• First hybrid PF-CNN framework for time-domain cyberattack detection in smart grids. • Achieves 95.56% accuracy, 97.78% precision/recall, and 97.65% macro F1-score. • PF suppresses measurement noise for accurate state estimation under attacks. • 100-sample residual windows enable near-real-time cyberattack detection. • Lightweight and scalable design supports practical smart grid deployment. Cyber-security has become a burning issue as power systems are becoming highly digitized and decentralized networks. The current work is a proposal of an AI-enhanced hybrid architecture consisting of Particle Filters (PF) and Convolutional Neural Networks (CNNs) to detect intrusion in real-time and estimate the dynamic state. PFs can be used to have strong state estimation in the presence of uncertainty and noise, whilst CNNs are used to analyse residuals to identify anomalous patterns and classify cyber-attacks based on streaming measurements. The framework is tested in a simulated smart grid setting on various attack conditions, such as FDIA, DoS, Replay Attack, Spoofing, Configuration Error, Topology Change, MitM and GPS spoofing. These findings show that the methodology does not only provide rapid and trustworthy detection but also improves situational awareness giving operators actionable information on cyber-physical interactions. This hybrid approach provides a flexible and scalable solution to new smart grids, which is able to handle a wide range of and potentially varying cyber threats and be used to support supervisory control and monitoring software. © 2017 Elsevier Inc. All rights reserved.
Chen et al. (Wed,) studied this question.