrm{e}\mathrm{x}\mathrm{p}\left({\mathsf{\lambda }}_{\mathrm{A}}\mathrm{u}\right(\mathrm{a}\left)\right)}{\sum _{{\mathrm{a}}^{\prime }\in \mathrm{A}}\mathrm{e}\mathrm{x}\mathrm{p}({\mathsf{\lambda }}_{\mathrm{A}}\mathrm{u}\left({\mathrm{a}}^{\prime }\right))}}$$

(18)

Let ${\mathrm{u}}^{\ast }={\mathrm{m}\mathrm{a}\mathrm{x}}_{\mathrm{a}\in \mathrm{A}}\mathrm{u}\left(\mathrm{a}\right)$, let ${\mathrm{A}}^{\ast }=\{\mathrm{a}:\mathrm{u}(\mathrm{a})={\mathrm{u}}^{\ast }\}$, and define the utility gap ${\mathsf{\Delta }}_{\mathrm{m}\mathrm{i}\mathrm{n}}={\mathrm{u}}^{\ast }-{\mathrm{m}\mathrm{a}\mathrm{x}}_{\mathrm{a}\notin {\mathrm{A}}^{\ast }}\mathrm{u}\left(\mathrm{a}\right)$, with the convention ${\mathsf{\Delta }}_{\mathrm{m}\mathrm{i}\mathrm{n}}=0$ if ${\mathrm{A}}^{\ast }=\mathrm{A}$.

Theorem 4.

If ${\mathsf{\Delta }}_{\mathrm{m}\mathrm{i}\mathrm{n}}>0$, then for every ${\mathsf{\lambda }}_{\mathrm{A}}\ge 0$, we find the following:

$$1-{\sum }_{\mathrm{a}\in {\mathrm{A}}^{\ast }}{\mathrm{P}}_{{\mathsf{\lambda }}_{\mathrm{A}}}(\mathrm{a})\le (\mid \mathrm{A}\mid -\mid {\mathrm{A}}^{\ast }\mid ){\mathrm{e}}^{-{\mathsf{\lambda }}_{\mathrm{A}}{\mathsf{\Delta }}_{\mathrm{m}\mathrm{i}\mathrm{n}}}$$

(19)

Consequently, the probability of selecting a non-best-response action decays to zero at an exponential rate in ${\mathsf{\lambda }}_{\mathrm{A}}$, and the induced attacker behavior converges to best-response play. If ${\mathsf{\lambda }}_{\mathrm{A}}\to 0$, then ${\mathrm{P}}_{{\mathsf{\lambda }}_{\mathrm{A}}}\left(\mathrm{a}\right)\to 1/\mid \mathrm{A}\mid$ for all $\mathrm{a}\in \mathrm{A}$.

Proof. 

For any $\mathrm{a}\notin {\mathrm{A}}^{\ast }$, $\mathrm{u}\left(\mathrm{a}\right)\le {\mathrm{u}}^{\ast }-{\mathsf{\Delta }}_{\mathrm{m}\mathrm{i}\mathrm{n}}$. Therefore, we find the following:

$$\mathrm{e}\mathrm{x}\mathrm{p}\left({\mathsf{\lambda }}_{\mathrm{A}}\mathrm{u}\right(\mathrm{a}\left)\right)\le \mathrm{e}\mathrm{x}\mathrm{p}\left({\mathsf{\lambda }}_{\mathrm{A}}\right({\mathrm{u}}^{\ast }-{\mathsf{\Delta }}_{\mathrm{m}\mathrm{i}\mathrm{n}}\left)\right)=\mathrm{e}\mathrm{x}\mathrm{p}\left({\mathsf{\lambda }}_{\mathrm{A}}{\mathrm{u}}^{\ast }\right){\mathrm{e}}^{-{\mathsf{\lambda }}_{\mathrm{A}}{\mathsf{\Delta }}_{\mathrm{m}\mathrm{i}\mathrm{n}}}$$

(20)

□

Summing over $\mathrm{a}\notin {\mathrm{A}}^{\ast }$ gives the following:

$${\sum }_{\mathrm{a}\notin {\mathrm{A}}^{\ast }}\mathrm{e}\mathrm{x}\mathrm{p}({\mathsf{\lambda }}_{\mathrm{A}}\mathrm{u}(\mathrm{a}))\le (\mid \mathrm{A}\mid -\mid {\mathrm{A}}^{\ast }\mid )\mathrm{e}\mathrm{x}\mathrm{p}({\mathsf{\lambda }}_{\mathrm{A}}{\mathrm{u}}^{\ast }){\mathrm{e}}^{-{\mathsf{\lambda }}_{\mathrm{A}}{\mathsf{\Delta }}_{\mathrm{m}\mathrm{i}\mathrm{n}}}$$

(21)

Additionally, ${\sum }_{{\mathrm{a}}^{\prime }\in \mathrm{A}}\mathrm{e}\mathrm{x}\mathrm{p}({\mathsf{\lambda }}_{\mathrm{A}}\mathrm{u}\left({\mathrm{a}}^{\prime }\right))\ge {\sum }_{{\mathrm{a}}^{\prime }\in {\mathrm{A}}^{\ast }}\mathrm{e}\mathrm{x}\mathrm{p}({\mathsf{\lambda }}_{\mathrm{A}}\mathrm{u}({\mathrm{a}}^{\prime }\left)\right)=\mid {\mathrm{A}}^{\ast }\mid \mathrm{e}\mathrm{x}\mathrm{p}\left({\mathsf{\lambda }}_{\mathrm{A}}{\mathrm{u}}^{\ast }\right).$ Hence, we find the following:

$$\begin{array}{cc}\hfill 1-{\displaystyle \sum _{\mathrm{a}\in {\mathrm{A}}^{\ast }}}{\mathrm{P}}_{{\mathsf{\lambda }}_{\mathrm{A}}}\left(\mathrm{a}\right)=& {\displaystyle \frac{\sum _{\mathrm{a}\notin {\mathrm{A}}^{\ast }}\mathrm{e}\mathrm{x}\mathrm{p}({\mathsf{\lambda }}_{\mathrm{A}}\mathrm{u}\left(\mathrm{a}\right))}{\sum _{{\mathrm{a}}^{\prime }\in \mathrm{A}}\mathrm{e}\mathrm{x}\mathrm{p}({\mathsf{\lambda }}_{\mathrm{A}}\mathrm{u}\left({\mathrm{a}}^{\prime }\right))}}\hfill \\ \hfill & \le {\displaystyle \frac{\left(\right|\mathrm{A}\left|-\right|{\mathrm{A}}^{\ast }\left|\right)\exp \left({\mathsf{\lambda }}_{\mathrm{A}}{\mathrm{u}}^{\ast }\right){\mathrm{e}}^{-{\mathsf{\lambda }}_{\mathrm{A}}{\mathsf{\Delta }}_{\mathrm{m}\mathrm{i}\mathrm{n}}}}{\mid {\mathrm{A}}^{\ast }\mid \exp \left({\mathsf{\lambda }}_{\mathrm{A}}{\mathrm{u}}^{\ast }\right)}}\hfill \\ \hfill & \le (\mid \mathrm{A}\mid -\mid {\mathrm{A}}^{\ast }\mid ){\mathrm{e}}^{-{\mathsf{\lambda }}_{\mathrm{A}}{\mathsf{\Delta }}_{\mathrm{m}\mathrm{i}\mathrm{n}}},\hfill \end{array}$$

(22)

where the last inequality uses $\mid {\mathrm{A}}^{\ast }\mid \ge 1$. The ${\mathsf{\lambda }}_{\mathrm{A}}\to 0$ limit follows because $\exp \left({\mathsf{\lambda }}_{\mathrm{A}}\mathrm{u}\left(\mathrm{a}\right)\right)\to 1$ for all $\mathrm{a}$, so the denominator tends to $\mid \mathrm{A}\mid$. This bound and the logit formulation are standard within QRE; the distinctive element here is the explicit finite-${\mathsf{\lambda }}_{\mathrm{A}}$ deviation bound stated in SDG notation, thus providing explicit quantitative guarantee on bounded rationality effects.

This theorem connects bounded rationality to synthetic deception outcomes by specifying how attacker behavior transitions between uniform exploration and best-response targeting as rationality varies under the QRE model. In the SDG setting, this result provides a defensible bridge between idealized perfect rationality assumptions and empirically plausible attacker decision noise, enabling sensitivity analysis of deception performance across rationality regimes.

Validation of Theorem 4

Theorem 4 was validated (see Figure 8 and Figure 9) by computing logit quantal response equilibrium choice probabilities over a sweep of the rationality parameter using an explicit fixed-point solver and recording convergence diagnostics.

For each rationality value $\mathsf{\lambda }$ in Figure 8 and Figure 9, the logit rule induces an attacker mixed strategy ${\mathsf{\pi }}_{\mathsf{\lambda }}$ over the finite action set $\mathrm{A}$, where ${\mathsf{\pi }}_{\mathsf{\lambda }}\left(\mathrm{a}\right)$ is the probability assigned to action $\mathrm{a}$ as defined in Equation (18). The term “attacker mix” refers to this probability distribution ${\mathsf{\pi }}_{\mathsf{\lambda }}$ (either presented as the full vector across actions or summarized by selected components such as ${\mathsf{\pi }}_{\mathsf{\lambda }}\left({\mathrm{a}}^{\ast }\right)$ for a best-response action ${\mathrm{a}}^{\ast }$). Accordingly, the plotted “probability” values represent choice probabilities under bounded rationality rather than empirical frequencies.

The validation compares the computed mixed strategy to the limiting behaviors referenced by the theorem. The validation is marked as passing when the distribution approaches uniform randomization as rationality approaches zero and approaches deterministic best-response behavior as rationality becomes large, within a specified numerical tolerance.

This figure provides a simplified view of the same quantal response limit behavior by plotting action selection probabilities across the rationality sweep. It illustrates the approach to uniform randomization for small rationality values and the approach to deterministic best-response behavior for large rationality values.

Figure 8 shows attacker mixed strategy ${\mathsf{\pi }}_{\mathsf{\lambda }}$ under logit QRE as the rationality parameter varies. The y-axis reports ${\mathsf{\pi }}_{\mathsf{\lambda }}\left(\mathrm{a}\right)$, the model-implied probability of selecting each action $\mathrm{a}$ under Equation (18), and the x-axis reports the rationality parameter $\mathsf{\lambda }$. The plot illustrates the limiting behaviors stated in Theorem 4: as $\mathsf{\lambda }\to 0$, the distribution approaches uniform randomization, and as $\mathsf{\lambda }$ increases, probability mass concentrates on best-response actions.

This figure reports the fixed-point solution outcomes for logit quantal response equilibrium as the rationality parameter varies and includes convergence diagnostics or reference lines for limiting behavior. It shows convergence toward uniform choice at low rationality and concentration toward best responses at high rationality, with the root-solver output providing the computational certificate.

Figure 9 shows numerical certificate for QRE computation across rationality values. For each rationality level $\mathsf{\lambda }$, a fixed-point/root solver is used to compute the logit-consistent mixed strategy ${\mathsf{\pi }}_{\mathsf{\lambda }}$. The y-axis reports a solver certificate (the residual norm of the fixed-point conditions, together with the associated best-response probability mass ${\mathsf{\pi }}_{\mathsf{\lambda }}\left({\mathrm{a}}^{\ast }\right)$) to document that the plotted mixtures satisfy the QRE equations to the stated numerical tolerance. The figure thus distinguishes (i) behavioral concentration effects from (ii) numerical convergence, strengthening the defensibility of the bounded-rationality validation.

5. Optimal Allocation in Heterogeneous Deception Games (HDGs)

The basic SDG is extended to allow for $\mathrm{K}$ different types of decoys [86]. Each decoy type $\mathrm{k}$ has the following:

• A deployment cost ${\mathrm{c}}_{\mathrm{k}}$.
• An effectiveness ${\mathrm{e}}_{\mathrm{k}}$, which represents the probability that an attacker who interacts with a decoy of type $\mathrm{k}$ is detected.
• A quality ${\mathrm{q}}_{\mathrm{k}}$, which affects how easily the decoy can be distinguished from a real asset.

