Toward Detecting Cyberattacks Targeting Modern Power Grids: A Deep Learning Framework

Abstract

Modern power and energy networks include a plethora of distributed control and monitoring equipment, exchanging data through information and communication technology (ICT). Hence, such networks are a combination of physical layers and cyber layers, classified as cyber-physical systems. Although smart power grids facilitate the task of automated system operation with less involvement of people in making decisions, they can be negatively affected by cyber threats targeting security systems. Among different types of cyberattacks, false data injection (FDI) attacks are more common since they are easier to be performed. Toward this end, this paper develops a deep learning framework to protect cyber-physical power systems against cyberattacks including but not limited to FDI attacks in both forms of false positive and false negative. The proposed detection mechanism takes advantage of long short-term memory (LSTM) and deep recurrent neural network (RNN) concurrently. Moreover, the developed hybrid detection framework is able to recognize potentially malicious activities occurring in the cyber layer of a typical power grid. To demonstrate the robust performance of the proposed approach in detecting different types of cyberattacks, it is applied on 1) the CIC-IDS2017 dataset to detect denial of service (DoS) and distributed DoS (DDoS) attacks and 2) a smart power grid in the transmission level to protect the system against FDI attacks. The obtained results confirm the effectiveness of the proposed artificial intelligence-based detection framework (e.g., detection rate of 99.46%) against different types of cyberattacks targeting modern power networks.