A hybrid framework for detecting and eliminating cyber-attacks in power grids

Arshia Aflaki, Mohsen Gitizadeh, Roozbeh Razavi-Far, Vasile Palade, Ali Akbar Ghasemi

Research output: Contribution to journalArticlepeer-review

9 Citations (Scopus)
55 Downloads (Pure)


The work described in this paper aims to detect and eliminate cyber-attacks in smart grids that disrupt the process of dynamic state estimation. This work makes use of an unsupervised learning method, called hierarchical clustering, in an attempt to create an artificial sensor to detect two different cyber-sabotage cases, known as false data injection and denial-of-service, during the dynamic behavior of the power system. The detection process is conducted by using an unsupervised learning-enhanced approach, and a decision tree regressor is then employed for removing the threat. The dynamic state estimation of the power system is done by Kalman filters, which provide benefits in terms of the speed and accuracy of the process. Measurement devices in utilities and buses are vulnerable to communication interruptions between phasor measurement units and operators, who can be easily manipulated by false data. While Kalman filters are incapable of detecting the majority of such cyber-attacks, this article proves that the proposed unsupervised machine learning method is able to detect more than 90 percent of the mentioned attacks. The simulation results on the IEEE 9-bus with 3-machines and IEEE 14-bus with 5-machines systems verify the efficiency of the proposed approach.

Original languageEnglish
Article number5823
Issue number18
Publication statusPublished - 15 Sept 2021

Bibliographical note

Publisher Copyright:
© 2021 by the authors. Licensee MDPI, Basel, Switzerland.


  • Cyber-attacks
  • Dynamic state estimation
  • Hierarchical clustering
  • Kalman filter
  • Unsupervised learning

ASJC Scopus subject areas

  • Renewable Energy, Sustainability and the Environment
  • Fuel Technology
  • Energy Engineering and Power Technology
  • Energy (miscellaneous)
  • Control and Optimization
  • Electrical and Electronic Engineering


Dive into the research topics of 'A hybrid framework for detecting and eliminating cyber-attacks in power grids'. Together they form a unique fingerprint.

Cite this