The defender’s strategy is a vector $\mathrm{n}=({\mathrm{n}}_1,{\mathrm{n}}_2,\dots ,{\mathrm{n}}_{\mathrm{K}})$, where ${\mathrm{n}}_{\mathrm{k}}$ is the number of decoys of type $\mathrm{k}$ deployed. The total number of decoys is as follows:

$${\mathrm{n}}_{\mathrm{S}}={\sum }_{\mathrm{k}=1}^{\mathrm{K}}{\mathrm{n}}_{\mathrm{k}}$$

(23)

In the heterogeneous deception game, the defender commits to an allocation vector $\mathrm{K}=({\mathrm{K}}_1,\dots ,{\mathrm{K}}_{\mathrm{m}})$ specifying the number of decoys deployed of each type, subject to a budget constraint. After observing this commitment, the attacker’s interaction with decoys is modeled at the type level: the attacker selects which decoy-type class to engage with according to a probability vector $\mathsf{\pi }=({\mathsf{\pi }}_1,\dots ,{\mathsf{\pi }}_{\mathrm{m}})$ (or, in the baseline theorem, $\mathsf{\pi }$ is treated as exogenous and fixed). Conditional on engaging with a decoy of type $\mathrm{k}$, the defender detects the attacker with probability ${\mathrm{e}}_{\mathrm{k}}$, yielding detection benefit ${\mathrm{B}}_{\mathrm{D}}$ to the defender. Accordingly, the defender’s expected utility contribution from type-$\mathrm{k}$ decoys is proportional to ${\mathsf{\pi }}_{\mathrm{k}}{\mathrm{e}}_{\mathrm{k}}{\mathrm{B}}_{\mathrm{D}}{\mathrm{K}}_{\mathrm{k}}$, and the defender’s optimization objective is the expected detection benefit minus deployment costs, evaluated under the stated $\mathsf{\pi }$ and ${\mathrm{e}}_{\mathrm{k}}$ assumptions.

In this section, “attacker interaction with a decoy” is used as a neutral term encompassing an attack act on a decoy (e.g., probing, an exploitation attempt, or any engagement sufficient to trigger defender telemetry). Accordingly, “interaction” is not distinct from “attack”; it is the decoy-side realization of an attack attempt.

The parameter ${\mathrm{e}}_{\mathrm{k}}$ is the conditional detection probability given interaction with a type-$\mathrm{k}$ decoy. To avoid redundant parameterization, ${\mathsf{\pi }}_{\mathrm{k}}$ is interpreted as the attacker’s probability of selecting the type-$\mathrm{k}$ decoy class to engage with (and, under the theorem, ${\mathsf{\pi }}_{\mathrm{k}}$ is treated as fixed), so the effective probability of a defender detection event attributable to type $\mathrm{k}$ is ${\mathsf{\pi }}_{\mathrm{k}}{\mathrm{e}}_{\mathrm{k}}$. If a separate decoy “quality” parameter ${\mathrm{q}}_{\mathrm{k}}$ is retained, it is interpreted as a design parameter that shifts either ${\mathsf{\pi }}_{\mathrm{k}}$ (the likelihood of engaging type $\mathrm{k}$) and/or ${\mathrm{e}}_{\mathrm{k}}$ (the likelihood of detection conditional on engagement), but it is not multiplied as an additional independent probability unless explicitly modeled; in the linearity proof and the resulting LP, the detection contribution depends on ${\mathsf{\pi }}_{\mathrm{k}}{\mathrm{e}}_{\mathrm{k}}$ as the effective event probability.

Finally, ${\mathrm{B}}_{\mathrm{D}}$ denotes the defender’s per-detection benefit (e.g., intelligence gain, containment benefit, or attribution value), consistent with the defender-utility definition in Section 3.2.1. For clarity, ${\mathrm{B}}_{\mathrm{D}}$ is treated as a constant in Section 5 because the theorem concerns allocation structure under linear detection benefit; heterogeneous ${\mathrm{B}}_{\mathrm{D},\mathrm{k}}$ can be incorporated without changing the proof form by replacing ${\mathrm{B}}_{\mathrm{D}}$ with type-dependent coefficients.

5.1. The Defender’s Optimization Problem

The defender’s problem is to choose an allocation, $\mathrm{n}$, that maximizes expected utility, subject to a budget constraint $\mathrm{B}$, as follows:

$$\underset{\mathrm{n}}{\max \mathbb{E}}\left[{\mathrm{U}}_{\mathrm{D}}\left(\mathrm{n}\right)\right]$$

(24)

$\mathrm{Subject}\mathrm{to}{\displaystyle \sum _{\mathrm{k}=1}^{\mathrm{K}}}{\mathrm{c}}_{\mathrm{k}}{\mathrm{n}}_{\mathrm{k}}\le \mathrm{B}\mathrm{a}\mathrm{n}\mathrm{d}{\mathrm{n}}_{\mathrm{k}}\ge 0\mathrm{for}\mathrm{all}\mathrm{k}.$

5.2. Theorem 5: Greedy Allocation Property

The theorem characterizes a structural property of the optimal allocation. Under fixed attacker interaction probabilities that do not depend on the number of deployed decoys, an optimal allocation exists that concentrates investment in a single decoy type with the highest “bang-for-the-buck”.

Theorem 5.

In the heterogeneous deception game (HDG), if the attacker chooses among decoy types with a fixed probability ${\mathrm{q}}_{\mathrm{k}}$ for each type $\mathrm{k}$, independent of the number of decoys ${\mathrm{n}}_{\mathrm{k}}$, and if ${\mathrm{n}}_{\mathrm{k}}$ are continuous decision variables with ${\mathrm{n}}_{\mathrm{k}}\ge 0$, then there exists an optimal allocation strategy where the defender only invests in a decoy type with the highest ratio $\left({\mathrm{q}}_{\mathrm{k}}{\mathrm{e}}_{\mathrm{k}}\right)/{\mathrm{c}}_{\mathrm{k}}$. In particular, for any of the following:

$${\mathrm{k}}^{\ast }\in \mathrm{a}\mathrm{r}\mathrm{g}\underset{\mathrm{k}}{\mathrm{m}\mathrm{a}\mathrm{x}}{\displaystyle \frac{{\mathrm{q}}_{\mathrm{k}}{\mathrm{e}}_{\mathrm{k}}}{{\mathrm{c}}_{\mathrm{k}}}},$$

(25)

One optimal allocation is as follows:

$${\mathrm{n}}_{{\mathrm{k}}^{\ast }}={\displaystyle \frac{\mathrm{B}}{{\mathrm{c}}_{{\mathrm{k}}^{\ast }}}},{\mathrm{n}}_{\mathrm{k}}=0\mathrm{for}\mathrm{all}\mathrm{k}\ne {\mathrm{k}}^{\ast }$$

(26)

5.2.1. Formal Proof

Lemma 1.

The defender’s expected utility function $\mathbb{E}\left[{\mathrm{U}}_{\mathrm{D}}\right(\mathrm{n}\left)\right]$ is a linear function of the number of decoys of each type, ${\mathrm{n}}_{\mathrm{k}}$.

Proof of Lemma 1.

Under the assumption that the attacker’s probability of interacting with each decoy type is fixed at ${\mathrm{q}}_{\mathrm{k}}$, the expected utility from deploying ${\mathrm{n}}_{\mathrm{k}}$ decoys of type $\mathrm{k}$ is ${\mathrm{n}}_{\mathrm{k}}{\mathrm{q}}_{\mathrm{k}}{\mathrm{e}}_{\mathrm{k}}{\mathrm{B}}_{\mathrm{D}}$, where ${\mathrm{B}}_{\mathrm{D}}$ is the benefit of detecting an attack. Summing up all types, the total expected utility from detection is as follows:

$$\sum _{\mathrm{k}=1}^{\mathrm{K}}{\mathrm{n}}_{\mathrm{k}}{\mathrm{q}}_{\mathrm{k}}{\mathrm{e}}_{\mathrm{k}}{\mathrm{B}}_{\mathrm{D}}$$

(27)

□

This is a linear function of the ${\mathrm{n}}_{\mathrm{k}}$ values.

Proof of Theorem 5.

• By Lemma 1, the defender’s optimization problem is the linear program (LP):

  $$\underset{\mathrm{n}}{\mathrm{m}\mathrm{a}\mathrm{x}}\sum _{\mathrm{k}=1}^{\mathrm{K}}{\mathrm{n}}_{\mathrm{k}}\left({\mathrm{q}}_{\mathrm{k}}{\mathrm{e}}_{\mathrm{k}}{\mathrm{B}}_{\mathrm{D}}\right)$$

  (28)

  $\mathrm{Subject}\mathrm{to}{\displaystyle \sum _{\mathrm{k}=1}^{\mathrm{K}}}{\mathrm{c}}_{\mathrm{k}}{\mathrm{n}}_{\mathrm{k}}\le \mathrm{B},{\mathrm{n}}_{\mathrm{k}}\ge 0.$
• Define the “bang-for-the-buck” for decoy type $\mathrm{k}$ as follows:

  $${\mathrm{r}}_{\mathrm{k}}={\displaystyle \frac{{\mathrm{q}}_{\mathrm{k}}{\mathrm{e}}_{\mathrm{k}}{\mathrm{B}}_{\mathrm{D}}}{{\mathrm{c}}_{\mathrm{k}}}}$$

  (29)
• For any feasible allocation $\mathrm{n}$, we find the following:

  $${\sum }_{\mathrm{k}=1}^{\mathrm{K}}{\mathrm{n}}_{\mathrm{k}}({\mathrm{q}}_{\mathrm{k}}{\mathrm{e}}_{\mathrm{k}}{\mathrm{B}}_{\mathrm{D}})={\sum }_{\mathrm{k}=1}^{\mathrm{K}}{\mathrm{r}}_{\mathrm{k}}{\mathrm{c}}_{\mathrm{k}}{\mathrm{n}}_{\mathrm{k}}\le \left(\underset{\mathrm{j}}{\mathrm{m}\mathrm{a}\mathrm{x}}{\mathrm{r}}_{\mathrm{j}}\right){\sum }_{\mathrm{k}=1}^{\mathrm{K}}{\mathrm{c}}_{\mathrm{k}}{\mathrm{n}}_{\mathrm{k}}\le \left(\underset{\mathrm{j}}{\mathrm{m}\mathrm{a}\mathrm{x}}{\mathrm{r}}_{\mathrm{j}}\right)\mathrm{B}$$

  (30)
• Let ${\mathrm{k}}^{\ast }\in \mathrm{a}\mathrm{r}\mathrm{g}{\mathrm{m}\mathrm{a}\mathrm{x}}_{\mathrm{j}}{\mathrm{r}}_{\mathrm{j}}$. Consider the allocation ${\mathrm{n}}_{{\mathrm{k}}^{\ast }}=\mathrm{B}/{\mathrm{c}}_{{\mathrm{k}}^{\ast }}$ and ${\mathrm{n}}_{\mathrm{k}}=0$ for all $\mathrm{k}\ne {\mathrm{k}}^{\ast }$. This allocation is feasible and achieves objective value, as follows:

  $${\mathrm{r}}_{{\mathrm{k}}^{\ast }}\mathrm{B}=\left(\underset{\mathrm{j}}{\mathrm{m}\mathrm{a}\mathrm{x}}{\mathrm{r}}_{\mathrm{j}}\right)\mathrm{B}$$

  (31)
• As the allocation achieves the upper bound in Step 3, it is optimal. Therefore, there exists an optimal allocation that invests only in a decoy type ${\mathrm{k}}^{\ast }$ with the highest ratio $\left({\mathrm{q}}_{\mathrm{k}}{\mathrm{e}}_{\mathrm{k}}\right)/{\mathrm{c}}_{\mathrm{k}}$. □

This result has the following important practical implications:

• Simplified decision-making: Defenders do not need to solve a complex multi-dimensional optimization problem. They can rank decoy types by $\left({\mathrm{q}}_{\mathrm{k}}{\mathrm{e}}_{\mathrm{k}}\right)/{\mathrm{c}}_{\mathrm{k}}$ and invest in a highest-ranked type.
• Focus on quality: The theorem suggests that it is often better to invest in a smaller number of high-quality, highly effective decoys than to spread resources across many low-quality ones.
• Sensitivity to attacker behavior: The optimal allocation depends on the attacker’s interaction probabilities ${\mathrm{q}}_{\mathrm{k}}$. If these probabilities are not fixed but depend on the defender’s allocation, the problem becomes more complex.

