Randomization based shallow and federated-deep learning for smart grid security using label-encoded vulnerabilities and distributed LSTM computation

With the constant advancement of the smart grid, zero-day attack processes in Advanced Metering Infrastructure (AMI) and Supervisory Control and Data Acquisition (SCADA) networks are also continually evolving. This study discusses zero-day attack-based False-Data-Injection Attacks (FDIA), Denial-of-Service (DoS), System-Reconfiguration Attacks (SRA), and Remote-Tripping Command-Injection (RTCI) cyber-attacks, demonstrating how cyber-attacks occur on grid networks through malware and load-forecasting computation. Therefore, machine-learning-empowered Cyber Threat Intelligence (CTI) is essential to be aware of future cyberattacks. Due to the non-numerical data on grid effects caused by cyber-attacks such as single-line-to-ground (SLG) faults, relay-disabled-faults, and open circuit-breakers, machine-learning computation based on the mentioned vulnerable effects is not feasible for CTI. To address the issues, this study demonstrates randomization-based deep federated and shallow learning for grid CTI. In the data-processing phase of the proposed CTI, the effects data of vulnerable SCADA events generated by FDIA, SRA, RTCI, and DoS cyber-attacks are label-encoded. The label-encoded data are analyzed using Extra-Trees, XGBoost, Random-Forest, Bagging-based randomization, and shallow learning methods. Additionally, 50 Long-Short-Term-Memory (LSTM) units with Tanh and Dropout (RanFed-LSTM-Tanh-Dropout) based on a randomization federated deep learning algorithm are being developed to protect the grid from energy computational vulnerabilities. This algorithm performs smart meter-based secure distributed load forecasting for AMI networks. The outcomes of this study are compared with other significant studies, demonstrating that, unlike previous models, the proposed CTI technique enables cyber-attack assessment based on different non-numeric grid vulnerability data.