(Department of Computer Science, University of 8 Mai 1945, Guelma, Algeria)(2) * Djalila Boughareb
(Department of Computer Science, University of 8 Mai 1945, Guelma, Algeria)(3) Zineddine Kouahla
(Department of Computer Science, University of 8 Mai 1945, Guelma, Algeria)(4) Hamid Seridi
(Department of Computer Science, University of 8 Mai 1945, Guelma, Algeria)*corresponding author
AbstractSmart grid systems, which integrate traditional energy infrastructure with modern communication technologies, face significant cybersecurity challenges due to their dynamic architecture and continuous data exchange. The diversity and interconnection of devices increase vulnerability to malicious intrusions, highlighting the need for advanced and scalable detection methods. This study aims to develop an intrusion detection system (IDS) for smart grids by leveraging recent advances in deep learning, specifically enhanced variants of Long Short-Term Memory (LSTM)—xLSTM, sLSTM, and mLSTM. These sequence modeling architectures were adapted and fine-tuned within our IDS framework to capture complex spatio-temporal patterns and handle heterogeneous, high-dimensional data effectively. A comprehensive evaluation on two benchmark datasets, NSL-KDD and DNP3, demonstrates the robustness of the proposed approach. On the NSL- KDD, xLSTM, sLSTM, and mLSTM achieved accuracies of 98.16%, 98.55%, and 98.54%. On the more modern, protocol-specific DNP3 dataset, which represents real-world SCADA-focused attacks, the models maintained their superior performance, achieving accuracies of 99.50%, 99.33%, and 99.42%, respectively. The high and consistent accuracy across both datasets demonstrates the models' dependability and adaptability for intrusion detection in smart grid infrastructures. The study's targeted enhancement of LSTM-based architectures contributes a novel and effective approach to protecting critical intelligent systems from emerging cyber threats.
KeywordsDeep learning; Intrusion Detection System; xLSTM; Cybersecurity; Smart Grid
|
DOIhttps://doi.org/10.26555/ijain.v11i4.2169 |
Article metricsAbstract views : 478 | PDF views : 28 |
Cite |
Full Text Download
|
References
[1] F. M. Almasoudi, “Enhancing Power Grid Resilience through Real-Time Fault Detection and Remediation Using Advanced Hybrid Machine Learning Models,” Sustainability, vol. 15, no. 10, p. 8348, May 2023, doi: 10.3390/su15108348.
[2] S. Amanlou et al., “Cybersecurity Challenges in Smart Grid Systems: Current and Emerging Attacks, Opportunities, and Recommendations,” IEEE Open J. Commun. Soc., vol. 6, pp. 1965–1997, 2025, doi: 10.1109/OJCOMS.2025.3545153.
[3] I. Fursov, K. Yamkovyi, and O. Shmatko, “Smart Grid and wind generators: an overview of cyber threats and vulnerabilities of power supply networks,” Radioelectron. Comput. Syst., vol. 0, no. 4, pp. 50–63, Nov. 2022, doi: 10.32620/reks.2022.4.04.
[4] A. Yahia, A. Tag Eldien, and N. M. Abdel-Rahim, “Deep Learning based Attacks Detection of DNP3 Protocol,” Aswan Univ. J. Sci. Technol., vol. 2, no. 2, pp. 37–47, Dec. 2022, doi: 10.21608/aujst.2022.174148.1003.
[5] B. Al-Muntaser, M. A. Mohamed, A. Y. Tuama, and I. A. Rana, “Cybersecurity Advances in SCADA Systems,” Int. J. Adv. Comput. Sci. Appl., vol. 14, no. 8, pp. 318–328, Aug. 2023, doi: 10.14569/IJACSA.2023.0140835.
[6] M. Zaman, D. Upadhyay, and C.-H. Lung, “Validation of a Machine Learning-Based IDS Design Framework Using ORNL Datasets for Power System With SCADA,” IEEE Access, vol. 11, pp. 118414–118426, 2023, doi: 10.1109/ACCESS.2023.3326751.
[7] Sangeetha K., Shitharth S., and G. B. Mohammed, “Enhanced SCADA IDS Security by Using MSOM Hybrid Unsupervised Algorithm,” Int. J. Web-Based Learn. Teach. Technol., vol. 17, no. 2, pp. 1–9, Mar. 2022, doi: 10.4018/IJWLTT.20220301.oa2.