This theorem establishes a tractable structural property of heterogeneous decoy allocation by showing that, under fixed interaction weights, the HDG reduces to a single-index “bang-for-the-buck” rule with an optimal corner allocation in the continuous relaxation. In the context of defender decoy portfolio design, the result provides an interpretable benchmark that clarifies when heterogeneity collapses to a provably optimal single-type investment and when richer attacker–defender coupling is required.

Validation of Theorem 5

Theorem 5 was validated (see Figure 10) by instantiating the heterogeneous decoy allocation model under the linearity condition that the attacker interaction probability with each decoy type is fixed and independent of deployed quantities. Under this condition, the defender objective is linear and the feasible set is a budget polytope. The validation solves the resulting linear program and checks that an optimal solution is attained at an extreme point that concentrates the budget on the decoy type with the best effectiveness-to-cost contribution to the objective, as characterized by the theorem.

This figure compares the linear-program optimum in the heterogeneous allocation setting to the extreme-point allocation that places the full budget on the best effectiveness-to-cost decoy type. It shows coincidence of the greedy extreme-point solution with the linear-program optimum under the theorem’s linearity assumptions. Vertex optimality and greedy allocation verification in the heterogeneous decoy LP regime. The y-axis reports the defender’s objective value in the continuous relaxation linear program (expected detection benefit minus deployment cost) evaluated for each compared allocation. The figure contrasts (i) the LP-optimal allocation and (ii) the greedy extreme-point (vertex) allocation that assigns the full budget to the decoy type maximizing ${\mathrm{e}}_{\mathrm{k}}{\mathrm{B}}_{\mathrm{D}}/{\mathrm{c}}_{\mathrm{k}}$. The coincidence of the two objective values provides a computational certificate that the greedy vertex attains the LP optimum under the theorem’s linearity assumptions.

6. Computational Complexity Analysis

This section analyzes the computational complexity of finding optimal strategies in the proposed game-theoretic framework and delineates the tractability boundary between the basic SDG and heterogeneous allocation variants.

6.1. Complexity of the Basic SDG

The basic SDG can be solved by enumerating the defender’s discrete decoy-count decision and evaluating the induced attacker best responses across attacker types. Let the defender’s strategy be the number of deployed decoys, denoted by $\mathrm{n}\mathrm{S}\in \{\mathrm{0,1},\dots ,\mathrm{N}\mathrm{m}\mathrm{a}\mathrm{x}-\mathrm{N}\mathrm{R}\}$, where $\mathrm{N}\mathrm{m}\mathrm{a}\mathrm{x}$ is the maximum number of possible targets and $\mathrm{N}\mathrm{R}$ is the number of real assets. For each candidate $\mathrm{n}\mathrm{S}$, the defender computes the expected utility by iterating over attacker types $\mathsf{\theta }\in \mathsf{\Theta }$ and evaluating the corresponding best response ${\mathrm{a}}^{\ast }(\mathrm{n}\mathrm{S},\mathsf{\theta })$, followed by aggregation under the prior $\mathrm{p}\left(\mathsf{\theta }\right)$.

A generic evaluation procedure is as follows.

• Enumerate defender strategies: for each $\mathrm{n}\mathrm{S}\in \{\mathrm{0,1},\dots ,\mathrm{N}\mathrm{m}\mathrm{a}\mathrm{x}-\mathrm{N}\mathrm{R}\}$.
• Compute best responses: for each $\mathsf{\theta }\in \mathsf{\Theta }$, compute ${\mathrm{a}}^{\ast }(\mathrm{n}\mathrm{S},\mathsf{\theta })$.
• Aggregate expected utility: compute $\mathbb{E}\left[\mathrm{U}\mathrm{D}\right(\mathrm{n}\mathrm{S}\left)\right]={\sum }_{\mathsf{\theta }\in \mathsf{\Theta }}\mathrm{p}\left(\mathsf{\theta }\right)\mathrm{U}\mathrm{D}\left(\mathrm{n}\mathrm{S},{\mathrm{a}}^{\ast }(\mathrm{n}\mathrm{S},\mathsf{\theta })\right)$.

To state complexity precisely, define $\mathrm{T}\mathrm{B}\mathrm{R}$ as the time required to compute one attacker best response and the associated utility contribution for a fixed pair $(\mathrm{n}\mathrm{S},\mathsf{\theta })$. Then the total runtime of the enumeration procedure is as follows:

$$\mathrm{O}\left((\mathrm{N}\mathrm{m}\mathrm{a}\mathrm{x}-\mathrm{N}\mathrm{R}+1)\mid \mathsf{\Theta }\mid \mathrm{T}\mathrm{B}\mathrm{R}\right)$$

(32)

O describes the asymptotic order of growth of an algorithm’s running time (or memory) as the problem size increases. This provides an upper bound to constant factors and ignores lower-order terms and means that the runtime grows proportionally to the product of the following:

• $\left({\mathrm{N}}_{\mathrm{m}\mathrm{a}\mathrm{x}}-{\mathrm{N}}_{\mathrm{R}}+1\right)$: the number of defender strategies being enumerated (each possible decoy count).
• $\mid \mathsf{\Theta }\mid$: the number of attacker types being evaluated per defender strategy.

6.1.1. Theorem 6: Parameterized Polynomial-Time Solvability of the Basic SDG

Theorem 6.

The basic SDG can be solved in time $\mathrm{O}\left((\mathrm{N}\mathrm{m}\mathrm{a}\mathrm{x}-\mathrm{N}\mathrm{R}+1)\mid \mathsf{\Theta }\mid \mathrm{T}\mathrm{B}\mathrm{R}\right)$. In particular, if the attacker best response for each $(\mathrm{n}\mathrm{S},\mathsf{\theta })$ is computable in constant time (for example, under a homogeneous target representation in which the attacker’s payoff depends only on whether a chosen target is real versus decoy), then the SDG is solvable in $\mathrm{O}\left((\mathrm{N}\mathrm{m}\mathrm{a}\mathrm{x}-\mathrm{N}\mathrm{R}+1)\mid \mathsf{\Theta }\mid \right)$ time [87].

Proof. 

The defender evaluates each candidate $nS$ in the finite set $\left\{\mathrm{0,1},\dots ,Nmax-NR\right\}$, whose cardinality is $Nmax-NR+1$. For each $nS$, the defender iterates across the finite set of attacker types $\Theta$. By definition, each $(nS,\theta )$ evaluation requires $TBR$ time. Therefore, the total time is the product of these factors, yielding $O\left((Nmax-NR+1)\mid \Theta \mid TBR\right)$. Under the stated constant-time best-response condition, $TBR=O\left(1\right)$, which implies $O\left((Nmax-NR+1)\mid \Theta \mid \right)$. This bound is polynomial in $\left(N_{max}-N_R+1\right)$ and $\mid \Theta \mid$ under the assumption that $T_{BR}$ is constant for the basic SDG representation. □

This theorem provides a transparent tractability statement for the restricted SDG action representation and makes it explicit which modeling choices (e.g., homogeneous versus target-specific payoffs) control whether evaluation is linear or quadratic in the number of targets.

Validation of Theorem 6

Theorem 6 was validated (see Figure 11, Figure 12 and Figure 13) through an operation count certificate that mirrors the implemented enumeration procedure. The validation records the number of feasible defender strategies, multiplies it by the number of attacker types, and parameterizes the per-type best-response evaluation cost by TBR to produce a closed-form evaluation-count expression. The validation is marked as passing when the recorded expression matches the implemented evaluation loops and when empirical scaling plots are consistent with the predicted growth under the tested regimes for TBR.

This figure visualizes the enumeration procedure under a constant-time best-response evaluation regime and shows the resulting scaling as N_max and |Θ| vary. The figure provides a concrete illustration consistent with the certificate expression when TBR is treated as constant.

This figure visualizes the enumeration procedure under a linear-scan best-response evaluation regime and shows the resulting scaling as N_max and |Θ| vary. The figure provides a concrete scaling illustration consistent with the certificate expression when TBR grows linearly with the number of targets.

This figure plots measured runtime or evaluation steps against the operation count proxy proportional to the product of the number of feasible defender strategies and the number of attacker types. The figure illustrates the implemented enumeration procedure’s scaling behavior consistent with the recorded evaluation count certificate.

6.2. Complexity of Extended Models

The computational complexity increases in the extended models because the defender’s decision space and the attacker’s inference/learning mechanisms become higher dimensional, often requiring optimization over information structures, beliefs, or state trajectories.

For signaling-with-evidence extensions, the computational burden typically shifts from enumerating a one-dimensional commitment to optimizing over a signaling or evidence structure and the induced receiver response map, which can be computationally challenging in general formulations. Results in algorithmic persuasion with evidence document that the sender’s optimization task can become difficult and that approximation questions become central in broad input models [88,89].

For dynamic and repeated deception models, the main driver of complexity is the expansion of the state space (configuration states, belief states, or attacker knowledge states). When the defender’s problem is cast as a partially observable or decentralized control process, worst-case complexity can become very high. For example, decentralized control formulations (which capture multi-component systems and partial observability) admit strong intractability results, including very high worst-case complexity classes for finite-horizon variants [38,90].

For bounded rationality via quantal response, computing the equilibrium typically requires solving a nonlinear fixed-point system (or its extensive-form analogs). In extensive-form settings, the agent quantal response equilibrium (AQRE) framework formalizes the fixed-point structure under quantal choice, which motivates the iterative numerical solution methods whose performance depends on the conditioning of the underlying game and the smoothing parameter [91,92].

6.3. Scalable Solution Approaches

For large-scale instances, scalable approaches are framed around three complementary strategies. First, approximation algorithms are appropriate when exact optimization is computationally prohibitive, with guarantees stated as bounds on solution quality where such bounds are available. Second, domain-guided heuristics are appropriate when provable approximations are unavailable or too conservative, particularly when defender objectives prioritize interpretability and operational constraints. Third, decomposition is appropriate when the game admits separable structure (e.g., asset-wise decomposition, type-wise decomposition, or weak coupling across subgames), allowing parallel solutions of subproblems followed by coordination at a higher level.

6.4. NP-Hardness of Heterogeneous Decoy Allocation Problem (HDAP)

The heterogeneous allocation setting motivates a formal hardness result that explains why the study uses tractable relaxations and greedy-style benchmarks rather than claiming general polynomial-time exactness for integer allocation.

Definition 1.

(Heterogeneous Decoy Allocation Problem (HDAP)). Let there be $m$ decoy types indexed by $i\in \{1,\dots ,m\}$. Each type $i$ has a nonnegative cost $c_i$ and a nonnegative utility contribution $v_i$ (interpreted as the defender’s per-decoy marginal expected benefit in the reduced allocation view). Given a total budget $B\ge 0$ and a target utility threshold $V\ge 0$, HDAP asks whether there exists an integer allocation vector $n=(n_1,\dots ,n_m)$ with $n_i\in {\mathbb{N}}_0$ such that (i) the budget constraint holds, ${\sum }_{i=1}^m{c}_i{n}_i\le B$, and (ii) the utility target is achieved, ${\sum }_{i=1}^m{v}_i{n}_i\ge V$. This decision formulation is the integer allocation counterpart of the continuous relaxation analyzed in Section 5 and is used to formalize the computational boundary of heterogeneous decoy portfolio design.

$${\sum }_{i=1}^m{c}_i{n}_i\le B;\mathrm{and}{\sum }_{i=1}^m{v}_i{n}_i\ge V$$

(33)

Theorem 7.

NP-Hardness of HDAP.

Proof. 

A polynomial time reduction is constructed from the unbounded knapsack decision problem. Consider an arbitrary instance of unbounded knapsack with item set $\left\{1,\dots ,I\right\}$, weights $\left\{w1,\dots ,wI\right\}$, values $\left\{p1,\dots ,pI\right\}$, capacity $W$, and target value $P$. Construct an instance of HDAP with $K=I$ decoy types by setting $ci=wi$, $vi=pi$, $B=W$, and $U=P$. Because both problems allow nonnegative integer multiplicities of each type/item, any feasible unbounded knapsack solution with a total weight of at most $W$ and a total value of at least $P$ corresponds directly to an HDAP allocation meeting the budget and utility constraints. Conversely, any HDAP allocation corresponds to a feasible unbounded knapsack selection with the same totals. The construction is clearly polynomial in the size of the knapsack instance, and correctness follows from the one-to-one preservation of feasibility under the mapping. As unbounded knapsack is NP-hard, HDAP is NP-hard [93]. □

This theorem establishes a clean hardness baseline for heterogeneous integer allocation, thereby justifying the emphasis on (i) the continuous relaxation and its single-index structure in Section 5, and (ii) scalable heuristics and approximation-oriented methods when integer constraints and heterogeneity are retained. This hardness result explains why the continuous HDG relaxation admits a simple ratio-based structural solution, while the integer HDAP formulation requires heuristics or approximation methods for large-scale deployment.

