Statistical change-point detectors (CUSUM, GLR, Page's test) share a
structural vulnerability: an adversary who knows the sufficient statistic
can steer the post-change distribution toward the pre-change distribution
and suppress the alarm indefinitely. This is documented in the 2024 covert
detection literature, not a theoretical edge case.
For categorical architectural violations — a system jumping from phase
state S5 to S8 in one step, bypassing required stages — there is no
distribution to match. The skip is its own fingerprint.
I built a formal convergence proof for a deterministic binary predicate
(d_score) and event-triggered corrective controller (χ(t)) in a hybrid
discrete/continuous monitor. The main result: under β > Pmax/ρmin, χ(t)
converges before structural drift reaches the hard ceiling at all recursion
depths. The convergence condition is satisfied analytically — no empirical
benchmarking required.
Known limitations are documented: single-step adversary only (multi-step
acceleration attack is an open problem, engineering extension exists),
baseline integrity is a precondition not a theorem.
nicbogaert•1h ago
For categorical architectural violations — a system jumping from phase state S5 to S8 in one step, bypassing required stages — there is no distribution to match. The skip is its own fingerprint.
I built a formal convergence proof for a deterministic binary predicate (d_score) and event-triggered corrective controller (χ(t)) in a hybrid discrete/continuous monitor. The main result: under β > Pmax/ρmin, χ(t) converges before structural drift reaches the hard ceiling at all recursion depths. The convergence condition is satisfied analytically — no empirical benchmarking required.
Paper (22pp, includes annotated implementation): https://www.academia.edu/164981853/Resonant_Symbolic_Operato...
Known limitations are documented: single-step adversary only (multi-step acceleration attack is an open problem, engineering extension exists), baseline integrity is a precondition not a theorem.