[8] A. Balla, M. H. Habaebi, E. A. A. Elsheikh, M. R. Islam, and F. M. Suliman, “The Effect of Dataset Imbalance on the Performance of SCADA Intrusion Detection Systems,” Sensors, vol. 23, no. 2, p. 758, Jan. 2023, doi: 10.3390/s23020758.
[9] M. Altaha and S. Hong, “Anomaly Detection for SCADA System Security Based on Unsupervised Learning and Function Codes Analysis in the DNP3 Protocol,” Electronics, vol. 11, no. 14, p. 2184, Jul. 2022, doi: 10.3390/electronics11142184.
[10] D. Faquir et al., “Cybersecurity in smart grids, challenges and solutions,” AIMS Electron. Electr. Eng. 2021 124, vol. 5, no. 1, pp. 24–37, 2021, doi: 10.3934/ELECTRENG.2021002.
[11] S. Tufail, I. Parvez, S. Batool, and A. Sarwat, “A Survey on Cybersecurity Challenges, Detection, and Mitigation Techniques for the Smart Grid,” Energies, vol. 14, no. 18, p. 5894, Sep. 2021, doi: 10.3390/en14185894.
[12] A. A. Bouramdane, “Cyberattacks in Smart Grids: Challenges and Solving the Multi-Criteria Decision-Making for Cybersecurity Options, Including Ones That Incorporate Artificial Intelligence, Using an Analytical Hierarchy Process,” J. Cybersecurity Priv., vol. 3, no. 4, pp. 662–705, Sep. 2023, doi: 10.3390/jcp3040031.
[13] P. Haji Mirzaee, M. Shojafar, H. Cruickshank, and R. Tafazolli, “Smart Grid Security and Privacy: From Conventional to Machine Learning Issues (Threats and Countermeasures),” IEEE Access, vol. 10, pp. 52922–52954, 2022, doi: 10.1109/ACCESS.2022.3174259.
[14] A. Alsaiari and M. Ilyas, “Deep Learning for Smart Grid Intrusion Detection: A Hybrid CNN-LSTM-Based Model,” Int. J. Artif. Intell. Appl., vol. 15, no. 3, pp. 01–16, May 2024, doi: 10.5121/ijaia.2024.15301.
[15] A. Subasi et al., “Intrusion Detection in Smart Grid Using Data Mining Techniques,” in 2018 21st Saudi Computer Society National Computer Conference (NCC), IEEE, Apr. 2018, pp. 1–6. doi: 10.1109/NCG.2018.8593124.
[16] J. Sakhnini, H. Karimipour, and A. Dehghantanha, “Smart Grid Cyber Attacks Detection Using Supervised Learning and Heuristic Feature Selection,” in 2019 IEEE 7th International Conference on Smart Energy Grid Engineering (SEGE), IEEE, Aug. 2019, pp. 108–112. doi: 10.1109/SEGE.2019.8859946.
[17] S. Khan, K. Kifayat, A. Kashif Bashir, A. Gurtov, and M. Hassan, “Intelligent intrusion detection system in smart grid using computational intelligence and machine learning,” Trans. Emerg. Telecommun. Technol., vol. 32, no. 6, p. e4062, Jun. 2020, doi: 10.1002/ett.4062.
[18] T. Talaei Khoei and N. Kaabouch, “A Comparative Analysis of Supervised and Unsupervised Models for Detecting Attacks on the Intrusion Detection Systems,” Information, vol. 14, no. 2, p. 103, Feb. 2023, doi: 10.3390/info14020103.
[19] P. Ganesan and S. Arockia Edwin Xavier, “An Intelligent Intrusion Detection System in Smart Grid Using PRNN Classifier,” Intell. Autom. Soft Comput., vol. 35, no. 3, pp. 2979–2996, Aug. 2023, doi: 10.32604/iasc.2023.029264.
[20] S. Stryczek and M. Natkaniec, “Internet Threat Detection in Smart Grids Based on Network Traffic Analysis Using LSTM, IF, and SVM,” Energies, vol. 16, no. 1, p. 329, Dec. 2022, doi: 10.3390/en16010329.