Although the NP-hardness follows from a standard knapsack lineage, the reduction is included to formalize the computational boundary of heterogeneous decoy allocation under the above HDAP definition and to justify the focus on scalable relaxations and heuristic policies for large decoy catalogs.

Validation of Theorem 7

Theorem 7 was validated (see Figure 14, Figure 15 and Figure 16) by constructing the reduction mapping used in the hardness argument and checking decision equivalence on a suite of generated instances. The validation maps knapsack weights to decoy-type costs, knapsack values to decoy-type utilities, capacity to the deception budget, and the knapsack target to the HDAP target, then evaluates the feasibility of each paired instance. The validation is marked as passing when feasibility of the knapsack instance agrees with feasibility of the mapped HDAP instance for all tested cases, and when the mapping preserves instance size growth consistent with polynomial time construction.

This figure summarizes reduction tests and instance size growth diagnostics for the mapped decision problems. It illustrates that the reduction mapping behaves consistently across increasing instance sizes in the tested set and by reporting any observed inconsistencies in the mapping-based decision equivalence check.

This figure reports the reduction-correctness pass rate across the tested instance set, typically stratified by instance size. It demonstrates that the knapsack-to-HDAP mapping preserves the decision outcome across the evaluated instances.

This figure reports the number of decision mismatches, if any, between the original knapsack instances and the mapped HDAP instances across the tested set. It supports Theorem 7 by certifying that mismatches are absent in the validated regime, which is the computational counterpart of the reduction’s forward and backward direction checks.

7. Information-Theoretic Analysis of Deception

A significant gap in the current literature is the absence of a formal method to quantify the fundamental limits of cyber deception. In this section, we introduce an extension to our framework by defining the concept of deception capacity, an information-theoretic measure that characterizes the maximum amount of uncertainty a defender can induce in an attacker.

7.1. Information-Theoretic Foundation

At its core, cyber deception is a process of manipulating an attacker’s beliefs by controlling the information they receive (see Figure 17). We can model this process using concepts from information theory.

Let $T$ be a random variable representing the target type (real or decoy), and $O$ be the attacker’s observation. The defender’s goal is to maximize the attacker’s uncertainty about $T$ after observing $O$. This is measured by the conditional entropy $H(T\mid O)$. Conversely, the information leakage $I(T;O)=H\left(T\right)-H(T\mid O)$ represents what the attacker learns, which the defender seeks to minimize.

$$I(T;O)=H\left(T\right)-H(T\mid O)$$

(34)

where $H\left(T\right)$ is the prior entropy (attacker’s uncertainty before any observation), and $H(T\mid O)$ is the conditional entropy (attacker’s remaining uncertainty after observation). A successful deception strategy keeps $H(T\mid O)$ close to $H\left(T\right)$, meaning the attacker learns little from their observations. Effective deception aims to minimize the information leakage, i.e., minimize $I(T;O)$. The symbol $T$ is used in this section as a random variable representing the target type (real vs. decoy); later references to a set of observed targets should be interpreted separately to avoid overloading the notation.

This foundation frames deception effectiveness as an explicit information-leakage minimization objective, enabling direct comparison across deception mechanisms through a common entropy-based criterion.

7.2. Defining Deception Capacity

We define deception capacity as the supremum of the normalized conditional entropy achievable by the defender, subject to constraints on the cost and fidelity of the deception.

Let the set of real assets be $R$ and the set of decoy assets be $D$. The attacker observes a set of targets $T=R\cup D$. The attacker’s goal is to distinguish between $R$ and $D$.

We can model the deception system as a communication channel, where the defender’s strategy (the configuration of $R$ and $D$) is the input, and the attacker’s observation is the output. The channel is characterized by the conditional probability $p(o\mid s)$, which represents the probability of the attacker making an observation $o$, given the defender’s strategy $s$.

Definition 2.

We define deception capacity as the supremum of the normalized conditional entropy of the target type $T$ (real vs. decoy) given the attacker’s observation $O$, taken over all admissible defender strategies $s\in S$, as follows:

$$C_D=\underset{s\in S}{sup}\left[{\displaystyle \frac{H(T\mid O;s)}{H\left(T\right)}}\right]$$

(35)

where $H(T\mid O;s)$ denotes the conditional entropy of $T$ given $O$ when the defender plays strategy $s$, and $H\left(T\right)$ is the prior entropy of the target type distribution. This ratio is bounded in $[0,1]$, where $C_D=1$ indicates perfect deception (the attacker learns nothing from observation) and $C_D=0$ indicates complete information leakage (the attacker can perfectly distinguish real targets from decoys). The defender’s objective is to select the strategy $s^{\ast }$ that achieves this supremum, thereby maximizing the attacker’s residual uncertainty. This is analogous to the definition of channel capacity in information theory.

This definition introduces a normalized, capacity-style upper bound that is expressed directly in terms of conditional entropy of real-versus-decoy discrimination, thereby formalizing “fundamental limits” as an optimizable uncertainty ratio over admissible deception strategies.

7.3. Implications for Deception Design

The concept of deception capacity provides a powerful tool for the analysis and design of deception systems:

• Benchmarking: Deception capacity provides a theoretical upper bound on the effectiveness of any deception strategy. It can be used to benchmark the performance of practical deception systems.
• Resource allocation: By understanding the factors that influence deception capacity (e.g., the number of decoys, their quality, the attacker’s observational capabilities), more informed decisions about resource allocation can be made.

These implications operationalize the capacity concept as a defender-facing benchmark and allocation lens, connecting information leakage directly to design parameters such as decoy quantity, decoy quality, and attacker observation strength.

7.4. Future Research Directions

This extension opens several new avenues for research:

• Calculating deception capacity: Developing algorithms to calculate or approximate the deception capacity for different types of deception systems.
• Achieving deception capacity: Designing practical deception strategies that can achieve the theoretical deception capacity.
• Dynamic deception capacity: Extending the concept to dynamic and adaptive deception scenarios.

By providing a formal, information-theoretic foundation for cyber deception, this extension paves the way for a more rigorous and systematic approach to the design and analysis of deception systems. These directions extend the framework from static characterization to computability, achievability, and dynamic generalization, positioning deception capacity as a unifying objective for both theoretical limits and deployable strategy design.

7.4.1. Calculating Deception Capacity

A directly computable formulation treats deception capacity as a constrained optimization over defender-configurable “channel designs.” Let the target type be $T\in \{R,D\}$ with prior $p\left(t\right)$, the attacker observation be $O\in \mathcal{O}$, and the defender strategy be $s\in S$. The induced observation model is $p(o\mid t;s)$. The defender’s objective is to maximize normalized residual uncertainty, as follows:

$$\underset{s\in S}{max}{\displaystyle \frac{H\left(T\right|O;s)}{H\left(T\right)}}⟺\underset{s\in S}{\mathit{min}I}\left(T;O;s\right)$$

(36)

because $H\left(T\right)$ is fixed and $I(T;O;s)=H\left(T\right)-H(T\mid O;s)$.

One canonical choice for replacing the abstract strategy space $S$ with explicit decision variables that parameterize feasible observation channels is to optimize over a confusion matrix $Q_s$ with entries $Q_s(o\mid t)$ that must satisfy (i) probability simplex constraints ${\sum }_o{Q}_s(o\mid t)=1$, $Q_s(o\mid t)\ge 0$, and (ii) implementation constraints that encode “cost and fidelity,” for example, as follows:

$${\sum }_t{\sum }_{o}p\left(t\right)Q_s\left(o\right|t)c\left(t,o\right)\le \mathrm{B}$$

(37)

$${\sum }_o{Q}_s\left(o\right|t)\mathcal{l}\left(t,o\right)\le {\epsilon }_t\forall t$$

(38)

where $c(t,o)$ is a cost model and $\mathcal{l}(t,o)$ encodes fidelity/leakage limits that the defender cannot violate (e.g., constraints on how much the distribution of decoy observations can deviate from real observations). With $Q_s$ as the decision variable, the objective $I(T;O)$ becomes a smooth function of $Q_s$ via the following:

$$p(o)={\sum }_{t}p(t)Q_s(o\mid t),I(T;O)={{\sum }_t{\sum }_{o}p(t)Q}_s(o\mid t)log{\displaystyle \frac{Q_s(o\mid t)}{p(o)}}$$

(39)

This yields a standard constrained information optimization problem. When the feasible set over $Q_s$ is convex (common for linear cost/fidelity constraints), the resulting program is amenable to Lagrangian methods and iterative scaling schemes. In discrete settings, a practical algorithmic path is to adapt the classical channel capacity computation machinery (iterative maximization/minimization of mutual information under constraints), which is historically exemplified by iterative algorithms for channel capacity and constrained variants. A useful modern technical bridge for cost-constrained mutual information optimization is the explicit treatment of maximizing (generalized) mutual information under cost constraints and exponential average constraints, which provides a defensible template for dual-based computation [94].

This converts “capacity” into a concrete constrained optimization with an implementable feasible region, enabling (a) exact solutions for small alphabets, (b) convex relaxations when the channel set is convex, and (c) sample average approximations when $p(o\mid t;s)$ is accessible only through simulation.

7.4.2. Achieving Deception Capacity

Instead of merely computing the supremum, this designs a family of strategies guaranteed to approach the computed upper bound under explicit engineering constraints. This is most cleanly posed as a joint design of (a) decoy configuration variables and (b) a measurable “indistinguishability mechanism” that shapes the attacker’s observation channel.

A tractable formulation introduces a parametric strategy $s\left(x\right)$ governed by design variables $x\in \mathcal{X}$ (e.g., feature templates, traffic-shaping parameters, surface signatures, response timing distributions). The induced channel is $p(o\mid t;x)$. Achievability is then posed as the constrained minimization, as follows:

$$\underset{x\in \mathcal{X}}{\mathit{min}I}\left(T;O;x\right)\mathrm{s}.\mathrm{t}.g\left(x\right)\le 0,h\left(x\right)\le B$$

(40)

With $g\left(x\right)$ capturing fidelity/operational constraints and $h\left(x\right)$ capturing cost.

If the defender does not know the attacker’s true observation model but knows it lies in an ambiguity set $\mathcal{P}\left(x\right)$, then the defender can design for worst-case leakage, as follows:

$${min}_{{x\in \mathcal{X}}^{{\mathit{m}\mathit{a}\mathit{x}}_{\mathit{p}\in \mathcal{P}\left(\mathit{x}\right)}}}{I}_p\left(T;O;x\right)$$

(41)

The designed $x^{\star }$ guarantees a bounded leakage under all channels in $\mathcal{P}\left(x^{\star }\right)$, and therefore guarantees a lower bound on $H(T\mid O;x^{\star })$, [95]. The practical mechanism to “achieve capacity” is thus to compute a capacity benchmark from Section 7.4.1; solve the robust or nominal design problem above; and report an achievability gap, as follows:

$$\Delta \left(x\right)={\displaystyle \frac{H\left(T\right|O;x)}{H\left(T\right)}}-C_D$$

(42)

or its leakage equivalent $I(T;O;x)-I^{\star }$. Thus, this is not about the existence of a mutual-information objective, but the explicit end-to-end pipeline that (1) defines a benchmark, (2) designs a feasible strategy family, and (3) reports a certifiable gap under constraints.

7.4.3. Dynamic Deception Capacity

Let $T_{\tau }$ be the target type (or configuration-relevant hidden variable) at time $\tau$, and $O_{0:\tau }$ be the history of attacker observations. A natural dynamic analogue is to consider the attacker’s residual uncertainty after $\tau$ steps, $H(T_{\tau }\mid O_{0:\tau })$, or the cumulative information leakage ${\sum }_{\tau }I(T_{\tau };O_{\tau }\mid O_{0:\tau -1})$. A dynamic deception capacity can be defined over defender policies $\pi$ that map histories (or beliefs) into actions, as follows:

$$C_D^{\left(\tau \right)}={sup}_{\pi }{\displaystyle \frac{H(T_{\tau }\mid O_{0:\tau };\pi )}{H\left(T_0\right)}}$$

(43)

Subject to per-period or cumulative cost constraints.

