Saved in:
Bibliographic Details
Main Authors: Rani, Rishi, Franceschetti, Massimo
Format: Preprint
Published: 2026
Subjects:
Online Access:https://arxiv.org/abs/2603.27592
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866917375752798208
author Rani, Rishi
Franceschetti, Massimo
author_facet Rani, Rishi
Franceschetti, Massimo
contents We consider the problem of learning-based man-in-the-middle (MITM) attacks in cyber-physical systems (CPS), and extend our previously proposed Bellman Deviation Detection (BDD) framework for model-free reinforcement learning (RL). We refine the standard MDP attack model by allowing the reward function to depend on both the current and subsequent states, thereby capturing reward variations induced by errors in the adversary's transition estimate. We also derive an optimal system-identification strategy for the adversary that minimizes detectable value deviations. Further, we prove that the agent's asymptotic learning time required to secure the system scales linearly with the adversary's learning time, and that this matches the optimal lower bound. Hence, the proposed detection scheme is order-optimal in detection efficiency. Finally, we extend the framework to asynchronous and intermittent attack scenarios, where reliable detection is preserved.
format Preprint
id arxiv_https___arxiv_org_abs_2603_27592
institution arXiv
publishDate 2026
record_format arxiv
spellingShingle Fundamental Limits of Man-in-the-Middle Attack Detection in Model-Free Reinforcement Learning
Rani, Rishi
Franceschetti, Massimo
Systems and Control
Machine Learning
We consider the problem of learning-based man-in-the-middle (MITM) attacks in cyber-physical systems (CPS), and extend our previously proposed Bellman Deviation Detection (BDD) framework for model-free reinforcement learning (RL). We refine the standard MDP attack model by allowing the reward function to depend on both the current and subsequent states, thereby capturing reward variations induced by errors in the adversary's transition estimate. We also derive an optimal system-identification strategy for the adversary that minimizes detectable value deviations. Further, we prove that the agent's asymptotic learning time required to secure the system scales linearly with the adversary's learning time, and that this matches the optimal lower bound. Hence, the proposed detection scheme is order-optimal in detection efficiency. Finally, we extend the framework to asynchronous and intermittent attack scenarios, where reliable detection is preserved.
title Fundamental Limits of Man-in-the-Middle Attack Detection in Model-Free Reinforcement Learning
topic Systems and Control
Machine Learning
url https://arxiv.org/abs/2603.27592