[21] P. Kumar, R. Kumar, A. Aljuhani, D. Javeed, A. Jolfaei, and A. K. M. N. Islam, “Digital twin-driven SDN for smart grid: A deep learning integrated blockchain for cybersecurity,” Sol. Energy, vol. 263, no. October, p. 111921, Oct. 2023, doi: 10.1016/j.solener.2023.111921.
[22] S. M. Kasongo, “A deep learning technique for intrusion detection system using a Recurrent Neural Networks based framework,” Comput. Commun., vol. 199, no. February, pp. 113–125, Feb. 2023, doi: 10.1016/j.comcom.2022.12.010.
[23] G. Efstathopoulos et al., “Operational Data Based Intrusion Detection System for Smart Grid,” in 2019 IEEE 24th International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD), IEEE, Sep. 2019, pp. 1–6. doi: 10.1109/CAMAD.2019.8858503.
[24] B. Hu, J. Wang, Y. Zhu, and T. Yang, “Dynamic Deep Forest: An Ensemble Classification Method for Network Intrusion Detection,” Electronics, vol. 8, no. 9, p. 968, Aug. 2019, doi: 10.3390/electronics8090968.
[25] S. Jose, D. Malathi, B. Reddy, and D. Jayaseeli, “A Survey on Anomaly Based Host Intrusion Detection System,” J. Phys. Conf. Ser., vol. 1000, no. 1, p. 012049, Apr. 2018, doi: 10.1088/1742-6596/1000/1/012049.
[26] P. Jokar, H. Nicanfar, and V. C. M. Leung, “Specification-based Intrusion Detection for home area networks in smart grids,” in 2011 IEEE International Conference on Smart Grid Communications (SmartGridComm), IEEE, Oct. 2011, pp. 208–213. doi: 10.1109/SmartGridComm.2011.6102320.
[27] E. Drayer and T. Routtenberg, “Intrusion Detection in Smart Grid Measurement Infrastructures Based on Principal Component Analysis,” in 2019 IEEE Milan PowerTech, IEEE, Jun. 2019, pp. 1–6. doi: 10.1109/PTC.2019.8810858.
[28] R. Vijayanand, D. Devaraj, and B. Kannapiran, “A Novel Deep Learning Based Intrusion Detection System for Smart Meter Communication Network,” in 2019 IEEE International Conference on Intelligent Techniques in Control, Optimization and Signal Processing (INCOS), IEEE, Apr. 2019, pp. 1–3. doi: 10.1109/INCOS45849.2019.8951344.
[29] S. Ali and Y. Li, “Learning Multilevel Auto-Encoders for DDoS Attack Detection in Smart Grid Network,” IEEE Access, vol. 7, pp. 108647–108659, 2019, doi: 10.1109/ACCESS.2019.2933304.
[30] R. Qi, C. Rasband, J. Zheng, and R. Longoria, “Detecting Cyber Attacks in Smart Grids Using Semi-Supervised Anomaly Detection and Deep Representation Learning,” Information, vol. 12, no. 8, p. 328, Aug. 2021, doi: 10.3390/info12080328.
[31] F. Martinelli, F. Mercaldo, and A. Santone, “A Method for Intrusion Detection in Smart Grid,” Procedia Comput. Sci., vol. 207, pp. 327–334, Jan. 2022, doi: 10.1016/J.PROCS.2022.09.066.
[32] U. AlHaddad, A. Basuhail, M. Khemakhem, F. E. Eassa, and K. Jambi, “Ensemble Model Based on Hybrid Deep Learning for Intrusion Detection in Smart Grid Networks,” Sensors, vol. 23, no. 17, p. 7464, Aug. 2023, doi: 10.3390/s23177464.
[33] Y. Imrana, Y. Xiang, L. Ali, A. Noor, K. Sarpong, and M. A. Abdullah, “CNN-GRU-FF: a double-layer feature fusion-based network intrusion detection system using convolutional neural network and gated recurrent units,” Complex Intell. Syst., vol. 10, no. 3, pp. 3353–3370, Jun. 2024, doi: 10.1007/S40747-023-01313-Y/TABLES/14.
[34] S. H. Mohammed et al., “Dual-hybrid intrusion detection system to detect False Data Injection in smart grids,” PLoS One, vol. 20, no. 1, p. e0316536, Jan. 2025, doi: 10.1371/journal.pone.0316536.