This becomes a partially observable Markov decision process (POMDP) problem in which the defender’s state includes (i) the system configuration and (ii) a belief about the attacker’s knowledge. The reward is information-theoretic: rather than maximizing mutual information (as in active information gathering), the defender minimizes leakage or maximizes attacker uncertainty. The methodological template is well established in POMDP planning with mutual-information criteria and sample-based approximations, which shows how information quantities can be embedded as objective functions within sequential decision-making [96]. A directly implementable method is a receding-horizon policy, as follows:

• At time $\tau$, compute the defender belief state $b_{\tau }$ over relevant hidden variables.
• Choose an action $u_{\tau }$ that minimizes predicted leakage over a horizon $H$, as follows:

  $$\underset{u_{\tau :\tau +H-1}}{\mathit{min}E}[\sum _{k=0}^{H-1}I(T_{\tau +k};O_{\tau +k}\mid O_{0:\tau +k-1})]+\lambda \mathrm{Cos}\mathrm{t}(u_{\tau :\tau +H-1})$$

  (44)
• Execute $u_{\tau }$, observe feedback, update the belief, and repeat.

This yields “dynamic deception capacity” as a policy-dependent performance (see Figure 18) limit and provides a principled bridge to adaptive deception (decoy rotation, reconfiguration, staged exposure). As a conceptual reinforcement for treating information terms as resources in sequential control, recent work on information-theoretic perspectives in control under partial observability provides a defensible foundation for incorporating information penalties/constraints into sequential optimization objectives [97].

This extension introduces a formal, channel-style limit concept for cyber deception, one that is stated directly in terms of attacker belief uncertainty and information leakage, thereby enabling upper-bound benchmarking independent of any specific decoy implementation. By defining deception capacity as a normalized conditional-entropy supremum over admissible defender strategies, this section establishes an information-theoretic upper bound for cyber deception that enables benchmarking independent of specific decoy implementations. It further positions deception capacity as an optimization object by outlining (i) a constrained program for computing or approximating capacity under cost and fidelity limits, (ii) an implementable design formulation that targets achievability through leakage minimization with explicit performance gaps, and (iii) a dynamic extension that treats deception capacity as a policy-dependent quantity in adaptive and sequential deception settings.

8. The VoD Framework

To formally analyze the fundamental value of deception, a game-theoretic framework is introduced that explicitly compares a game with deception to an equivalent game without it [7,98]. This allows the precise benefit that deception provides to be quantified through a paired-game interface (TSG vs. DSG) designed for ROI comparability across different deception scenarios.

8.1. The Baseline: TSG

A standard Stackelberg security game [74,99], the TSG, is defined as a baseline where no deception is used.

• Players: A defender (leader) and an attacker (follower).
• Targets: A set of $N$ real targets, $T=\{t_1,\dots ,t_N\}$.
• Defender’s strategy: The defender has $M$ security resources to allocate. A pure strategy is an allocation of these resources to a subset of targets. The defender commits to a mixed strategy $x$, which is a probability distribution over all possible pure strategies.
• Attacker’s strategy: The attacker observes the defender’s mixed strategy $x$ and chooses a single target $t_i$ to attack.
• Payoffs:

  -

  If the attacker attacks target $t_i$ and it is covered by a resource, the defender receives a reward $R_D^c$ and the attacker receives a penalty $P_A^c$

  -

  If the attacker attacks target $t_i$ and it is not covered, the defender receives a penalty $P_D^u$ and the attacker receives a reward $R_A^u$

• Equilibrium: The solution concept is the SSE, where the defender chooses the mixed strategy $x$ that maximizes the defender’s expected utility, assuming the attacker will break ties in the defender’s favor.

Let $U_D^{\ast }\left(TSG\right)$ be the defender’s optimal expected utility in the SSE of the TSG.

8.2. DSG: TSG Extension

The DSG extends the TSG by allowing the defender to deploy decoys [100,101].

• Players and targets: Same as the TSG, but the defender can also deploy $K$ decoys, $D=\{d_1,\dots ,d_K\}$. The attacker sees a set of $N+K$ potential targets.
• Defender’s strategy: The defender’s strategy involves both allocating $M$ resources to the $N$ real targets and deploying $K$ decoys. The decoys have a deployment cost $c_d$ each.
• Attacker’s strategy: The attacker observes the mixed strategy over the real targets and the presence of the decoys, but cannot distinguish real targets from decoys with certainty. The attacker chooses one of the $N+K$ potential targets to attack.
• Payoffs:

  -

  Payoffs for attacking real targets are the same as in the TSG.

  -

  If the attacker attacks a decoy $d_j$, the defender receives a high reward $R_D^{decoy}$ (for detecting the attacker) and the attacker receives a high penalty $P_A^{decoy}$.

• Equilibrium: The solution concept is again the SSE.

Let $U_D^{\ast }\left(DSG\right)$ be the defender’s optimal expected utility in the SSE of the DSG.

8.3. Formulating the VoD

This framework allows the VoD to be formally defined as the ratio of the defender’s optimal utility in the DSG to the defender’s optimal utility in the TSG, as follows:

$$VoD={\displaystyle \frac{U_D^{\ast }\left(DSG\right)}{U_D^{\ast }\left(TSG\right)}}$$

(45)

This metric captures the multiplicative improvement in the defender’s utility gained by using deception. A $VoD>1$ indicates that deception is beneficial, while a $VoD=1$ indicates that deception provides no value in that specific game. The price of transparency (PoT) is also defined as the absolute difference in utility.

$$PoT=U_D^{\ast }\left(DSG\right)-U_D^{\ast }\left(TSG\right)$$

(46)

Validity condition: The ratio definition is used under $U_D^{\ast }\left(TSG\right)>0$. VoD is a dimensionless ratio reporting the multiplicative improvement in defender equilibrium utility obtained when moving from the transparent baseline (TSG) to the deception-enabled game (DSG). As a ratio, VoD is most appropriate when cross-scenario comparability is required across settings with different absolute payoff scales and when the baseline defender equilibrium utility is strictly positive, ensuring the ratio is well-defined and not distorted by sign effects. By contrast, PoT is an absolute difference in utility (measured in the same units as the payoffs) that directly quantifies the marginal utility lost as transparency or observability increases. PoT is therefore most appropriate when the magnitude of the loss matters operationally (e.g., budgeting, cost accounting, and absolute ROI), or when baseline utilities may be near zero, in which case ratios can become numerically unstable or difficult to interpret. Retaining both measures is deliberate: VoD supports normalized cross-setting comparisons, whereas PoT supports additive accounting and sensitivity statements in payoff units; taken together, they reduce the risk of misleading conclusions that can arise when only a single normalization is reported.

8.3.1. VoC Curve and Marginal VoD

This framework also allows the VoD to be evaluated as a function of the number of decoys, thereby defining a deception value curve.

Let $U_D^{\ast }(DSG,K)$ denote the defender’s optimal expected utility in the SSE of a DSG with $K$ decoys and decoy deployment cost $c_d$ each. The SSE interpretation is used: the defender commits first, the attacker best-responds after observing the commitment, and ties are broken in the defender’s favor.

Let $S_K$ be the defender’s feasible commitment set in the DSG with $K$ decoys (a mixed strategy over allocations of $M$ security resources to the $N$ real targets together with the presence of $K$ decoys). Let $A_K=T\cup D_K$ be the attacker action set, where $T=\{t_1,\dots ,t_N\}$ and $D_K=\{d_1,\dots ,d_K\}$. For any defender commitment $x\in S_K$, let $BR(x,K)\subseteq A_K$ denote the attacker best-response set under the DSG payoffs, and let $a^{\ast }(x,K)\in BR(x,K)$ be the attacker action selected under SSE tie-breaking in the defender’s favor. Let $U_D(x,a;K)$ denote the defender’s expected utility induced by commitment $x$, attacker action $a$, and $K$ decoys.

Under this notation, the SSE value with $K$ decoys is as follows:

$$U_D^{\ast }(DSG,K)=\underset{x\in S_K}{max}{U}_D(x,a^{\ast }(x,K);K)$$

(47)

A cost-consistent total utility is also defined, using the linear decoy deployment cost model, as follows:

$$U_D^{total,\ast }(DSG,K)=U_D^{\ast }(DSG,K)-K{c}_d$$

(48)

Let $U_D^{\ast }\left(TSG\right)$ be the defender’s optimal expected utility in the SSE of the TSG. Therefore VoC curve is given by the following:

$$VoD\left(K\right)={\displaystyle \frac{U_D^{total,\ast }\left(DSG,K\right)}{U_D^{\ast }\left(TSG\right)}},U_D^{\ast }\left(TSG\right)>0$$

(49)

PoT curve is given by the following:

$$PoT\left(K\right)=U_D^{total,\ast }(DSG,K)-U_D^{\ast }\left(TSG\right)$$

(50)

Marginal VoD is given by the following:

$${\Delta }_D\left(K\right)=U_D^{total,\ast }(DSG,K)-U_D^{total,\ast }(DSG,K-1),K\ge 1$$

(51)

Marginal PoT is given by the following:

$${\Delta }_T\left(K\right)=PoT\left(K\right)-PoT(K-1),K\ge 1$$

(52)

These definitions ensure that $VoD\left(K\right)$, $PoT\left(K\right)$, ${\Delta }_D\left(K\right)$, and ${\Delta }_T\left(K\right)$ are evaluated using the same equilibrium concept (SSE), the same attacker action set $A_K$, and the same linear decoy deployment cost $K{c}_d$ within the DSG.

8.3.2. Budgeted Deception and ROI-Comparable Deployment Interface

The defender’s strategy in the DSG is evaluated under a budget constraint on deception. Let $B$ be a deception budget and let the decoy deployment cost be $c_d$ each. The feasible number of decoys satisfies the following:

$$K\cdot c_d\le B$$

(53)

Let $K_{max}=\lfloor {\displaystyle \frac{B}{c_d}}\rfloor$. The defender’s objective is to select $K\in \{\mathrm{0,1},\dots ,K_{max}\}$ and the associated commitment that maximizes the defender’s total utility in the SSE of the DSG, as follows:

$$K^{\ast }\in \mathit{arg}\underset{K\in \left\{\mathrm{0,1},\dots ,K_{max}\right\}}{\mathit{max}{U}_D^{total,\ast }\left(DSG,K\right),}$$

(54)

where

$$U_D^{total,\ast }(DSG,K)=U_D^{\ast }(DSG,K)-K\cdot c_d.$$

(55)

8.4. Positioning of This Framework

This framework adapts and operationalizes the concepts of VoD and PoT for the specific context of synthetic cyber deception games. The contribution is their formal operationalization within a paired-game (TSG vs. DSG) evaluation interface designed for ROI comparability across different deception scenarios. This framework provides a principled way to achieve the following:

• Quantify the benefit of deception across different game settings using a standardized metric.
• Identify the conditions under which deception is most and least effective.
• Derive tight theoretical bounds on the maximum possible value of deception.

This sets the stage for a rigorous theoretical analysis of the fundamental value of deception in cybersecurity.

8.5. Theorems on VoD

Building on this framework, original theorems are proved that characterize the fundamental limits of deception. These theorems provide formal bounds on the VoD in security games.

8.5.1. Theorem 8: The High-Cost-of-Deception Theorem

This theorem establishes a simple but important condition under which deception provides no value.

Theorem 8.

If the cost of a single decoy, $c_d$, is greater than the maximum possible marginal gain in utility from deploying that decoy, then the optimal strategy for the defender in the DSG is to deploy zero decoys, and thus the VoD is at most $1$.

Proof. 

