Learning and Information Manipulation: Repeated Hypergames for Cyber-Physical Security

Cyber-physical systems are vulnerable to cyber attacks that can produce serious physical consequences. Our previous work showed how hypergame analysis, an extension of game theory for situations with information asymmetries and player misperceptions, could be applied to control systems subject to deception-based attacks. Here, we build on that research to study a repeated, stochastic context. We consider detection of an attacker attempting to manipulate the control system while remaining undetected. We discuss different monitoring approaches that can be used to do this and define a learning scheme for the defender. In our numerical experiments, we find that the attacker impact and time to detection depend strongly on the cost incurred by the defender in removing an attacker from the system. We also show that the defender learning scheme enforces a strong tradeoff, for the attacker, between remaining undetected, and having an impact on the system.