[35] L. Basheer and R. P, “A deep learning framework for intrusion detection system in smart grids using graph convolutional network,” Eng. Res. Express, vol. 7, no. 1, p. 015257, Mar. 2025, doi: 10.1088/2631-8695/adb3f4.
[36] Y. Wu et al., “Graph attention and Kolmogorov–Arnold network based smart grids intrusion detection,” Sci. Rep., vol. 15, no. 1, p. 8648, Mar. 2025, doi: 10.1038/s41598-025-88054-9.
[37] A. Almalawi, S. Hassan, A. Fahad, A. Iqbal, and A. I. Khan, “Hybrid Cybersecurity for Asymmetric Threats: Intrusion Detection and SCADA System Protection Innovations,” Symmetry (Basel)., vol. 17, no. 4, p. 616, Apr. 2025, doi: 10.3390/sym17040616.
[38] F. A. F. Alrslani et al., “Enhancing cybersecurity via attribute reduction with deep learning model for false data injection attack recognition,” Sci. Rep., vol. 15, no. 1, p. 3944, Jan. 2025, doi: 10.1038/s41598-024-82566-6.
[39] N. Al-Qirim, M. Majdalawieh, A. Bani-hani, and H. Al Hamadi, “Cyber threat intelligence for smart grids using knowledge graphs, digital twins, and hybrid machine learning in SCADA networks,” Int. J. Eng. Bus. Manag., vol. 17, pp. 1–15, Jan. 2025, doi: 10.1177/18479790251328183.
[40] J. Qiu, X. Zhang, T. Wang, H. Hou, S. Wang, and T. Yang, “A GNN-Based False Data Detection Scheme for Smart Grids,” Algorithms, vol. 18, no. 3, p. 166, Mar. 2025, doi: 10.3390/a18030166.
[41] W. He, W. Liu, C. Wen, and Q. Yang, “Detection of False Data Injection Attacks on Smart Grids Based on A-BiTG Approach,” Electronics, vol. 13, no. 10, p. 1938, May 2024, doi: 10.3390/electronics13101938.
[42] K. Ohno, S. Kanai, and Y. Ida, “Fast Saturating Gate for Learning Long Time Scales with Recurrent Neural Networks,” Proc. AAAI Conf. Artif. Intell., vol. 37, no. 8, pp. 9319–9326, Jun. 2023, doi: 10.1609/aaai.v37i8.26117.
[43] A. Auer et al., “xLSTM: Extended Long Short-Term Memory,” in Advances in Neural Information Processing Systems 37, San Diego, California, USA: Neural Information Processing Systems Foundation, Inc. (NeurIPS), May 2024, pp. 107547–107603. doi: 10.52202/079017-3417.
[44] P. Baghdadi, S. Korukoglu, M. A. Bilici, and A. Onan, “The Potential of Energy-Based RBM and xLSTM for Real-Time Predictive Analytics in Credit Card Fraud Detection,” J. Data Anal. Inf. Process., vol. 13, no. 01, pp. 79–100, Feb. 2025, doi: 10.4236/jdaip.2025.131005.
[45] N. V. Chawla, K. W. Bowyer, L. O. Hall, and W. P. Kegelmeyer, “SMOTE: Synthetic Minority Over-sampling Technique,” J. Artif. Intell. Res., vol. 16, pp. 321–357, Jun. 2002, doi: 10.1613/jair.953.
[46] F. Zhai, T. Yang, H. Chen, B. He, and S. Li, “Intrusion Detection Method Based on CNN–GRU–FL in a Smart Grid Environment,” Electronics, vol. 12, no. 5, p. 1164, Feb. 2023, doi: 10.3390/electronics12051164.
[47] K. Khattab and K. M. A. Alheeti, “Enhancing DNP3 Security Using CNN Deep Learning Techniques,” J. Cybersecurity Inf. Manag., vol. 15, no. 2, pp. 225–232, 2025, doi: 10.54216/JCIM.150217.
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
___________________________________________________________
International Journal of Advances in Intelligent Informatics
ISSN 2442-6571 (print) | 2548-3161 (online)
Organized by UAD and ASCEE Computer Society
Published by Universitas Ahmad Dahlan
W: http://ijain.org
E: info@ijain.org (paper handling issues)
andri.pranolo.id@ieee.org (publication issues)
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0