• Let $U_D\left(K\right)$ be the defender’s optimal expected utility in a DSG with $K$ decoys, not including the cost of the decoys.
• The total utility for the defender with $K$ decoys is $U_D^{total}\left(K\right)=U_D\left(K\right)-K\cdot c_d$.
• The defender will only choose to deploy the first decoy if the utility of doing so is greater than the utility of deploying zero decoys. That is, $U_D^{total}\left(1\right)>U_D^{total}\left(0\right)$.
• Substituting the definitions, $U_D\left(1\right)-c_d>U_D\left(0\right)-0\cdot c_d$.
• This simplifies to $c_d<U_D\left(1\right)-U_D\left(0\right)$. Let $G_1=U_D\left(1\right)-U_D\left(0\right)$ be the marginal utility gain from the first decoy.
• If $c_d>{max}_K\left(U_D\right(K)-U_D(K-1\left)\right)$, then $U_D^{total}\left(K\right)-U_D^{total}(K-1)=\left(U_D\right(K)-U_D(K-1\left)\right)-c_d<0$ for all $K\ge 1$, so the optimal number of decoys is $0$.
• With $0$ decoys, the DSG is equivalent to the TSG, so $U_D^{\ast }\left(DSG\right)=U_D^{\ast }\left(TSG\right)$, and $VoD=1$. □

Validation of Theorem 8

Theorem 8 was validated (see Figure 19 and Figure 20) by computing the defender total utility over feasible decoy counts under an explicit per-decoy cost and comparing the marginal utility gain from each additional decoy to that cost. The certificate records the maximum marginal gain, the cost level, and the maximizing decoy count. The validation is marked as passing when the maximizing decoy count is zero in the regime where the per-decoy cost exceeds the maximum marginal gain, which matches the theorem’s prohibitive-cost condition.

This figure plots the defender total utility as a function of the number of deployed decoys under a high per-decoy cost regime. The figure shows that the total utility is maximized at zero decoys when the cost exceeds the maximum marginal benefit from additional decoys.

This figure highlights the optimality of the zero-decoy decision in the high-cost regime, typically by marking the maximizer and the decline in total utility for positive decoy counts. The figure provides an explicit visual witness of K* = 0 under the theorem’s prohibitive-cost condition.

8.5.2. Theorem 9: Budgeted Optimality and Diminishing Returns Condition

Theorem 9.

If ${\Delta }_D\left(K\right)$ is non-increasing in $K$ on the feasible set $K\in \{1,\dots ,K_{max}\}$, then there exists an optimal number of decoys $K^{\ast }\in \{\mathrm{0,1},\dots ,K_{max}\}$ such that $K^{\ast }$ is the largest feasible $K$ satisfying ${\Delta }_D\left(K\right)\ge 0$.

Proof. 

• The defender’s total utility with $K$ decoys is $U_D^{total,\ast }(DSG,K)$ with feasibility constraint $K\cdot c_d\le B$, equivalently $K\in \{\mathrm{0,1},\dots ,K_{max}\}$.
• The increment from $K-1$ to $K$ is

  $$U_D^{total,\ast }(DSG,K)-U_D^{total,\ast }(DSG,K-1)={\Delta }_D\left(K\right)$$

  (56)
• If ${\Delta }_D\left(K\right)<0$, then $U_D^{total,\ast }(DSG,K)<U_D^{total,\ast }(DSG,K-1)$, so deploying the $K$-th decoy decreases total utility.
• If ${\Delta }_D\left(K\right)$ is non-increasing in $K$, then for any $K^{\prime }>K$, ${\Delta }_D\left(K^{\prime }\right)\le {\Delta }_D\left(K\right)<0$, so all subsequent increments also decrease total utility.
• Therefore, among feasible $K\in \{\mathrm{0,1},\dots ,K_{max}\}$, the optimal number of decoys is attained at the largest feasible $K^{\ast }$ satisfying ${\Delta }_D\left(K\right)\ge 0$. □

Validation of Theorem 9

Theorem 9 was validated (see Figure 21 and Figure 22) in a diminishing-returns regime in which marginal gains from additional decoys are non-increasing and the defender selects an integer decoy count under a linear per-decoy cost. The validation computes the marginal gains sequence, identifies the first index at which marginal gain falls below cost, and computes the argmax of total utility over the feasible decoy counts. The validation is marked as passing when the argmax coincides with the marginal threshold stopping rule and when the marginal gains sequence satisfies the non-increasing condition used by the theorem.

This figure displays diminishing returns in the benefit of additional decoys, often by plotting the benefit curve or total utility curve and emphasizing concavity or decreasing increments. The figure illustrates the regime in which a marginal threshold characterization is appropriate.

This figure plots the marginal gains from additional decoys together with the per-decoy cost threshold and marks the predicted stopping point. The figure shows agreement between the threshold rule and the computed argmax decoy count in the diminishing-returns regime.

8.6. Tight Bounds and Characterization Results

8.6.1. Theorem 10: Upper Bound on the Value of Deception (VoD) Curve

A tight upper bound on the VoD curve is provided under a single attacker type, a single attack, linear decoy deployment cost $c_d$, and $U_D^{\ast }\left(TSG\right)>0$, as follows:

$$VoD\left(K\right)={\displaystyle \frac{U_D^{total,\ast }\left(DSG,K\right)}{U_D^{\ast }(TSG)}},U_D^{total,\ast }(DSG,K)=U_D^{\ast }(DSG,K)-K\cdot c_d$$

(57)

Theorem 10.

In any security game with a single attacker type, a single attack, and linear decoy deployment cost $c_d$, with $U_D^{\ast }\left(TSG\right)>0$, the value of deception satisfies, for all feasible $K$, the following:

$$VoD\left(K\right)\le max(1,{\displaystyle \frac{U_D^{total,\ast }\left(DSG,K\right)}{U_D^{\ast }\left(TSG\right)}})$$

(58)

Proof. 

• In the DSG with $K$ decoys, the attacker chooses one of the $N+K$ potential targets to attack, so exactly one outcome is realized: a real target is attacked or a decoy is attacked.
• If a real target is attacked, the defender’s payoff is governed by the same real-target payoffs as in the TSG. Under SSE, the defender’s expected utility from the best achievable real-target outcome is bounded above by $U_D^{\ast }\left(TSG\right)$.
• If a decoy is attacked, the defender receives $R_D^{decoy}$. Under linear decoy deployment cost, at least one decoy cost $c_d$ is incurred whenever a decoy is deployed, so the defender’s payoff from a decoy attack outcome is at most $R_D^{decoy}-c_d$. If $R_D^{decoy}-c_d<0$, a decoy attack outcome yields no positive contribution relative to the baseline, so $max\{0,R_D^{decoy}-c_d\}$ is used.
• Therefore, the defender’s optimal total utility in the DSG with $K$ decoys is bounded above by the maximum of the best achievable real-target equilibrium utility and the best achievable decoy-attack payoff, as follows:

  $$U_D^{total,\ast }(DSG,K)\le max(U_D^{\ast }\left(DSG,K\right),max\{0,R_D^{decoy}-c_d\left\}\right)$$

  (59)
• Dividing both sides by $U_D^{\ast }\left(TSG\right)>0$ yields the following:

  $$VoD\left(K\right)={\displaystyle \frac{U_D^{total,\ast }\left(DSG,K\right)}{U_D^{\ast }\left(TSG\right)}}\le max(1,{\displaystyle \frac{U_D^{total,\ast }\left(DSG,K\right)}{U_D^{\ast }\left(TSG\right)}})$$

  (60)

  □

Validation of Theorem 10

Theorem 10 was validated (see Figure 23 and Figure 24) by computing exact SSE utilities for the TSG and the corresponding DSG at each decoy count $K$, under the theorem’s stated modeling conditions (single attacker type; single attack; linear decoy cost $K{c}_d$; and $U_D^{\ast }\left(TSG\right)>0$). The validation then evaluated the $VoD\left(K\right)=U_D^{\ast ,total}(DSG,K)/U_D^{\ast }\left(TSG\right)$ against the theorem’s upper bound pointwise envelope $max\left(1,(R_D^{decoy}-K{c}_d)/U_D^{\ast }\left(TSG\right)\right)$ function. The SSE computation was performed by enumerating the attacker’s candidate best response (each real target and the decoy option), solving the defender’s linear program for each candidate response under the attacker best-response inequalities, and selecting the defender-optimal outcome consistent with the SSE tie-breaking convention.

This graph plots $VoD\left(K\right)$ computed from explicit SSE utilities for the DSG (including the linear cost $K{c}_d$) divided by the explicit SSE utility for the TSG. The graph overlays the theorem’s upper bound curve $\mathrm{m}\mathrm{a}\mathrm{x}\left(1,({\mathrm{R}}_{\mathrm{D}}^{\mathrm{d}\mathrm{e}\mathrm{c}\mathrm{o}\mathrm{y}}-\mathrm{K}{\mathrm{c}}_{\mathrm{d}})/{\mathrm{U}}_{\mathrm{D}}^{\ast }\left(\mathrm{T}\mathrm{S}\mathrm{G}\right)\right)$ evaluated using the same payoff parameters and the same ${\mathrm{U}}_{\mathrm{D}}^{\ast }\left(\mathrm{T}\mathrm{S}\mathrm{G}\right)$ obtained from the SSE solver. The plotted range shows that the computed $\mathrm{V}\mathrm{o}\mathrm{D}\left(\mathrm{K}\right)$ remains everywhere at or below the bound curve for all tested $\mathrm{K}$, with equality occurring only when the equilibrium outcome achieves the bound under the same feasibility conditions used in the solver run.

This graph plots the pointwise difference (upper bound−$\mathrm{V}\mathrm{o}\mathrm{D}\left(\mathrm{K}\right)$) across the same decoy counts $\mathrm{K}$, using the same SSE-computed values as above. The horizontal reference at zero makes the theorem check explicit: all plotted values are nonnegative, which is exactly the inequality condition required by Theorem 10. Where the curve touches zero, the bound is achieved for that $\mathrm{K}$; where it is strictly positive, the bound is conservative for that $\mathrm{K}$.

8.6.2. Theorem 11: Characterization of When Deception Is Ineffective

A formal characterization is provided for the conditions under which deception provides no value (i.e., $\mathrm{V}\mathrm{o}\mathrm{D}\left(\mathrm{K}\right)=1$ on the VoD curve defined in Section 8.3.1).

Theorem 11.

The VoD satisfies $\mathrm{V}\mathrm{o}\mathrm{D}\left(\mathrm{K}\right)=1$ for all feasible $\mathrm{K}$ if any of the following conditions hold: (a) the attacker is “decoy-immune,” meaning the attacker will never attack a decoy regardless of the defender’s strategy or (b) the cost of deception ${\mathrm{c}}_{\mathrm{d}}$ is prohibitively high, as defined in Theorem 8.

Proof. 

• Case (a): Decoy-immune attacker. If the attacker is decoy-immune, the attacker’s strategy set is restricted to the set of real targets $\mathrm{T}$. The presence of decoys has no effect on the attacker’s decision-making. As the decoys provide no benefit, the optimal strategy for the defender is to deploy zero decoys. Thus, ${\mathrm{U}}_{\mathrm{D}}^{\ast }(\mathrm{D}\mathrm{S}\mathrm{G},0)={\mathrm{U}}_{\mathrm{D}}^{\ast }\left(\mathrm{T}\mathrm{S}\mathrm{G}\right)$, and

  $${\mathrm{U}}_{\mathrm{D}}^{\mathrm{t}\mathrm{o}\mathrm{t}\mathrm{a}\mathrm{l},\ast }\left(\mathrm{D}\mathrm{S}\mathrm{G},0\right)={\mathrm{U}}_{\mathrm{D}}^{\ast }\left(\mathrm{T}\mathrm{S}\mathrm{G}\right),\mathrm{V}\mathrm{o}\mathrm{D}\left(0\right)={\displaystyle \frac{{\mathrm{U}}_{\mathrm{D}}^{\mathrm{t}\mathrm{o}\mathrm{t}\mathrm{a}\mathrm{l},\ast }\left(\mathrm{D}\mathrm{S}\mathrm{G},0\right)}{{\mathrm{U}}_{\mathrm{D}}^{\ast }\left(\mathrm{T}\mathrm{S}\mathrm{G}\right)}}=1$$

  (61)

For any $\mathrm{K}\ge 1$, deploying decoys adds the cost term $\mathrm{K}\cdot {\mathrm{c}}_{\mathrm{d}}$ without changing attacker behavior, so the optimal strategy remains to deploy zero decoys, and the DSG reduces to the TSG in equilibrium, yielding $\mathrm{V}\mathrm{o}\mathrm{D}\left(\mathrm{K}\right)=1$.

