Abstract This work develops a data-based and private framework for the detection and mitigation of replay attacks in large scale cyber- physical systems. The problem is formulated as a zero-sum game, where the defender acts as a minimizer and the attacker acts as a maximizer. Optimal watermarking signals are added to assist in the detection of potential replay attacks. In order to improve the confidentiality of the output, we add a level of differential privacy. We then use, a data- based technique to learn the best defending strategy in the presence of worst case disturbances, stochastic noises, and replay attacks and a data-based Neyman-Pearson detector to identify the latter. Finally, simulation results show the efficacy of the proposed approach along with a comparison of our data-based technique to a model-based one.