The study develops a game-theoretic evaluation framework for cyber deception that quantifies deception benefit relative to an otherwise matched non-deceptive baseline and links strategic outcomes to information disclosure. A defender–attacker interaction is modeled through a paired design consisting of a baseline game without deception and a corresponding decoy-enabled deception game, enabling direct measurement of deception impact through two operational metrics: the value of deception, defined as the baseline-referenced change in defender equilibrium utility attributable to deception, and the price of transparency, defined as the marginal loss induced by increased observability of the true system state. The analysis characterizes defender-optimal deception strategies, derives interpretable bounds and break-even conditions under which deception becomes ineffective due to cost or detectability, and establishes approximation properties that support scalable allocation rules. To complement equilibrium-based evaluation, the study introduces an information-theoretic uncertainty construct that captures the extent to which deception preserves attacker uncertainty after observation, providing a mechanism-level interpretation of when and why value of deception degrades as transparency increases. Computational experiments across heterogeneous scenarios demonstrate consistent cross-setting comparability, reveal tradeoffs among decoy realism, budget, and attacker rationality, and identify regimes in which simplified allocation heuristics approach optimal performance.
Shahin et al. (Tue,) studied this question.