• Case (b): Prohibitively high cost. This follows directly from Theorem 8. If the cost ${\mathrm{c}}_{\mathrm{d}}$ of a decoy is higher than the marginal utility gain from deploying it, the optimal number of decoys is $0$. The DSG reduces to the TSG, so ${\mathrm{U}}_{\mathrm{D}}^{\mathrm{t}\mathrm{o}\mathrm{t}\mathrm{a}\mathrm{l},\ast }(\mathrm{D}\mathrm{S}\mathrm{G},0)={\mathrm{U}}_{\mathrm{D}}^{\ast }\left(\mathrm{T}\mathrm{S}\mathrm{G}\right)$, and therefore $\mathrm{V}\mathrm{o}\mathrm{D}\left(\mathrm{K}\right)=1$ under the optimal strategy.

□

Validation of Theorem 11

Theorem 11 was validated (see Figure 25) by instantiating the ineffective-deception conditions stated in the theorem and solving the defender’s decoy deployment decision under each condition. In the decoy-immune condition, the attacker is restricted to real targets so that decoys cannot change the attacker action; in the prohibitive-cost condition, the per-decoy cost regime satisfies the high-cost condition. The validation is marked as passing when the optimal decision is zero decoys under each condition and when the computed value of deception equals one under each ineffective regime.

This figure compares the ineffective-deception regimes, including the decoy-immune attacker condition and the prohibitive-cost condition, and shows the resulting optimum decoy count and VoD outcome. The figure shows that the optimal choice is zero decoys and that the value of deception equals one in each ineffective regime.

9. Discussion, Future Directions, and Final Thoughts

9.1. Discussion

The study formalizes cyber deception as a paired-game evaluation interface built around a transparent security game baseline and an augmented deceptive security game, and it treats the central scientific object as the equilibrium-measured benefit of deception relative to an equivalent non-deceptive baseline rather than as an isolated “best decoy policy” result.

This positioning is operationalized through the value of deception, defined as a ratio of equilibrium utilities, and the price of transparency, defined as an absolute equilibrium-utility difference, with both quantities evaluated under the same strong Stackelberg equilibrium conditions, the same attacker action set, and the same linear decoy deployment cost model within the deceptive security game (Figure 26). The resulting discipline enforces comparability: a single commitment model, a single best-response and tie-breaking interpretation, and a single cost accounting convention jointly ensure that the value of deception and the price of transparency function as a coherent interface for baseline-referenced assessment rather than as disconnected metrics.

A central implication of the paired-game formulation is that deception can be analyzed through limits, thresholds, and bounds that are meaningful precisely because they are anchored to an equilibrium baseline. In this framework, curve-level summaries express how equilibrium utility changes with deployment intensity, while theorem-level results identify regimes in which deception is effective, bounded by structural limits, or collapses to the baseline.

Within this interface, the cost of deception is treated as a first-order design primitive rather than a secondary implementation detail. Theorem 8 establishes an explicit high-cost regime in which the equilibrium-optimal decision is to deploy zero decoys, and it thereby isolates a necessary feasibility condition for positive deception value under the stated accounting and equilibrium interpretation. Theorem 9 complements this regime analysis by identifying a diminishing-returns structure under which an optimal decoy count admits a marginal gain–cost threshold characterization, thereby linking curve shape to a decision rule that is interpretable under a budget constraint.

Theorem 10 extends the interface to tight performance limits by providing an upper bound on the value of deception curve under a single attacker type, a single realized attack outcome, and linear decoy deployment cost, and the associated numerical evidence clarifies when the bound is achieved and when it is conservative. Theorem 11 completes the regime characterization by identifying conditions under which deception is ineffective, including a decoy-immune attacker condition and a prohibitively high-cost condition, each of which collapses the deceptive security game back to the transparent baseline in equilibrium and yields a value of deception of one across the feasible set.

Beyond the tight-bound and characterization results, the extensions clarify operational trade-offs that recur across deception settings. In signaling-with-evidence formulations, decoy quality and detectability jointly mediate the quality–quantity trade-off under a fixed budget, so that increased realism can reduce deployment count while changing the attacker’s posterior beliefs through the detector’s operating characteristics. In dynamic rotation settings, the period choice reflects a balance between the attacker learning rate and the defender’s reconfiguration cost, so that faster attacker learning supports shorter rotation periods when rotation cost is held fixed. In bounded-rationality settings, the logit quantal response formulation provides a structured interpolation between diffuse exploration and concentrated best-response behavior, which clarifies how equilibrium-referenced measures vary as attacker rationality departs from perfect optimization.

In terms of the scope conditions that govern interpretation and transfer of the results, the payoff and detection primitives are first parameterized to support baseline-referenced comparison, and the reported curves should be interpreted as comparative objects whose operational meaning is strongest when those primitives are calibrated or bounded using controlled experiments, red-team exercises, or incident-derived measurements. Second, the use of strong Stackelberg equilibrium with strong (defender-favoring) tie-breaking provides a consistent benchmark for comparative analysis; alternative tie-breaking conventions may change point predictions in knife-edge indifference cases, but the paired-game interface remains applicable when a single convention is used consistently across the transparent and deceptive baselines.

Third, several bounds and regime results are stated under structural assumptions such as a single attacker type, a single realized attack outcome, binary detector evidence, and linear per-decoy deployment cost. These assumptions are appropriate for isolating mechanisms and deriving clean limit statements, but they also delineate the modeling scope within which each theorem should be applied. In particular, multi-stage settings with repeated attacks, richer evidence alphabets, non-linear costs, or endogenous attacker adaptation can change the mapping from deployment intensity to equilibrium response, and they motivate extensions that preserve the paired-game comparability discipline while enlarging the state and information structure.

Fourth, heterogeneous decoy allocation results are derived under a linear detection-benefit structure and, in the continuous relaxation, under assumptions that fix attacker interaction weights by decoy type. This structure yields an interpretable allocation rule under linearity, while the study’s hardness result for integer allocation formalizes why scalable relaxations and heuristic policies become necessary when integrality and heterogeneity are retained. In application, the linearity regime should therefore be treated as an analytically transparent benchmark, with richer models used when attacker interaction probabilities are expected to respond materially to portfolio composition.

Finally, the simulation and validation program is positioned as a reproducible certificate-style process designed to align computational evidence with theorem structure. For each theorem, the reported runs record the instantiated parameterization, the computed equilibrium or optimization output, and a certificate condition expressed through inequality margins, argmax identities, monotonicity statements, convergence distances, or reduction-consistency outcomes. This certificate discipline complements the analytical proofs by providing auditable numerical witnesses under the stated hypotheses, thereby strengthening the internal consistency of the equilibrium-based value of deception and price of transparency interface.

As a whole (Figure 27), the study’s findings support the idea of evaluating cyber deception through an equilibrium-consistent, baseline-comparable interface that unifies curve-level analysis of value of deception and price of transparency with theorem-level regime characterization. The practical implications therefore emphasize disciplined comparability, cost-consistent accounting, and explicit identification of conditions under which deception is effective, bounded, or irrelevant under the stated modeling scope.

The proposed evaluation interface is designed to be implementable in operational settings where deception decisions must be updated under resource and timing constraints. The basic SDG admits enumeration-based evaluation with an explicit operation-count certificate, which supports predictable runtime scaling as the number of feasible defender strategies and attacker types grows. For larger heterogeneous catalogs (HDAP-style integer allocation), the NP-hardness result motivates practical deployment via continuous relaxations, greedy benchmarks, decomposition, or approximation-oriented routines, with solution quality judged relative to the theorem-aligned certificate outputs rather than by unverifiable optimality claims. In real deployments, latency constraints are addressed by precomputing policy tables over bounded parameter grids (e.g., cost, detector quality, attacker mixture) and performing only lightweight updates online; energy and hardware constraints can be managed by selecting solver routines consistent with the model class (LP for linear regimes; fixed-point solvers for QRE) and by using bounded-iteration stopping rules tied to residual norms that are reported as computational certificates.

9.1.1. Sensitivity and Scenario Diversity Protocol

The proposed evaluation protocol treats every theoretical claim as an auditable statement whose assumptions, derived quantities, and decision rules are paired with an explicit computational certificate. Validation is therefore presented as an assumption-scoped reproducibility layer: each theorem is instantiated under its stated modeling conditions, and the corresponding target inequality, optimality condition, or limiting behavior is computed using the same primitives invoked in the theorem statement (utilities, posteriors, equilibrium best responses, or objective functions). A clear computational certificate is recorded in a form that can be re-run by an independent reader.

At the protocol level, validation is organized around four complementary elements. First, model-to-theorem fidelity is maintained by implementing each theorem’s structural ingredients without modification (e.g., discrete defender commitment sets where finiteness is assumed, Bayes posteriors where deterrence is stated in posterior form, fixed attacker interaction weights where linearity is assumed, and explicit learning-rate dynamics where rotation policies are derived). Second, certificate-based computation is applied: each claim is accompanied by a concrete artifact (objective profiles, feasibility boundaries, policy maps, equilibrium probability trajectories, linear-program extreme-point solutions, or reduction equivalence checks) documenting the evaluated statement. Third, comparative statics and limit checks are conducted when a theorem asserts monotonicity or convergence (e.g., detector-strength ordering, rationality limits, or policy shifts with learning parameters). Fourth, protocol outcomes are reported in terms of explicitly computed certificates and stated tolerances, ensuring that each theorem’s computational instantiation is documented in a consistent and reproducible manner.

Theorem 1 (existence of an optimal pure defender strategy in the finite SDG) is validated through exhaustive enumeration over the defender’s discrete strategy set (all feasible decoy counts) and direct computation of the defender objective for each candidate. The validation certificate consists of the objective profile over the finite set together with the reported maximizer, thereby documenting attainment of the optimum within the finite pure-strategy space. Theorem 2 (posterior-based deterrence feasibility and quality–quantity comparative statics under signaling-with-evidence) is validated by implementing the signaling-with-evidence model as stated, including binary evidence, a real-target false-positive rate, a quality-dependent decoy detectability function, a per-decoy cost increasing with quality, and an explicit budget constraint. The first validation step computes the Bayes posterior probability of “real” after a no-alarm observation and verifies the theorem’s deterrence condition in posterior form. The second validation step implements the comparative static by evaluating two detectability functions with pointwise ordering and confirming that, holding quality fixed, the minimal required decoy proportion is weakly larger under the more detectable decoy function; under a binding budget, the deterrence-feasible design shifts toward higher quality and lower quantity in the direction stated by the theorem.

Theorem 3 (optimal periodic rotation under attacker learning in a dynamic deception setting) is validated by instantiating a dynamic model in which the defender chooses time-indexed reconfiguration actions, the attacker’s effectiveness evolves according to an explicit learning-rate parameter, and the defender incurs a specified reconfiguration cost. A certificate is produced by solving for an optimal policy over the model’s state space using dynamic programming and recording the resulting policy and value function. The validation reports the computed optimal action structure and the corresponding policy shifts with respect to learning-rate and cost parameters, consistent with the theorem’s qualitative implications. Theorem 4 (finite-rationality bound and convergence behavior under logit QRE) is validated by computing logit quantal response choice probabilities over a sweep of the rationality parameter using a fixed-point solver and recording convergence diagnostics. The certificate compares the computed mixed strategies to the theorem’s limiting behaviors—near-uniform randomization as rationality approaches zero and concentration on best responses as rationality becomes large—within a stated numerical tolerance.

Theorem 5 (greedy/vertex allocation property in the continuous HDG relaxation under fixed interaction weights) is validated by instantiating the heterogeneous allocation model under the theorem’s linearity condition—attacker interaction probabilities with each decoy type are fixed and independent of deployed quantities—so that the defender objective is linear over a budget polytope. The certificate solves the resulting linear program and reports an optimal extreme-point allocation concentrating the budget on the decoy type identified by the theorem’s ratio rule, together with the corresponding objective value and its agreement with the linear-program optimum within tolerance. Theorem 6 (parameterized polynomial-time solvability certificate for the basic SDG under an enumeration solver) is validated by an operation-count certificate aligned with the implemented enumeration procedure: the number of feasible defender strategies is recorded, multiplied by the number of attacker types, and combined with a parameterized per-type best-response evaluation cost to yield a closed-form evaluation-count expression. The validation reports both the derived evaluation-count expression and empirical scaling behavior consistent with the predicted growth under the tested best-response cost regimes (constant-time versus linear-scan).

