| Abstract: |
As smart meters become ubiquitous in modern power infrastructure, they bring with them major cybersecurity risks that traditional rule-based intrusion detection systems do not sufficiently address. This empirical study explores the use of AI-enabled anomaly detection frameworks (LSTM networks, Isolation Forest (IF), and Autoencoder-Depp Learning models) to detect cyber threats hidden in smart metering data streams. The dataset, consisting of time-synchronized 1,20,000 smart meter readings collected from a state-owned distribution utility over an 18-month period under normal operational conditions in addition to the abovementioned cyberattack signatures for false data injection (FDI), replay attacks, denial-of-service (DoS) and energy theft anomalies were synthetically injected. In order to validate their method, the LSTM-based model was evaluated and achieved an impressive 97.84% true positive detection rate at a false positive rate of 1.23%, yielding considerably better accuracy compared to the conventional threshold-based detection that had an accuracy of only 78.4%. The Isolation Forest model gave an 93.6% accuracy in a comparatively faster manner which can be deployed as a predictive model on the edge devices. The comparison against previous benchmarks highlights the benefit of using deep learning methods for time series anomaly characterization. |