Detection and Localization of the FDI Attacks in the Presence of DoS Attacks in Smart Grid

Smart grid (SG) is increasing in size and complexity with the integration of communication, protection, and other innovative technologies. However, this integration has made SG vulnerable to various new cyber threats, particularly false data injection attacks (FDIAs) and Denial of Service (DoS) attacks. FDIA can deceive the grid operator by subtly corrupting measurement data and misleading control decisions without being detected by the conventional bad data detection (BDD) methods of the state estimation (SE) technique. In contrast, DoS attacks disrupt the availability of critical measurements to mislead control decisions and undermine grid observability. The accurate real-time detection and localization of FDIA and FDIA in the presence of DoS attacks are paramount for maintaining grid reliability and efficiency. This paper presents a novel deep learning-based approach that combines a CNN and a Bi-LSTM-based model for detecting FDIAs, along with a Random Forest(RF)-based model for localizing them. The hybrid CNN and Bi-LSTM method captures both temporal patterns and spatial correlations by learning from historical measurements and employs a threshold-based detection mechanism to detect FDIAs. Meanwhile, the RF maps complex patterns in the forecast error to the corresponding compromised sensor locations, in the process aiding or acting as a replacement for Bad Data Detection (BDD) mechanisms. Unlike a conventional SE technique, this approach is data-driven and does not rely on detailed knowledge of the grid topology. Tests on IEEE benchmark systems show that our method achieves high accuracy and row accuracy (RACC) in identifying attacks and pinpointing affected areas, even under conditions of partial observability caused by DoS. Moreover, comparative analysis with existing deep learning models demonstrates that the proposed approach achieves superior performance over current state-of-the-art methods reported in the literature. The results underscore the potential of the proposed method for improving cybersecurity and situational awareness in SGs.