Abstract: A defense method for linear deception attacks using KL divergence detector to detect watermarks in cyber physics system (CPS) is proposed. It is well known that linear deception attacks can degrade the performance of the remote estimator without being detected by the KL divergence detector. In order to detect such attacks, computer-based encryption methods use watermarks to encrypt and decrypt data transmitted over a wireless network to protect the system. In the absence of attack, the decryption section can recover the transmitted data to ensure remote estimation performance. In the case of linear deception attacks, these data will be watermarked to expand the variance of the transmitted data, so that the data at the receiving end will no longer obey the original normal distribution. Due to the convex nature of KL divergence, the KL divergence value can be proved. It is enlarged to exceed the thresholds that have been tested by the detector, so that they can help the KL divergence detector to detect the attack. The watermark encryption method has been proved to help the KL divergence detector to detect attacks or to mitigate the effects of attacks in different situations, and further discusses how to select the appropriate value of the watermark parameters, which makes the system’s protection performance more perfect. Finally, numerical simulations are given to further illustrate the limitations of the presence of watermarks on attackers, further highlighting the practical effects of parameter selection.