Theorem 7 (NP-hardness of heterogeneous integer allocation via reduction) is supported by explicitly constructing the reduction mapping used in the hardness argument and verifying decision equivalence on a suite of generated instances. The certificate maps knapsack parameters to the heterogeneous deception allocation instance parameters and evaluates feasibility for each paired instance, reporting agreement across tested cases and documenting that the instance construction scales consistently with polynomial-time mapping. Finally, cross-theorem coherence is maintained by anchoring reported outcomes to matched baseline-versus-deception constructions and by tying results to computed equilibrium quantities rather than qualitative narratives. Accordingly, the validation artifacts above are presented as a unified set of certificates showing that (i) basic SDG optimization is witnessed by explicit enumeration, (ii) leaky-deception deterrence is verified in posterior form under detector evidence, (iii) dynamic deception is evaluated through policy-level optimization under learning, (iv) bounded rationality is evaluated through a solver-verified equilibrium family with the stated limiting behaviors, (v) heterogeneous allocation yields the stated extreme-point structure under linearity assumptions, (vi) tractability claims are accompanied by an explicit operation-count certificate and scaling evidence, and (vii) intractability claims are supported by a constructed reduction and documented decision equivalence checks.

9.1.2. Operational Interpretation

While the analytical and computational validations establish internal consistency within the defined game-theoretic framework, the operational interpretation of the model depends on how its primitives relate to documented cyber-attack behavior. The parameters appearing in the transparent and deception-enabled games—attack reward, deception loss, detection benefit, decoy deployment cost, detector operating characteristics, and attacker learning rate—are not abstract artifacts; each corresponds to measurable quantities that have empirical counterparts in cyber-incident reporting, red-team exercises, intrusion telemetry, and post-incident forensics.

The attacker reward parameter corresponds to the expected value of a successful compromise, which in practice can be proxied by documented breach cost estimates, asset criticality assessments, or observed attacker monetization strategies. The deception-loss parameter reflects wasted effort, exposure risk, tool burn, or operational disruption when a decoy is engaged; such quantities are observable in environments that deploy honeypots or decoy systems and record attacker dwell time, command execution attempts, and premature tool disclosure events. Detection benefit parameters can be grounded in reduced time-to-containment, improved attribution confidence, or increased probability of interrupting lateral movement, all of which are measurable through security operations center metrics and incident response records.

Similarly, detector characteristics used in the signaling-with-evidence model—false-positive rates on real assets and detectability behavior on decoys—map directly to empirical receiver operating curves of intrusion detection systems, anomaly detectors, or deception sensors deployed in operational networks. These characteristics can be estimated from labeled event data or controlled adversarial testing. In the dynamic rotation model, the attacker learning-rate parameter corresponds to empirically observable improvements in compromise efficiency over time, which can be inferred from repeated attack campaigns, time-to-compromise statistics, or adaptive behavior documented in threat intelligence reporting. Rotation costs, in turn, correspond to measured operational overhead associated with reconfiguration, redeployment, or decoy refresh procedures.

The equilibrium outcomes derived in the study, such as deterrence thresholds, diminishing returns in decoy intensity, and collapse of deception value under high transparency, are therefore interpretable as conditional predictions given empirically grounded parameter ranges. For example, if telemetry indicates that attackers rapidly distinguish low-fidelity decoys, the signaling model predicts contraction of the deterrence-feasible region unless decoy realism is increased. If incident data show slow attacker adaptation but high reconfiguration cost, the dynamic model predicts longer optimal rotation periods. These mappings illustrate that the theoretical regime characterizations are not detached abstractions; they provide structured interpretations of documented behavioral patterns under explicit cost and observability assumptions.

To make this empirical linkage explicit in deployment-oriented use, the framework supports a straightforward calibration workflow. First, a defender identifies the target class and defines payoffs consistent with operational objectives (loss avoidance, detection value, and deployment cost). Second, detector characteristics, deception interaction traces, and campaign adaptation rates are estimated from telemetry, red-team exercises, and incident documentation. Third, equilibrium quantities and reporting measures (value of deception and price of transparency) are evaluated over the calibrated ranges, yielding regime-consistent recommendations for decoy intensity, quality, and rotation cadence.

Several results in the study also adopt linear deployment costs in the number of deployed decoys, reflecting an additive cost structure in which each additional decoy contributes approximately constant marginal expense at fixed quality. This assumption is appropriate when decoys are deployed as modular artifacts with separable provisioning and monitoring costs. When deployment exhibits economies or diseconomies of scale (for example, capacity constraints, shared infrastructure, or non-linear monitoring burden), the same framework admits a direct generalization by replacing linear deployment cost with a non-linear cost function of the decoy count. Under such generalizations, equilibrium computation and posterior-based feasibility conditions remain unchanged, while optimality conditions replace constant marginal cost comparisons with marginal-cost comparisons evaluated at the relevant deployment level.

Additionally, the results that depend explicitly on linearity, most notably extreme-point allocation conclusions derived under linear objective and linear constraints—should be interpreted as structural characterizations within the linear regime. If non-linear costs or non-linear benefit accumulation are introduced, the optimization becomes a convex or mixed-integer problem depending on the chosen structure; the paired-game interface and the equilibrium-based reporting measures remain well-defined, while the allocation structure is determined by marginal-benefit-to-marginal-cost comparisons (or their discrete analogues) rather than by constant ratio rules.

The scope of the present framework is defined by a deliberate balance between analytical clarity and operational realism. The paired-game formulation isolates the strategic contribution of deception by holding the baseline targets, payoff conventions, and equilibrium rule fixed, but the resulting conclusions remain conditional on the stated modeling assumptions, including the defender-first commitment structure, the selected tie-breaking convention, and the adopted forms for costs, detectability, and attacker response. These assumptions enable clean regime characterizations and comparable equilibrium-based reporting, yet they also define the boundary within which the quantitative thresholds and optimal policies should be interpreted. The main trade-off is therefore between model richness and interpretability: richer formulations with endogenous attacker adaptation, non-linear deployment costs, repeated attacks, or more complex observation structures may capture additional operational detail, but they generally reduce tractability and weaken the availability of sharp theorem-level results. A second trade-off arises at the deployment level, where greater decoy realism, more frequent reconfiguration, and lower transparency can improve strategic value, but only at increased engineering, monitoring, and operational cost. Accordingly, the framework is best understood as a disciplined evaluative baseline that identifies how deception value changes under explicitly stated conditions, while also providing a structured foundation for future extensions that incorporate broader behavioral and deployment complexity.

9.2. Future Directions

Several future research directions follow directly from the study’s modeling choices and theorem assumptions, and each direction can be stated as an explicit relaxation or extension of the hypotheses used to prove and validate the results. A first direction is the systematic extension from a single attacker type and a single attack to heterogeneous attacker types and multi-attack settings while preserving the paired-game evaluation interface and the SSE interpretation. The current tight-bound and characterization results are stated under a single attacker type and single realized attack outcome, and future work can examine how VoD and PoT curves behave when attacker types are mixed, when attackers condition on partial information over time, or when multiple attacks are realized across stages with resource reallocation. This direction is naturally aligned with the study’s emphasis on curve-level analysis, because multi-stage settings would replace a single VoD(K) curve with a family of time-indexed curves or a policy-induced mapping from budget to expected utility gain under sequential play.

A second direction is the deeper integration of signaling-with-evidence structures with SSE computation in finite Stackelberg security games, so that evidence, detectability, and decoy quality enter the equilibrium computation rather than being evaluated as an auxiliary deterrence condition. The signaling-with-evidence extension already defines a Bayes posterior under a binary evidence signal and links deterrence to a type-dependent attack threshold, which creates a direct bridge between detector operating characteristics and optimal deception posture. Future work can extend this bridge by embedding evidence generation and attacker updating directly into the attacker best-response mapping under the commitment, thereby allowing VoD and PoT curves to be computed over joint choices (number of decoys, quality) that are subject to the same budget feasibility condition used in the current framework.

A third direction is the refinement of bounded rationality modeling beyond a single parametric form, while maintaining the study’s principle that all curve metrics are evaluated under the same equilibrium concept and action set. The current bounded rationality validation is framed through logit quantal response equilibrium as a fixed point across rationality levels, which is appropriate for capturing smooth departures from perfect best response. Future work can examine alternative bounded rationality mappings that preserve the defender-commitment logic but represent different attacker decision processes, and it can test which behavioral mapping best matches attacker responses in cyber deception environments where attackers face uncertainty about authenticity, evidence noise, and strategic interaction.

A fourth direction concerns the calibration and empirical grounding of payoff primitives and detection parameters. The framework is constructed to support ROI comparability across deception scenarios, and this objective becomes substantially stronger when the payoff parameters and decoy detectability functions are estimated or bounded using data from controlled experiments, red-team exercises, or operational incident records. Under such calibration, the VoD and PoT curves become not only theoretical objects but also decision-support summaries that link a defender’s budgeted deployment interface to measurable changes in expected utility under a baseline-comparable equilibrium interpretation.

A fifth direction is the expansion of the information-theoretic component into a more comprehensive “limit” analysis stated directly in terms of attacker belief uncertainty and information leakage, with explicit links to the equilibrium-based VoD/PoT interface. The study already frames a channel-style limit concept for deception stated in terms of attacker belief uncertainty and information leakage, which suggests that a joint framework can be built in which equilibrium utility gains and information-theoretic uncertainty gains are treated as coordinated outputs of the same deception design. Future work can develop conditions under which an information-theoretic improvement implies a VoD improvement under SSE, and conditions under which these notions diverge, thereby clarifying the relationship between “uncertainty induced in the attacker” and “utility improvement realized by the defender” in a baseline-comparable setting.

A sixth direction is the extension of the computational validation program to larger game instances and broader parameter regimes while preserving the certificate-style structure described in the study. The current validation process emphasizes assumption checks and solver-method alignment with theorem structure, which is a strong foundation for scaling. Future work can incorporate larger target sets, larger resource sets, richer decoy classes, and broader feasibility regimes under the same discipline: hypotheses are checked before conclusions are evaluated, and the computational object implied by each theorem is solved using a method consistent with the theorem’s formal structure.

Finally, the paired-game Stackelberg deception framework (transparent baseline versus deception-enabled counterpart, with equilibrium-referenced reporting) can be extended to Industry 5.0 smart manufacturing and cloud-based manufacturing services by treating manufacturing services, digital resources, or workflow endpoints as targets and modeling deception as protective “service-level” decoys and disguises [102]. In parallel, predictive models for financial and operational risk can inform time-varying attacker incentives and defender constraints, enabling dynamic versions of the deception game in which payoffs, costs, and transparency conditions adapt to forecasted volatility or disruption risk [103].

9.3. Final Thoughts and Conclusion

This study presents a unified evaluation interface for cyber deception by pairing a transparent baseline security game with a deception-enabled counterpart under a consistent equilibrium framework and cost accounting. The resulting structure supports baseline-referenced interpretation of deception value and enables consistent reporting through two complementary measures—value of deception and price of transparency—that map equilibrium utilities into operationally interpretable quantities. The analysis further extends the core formulation to settings that capture practical mechanisms affecting deception performance, including detector-mediated information leakage, periodic target rotation under attacker learning, bounded-rationality attacker response, and heterogeneous decoy portfolios with tractable structural characterization in the linear relaxation.

Across these models, the results provide a mechanism-level account of when deception increases defender value, when it exhibits diminishing returns, and when increased observability erodes effectiveness by collapsing posterior uncertainty. The computational component complements the theory by providing reproducible, certificate-oriented validations aligned with the defined decision rules and equilibrium objects, thereby strengthening internal coherence across the proposed model family. The framework thereby offers a principled foundation for subsequent empirical calibration and deployment-oriented studies that estimate detector operating characteristics, attacker behavioral parameters, and operational cost structures while retaining the same baseline-versus-deception comparability.

A natural direction for future research is to extend the present theorem-centered computational analysis with implementation-level deployment benchmarking. While the current study establishes formal complexity bounds, scalability regimes, and solver-class requirements, a next-stage investigation could complement these results with hardware-specific profiling of runtime, memory consumption, and computational overhead under representative deployment conditions. In particular, future work could benchmark the enumeration-based, dynamic-programming, fixed-point, and linear-programming components across varying problem sizes, target counts, attacker-type mixtures, and decoy portfolios, while recording wall-clock time, memory footprint, convergence behavior, and parallelization efficiency on practical computing platforms.