Modern energy infrastructure is increasingly defined as cyber-physical systems where physical power distribution and digital communication are closely tied together. While this digitalisation boosts efficiency, it exposes electricity grids to sophisticated cybersecurity risks. To combat such threats, researchers have developed an artificial intelligence (AI) method that integrates network structure analysis with data tracking to identify complex attacks that conventional security systems might miss. Details are reported in the International Journal of Global Energy Issues.
Energy infrastructure is vulnerable to Advanced Persistent Threats (APTs). Unlike localised glitches, APTs involve long-term infiltration where attackers quietly gather data or manipulate operational signals. A major problem is the False Data Injection (FDI) attack, where sensor measurements are altered to feed operators misleading information. Such changes can cause catastrophic errors in energy flow and paralyse physical fuel supplies across entire regions. Such vulnerabilities are manifest as ransomware attacks, but increasingly, there are the risks associated with international conflict.
Detecting these incursions is difficult because malicious commands often mimic routine operational activity. Legacy detection systems use “signatures”, predefined rules based on known past threats. Such an approach is generally ineffectual in the face of new, “zero-day” exploits or attacks that otherwise do not match existing patterns.
The new AI approach uses two distinct types of information: structural information (the physical and digital layout of devices and control centres) and temporal information (the chronological sequence of commands and signals) to identify an ongoing attack. The dual-layered deep learning architecture is based on a Graph Neural Network (GNN) that maps the system’s spatial layout, and a Transformer model analyses data sequences over time. The former gives the AI a picture of the physical aspects of the infrastructure, and the latter understands how it changes over time. Such a spatiotemporal AI detection system can identify coordinated, multi-stage attacks that appear harmless when viewed as isolated events.
Testing with standard cybersecurity datasets proved the new AI model to have an accuracy of more than 93 per cent. Critically, it identifies suspicious activity in less than two seconds of it starting. This offers a viable way to near-real-time protection of power infrastructure, the research suggests.
Dai, Y., Lu, J., Li, Z., Li, J. and Rafieipour, M. (2026) ‘Network security threat identification based on GNN-transformer fusion model in energy cyber systems’, Int. J. Global Energy Issues, Vol. 48, No. 7, pp.64–84.
No comments:
Post a Comment