Most sophisticated cyber attack follow the well-known cyber kill chain. The first step of the cyber kill chain is the reconnaissance phase where attacker probe the network in search of weakness, misconfiguration, vulnerabilities, and identify potential targets before the actual attack start. To this end, the attacker need to collect important information about the characteristics of each devices (i.e., hardware, operating system, applications), the network topology, the different subnet, firewall rules, access control, privilege, the communication protocol at each layer, and the machine learning algorithm on each IoBT devices. The attacker reconnaissance can be summarized by an attack graph in which the node represent vulnerable IoBT devices and the edge show their associated vulnerabilities. This work investigates cyber deception as a complex game in which each player has three concurrent and interdependent objectives. Each players imperfectly monitor (partial observation) other players� action to find out each player�s identity, strategies, payoff, available information, capability, and to continuously predict their intent. Each player strategically select to which players to hide particular information (e.g., camouflage). Each player judiciously manipulate other players� perception (e.g., decoy) based on his observed action, estimated capability, and predicted intent. This work examines from the defender�s perspective several deception game on an attack graph. The defender goal is to stop the attacker early in the cyber kill chain and prevents the subsequent more dangerous phases.