Smart grids are a type of complex cyber–physical system (CPS) that integrates the communication capabilities of smart devices into the grid to facilitate remote operation and control of power systems. However, this integration exposes many existing vulnerabilities of conventional supervisory control and data acquisition (SCADA) systems, resulting in severe cyber threats to the smart grid and potential violation of security objectives. Stealing sensitive information, modifying firmware, or injecting function codes through compromised devices are examples of possible attacks on the smart grid. Therefore, early detection of cyberattacks on the grid is crucial to protect it from sabotage. Machine learning (ML) methods are conventional approaches for detecting cyberattacks that use features of smart grid networks. However, developing an effective, highly accurate detection method with reduced computational overload, is still a challenging research problem. In this work, an efficient and effective security control approach is proposed to detect cyberattacks on the smart grid. The proposed approach combines both feature reduction and detection techniques to reduce the extremely large number of features and achieve an improved detection rate. A correlation-based feature selection (CFS) method is used to remove irrelevant features, improving detection efficiency. An instance-based learning (IBL) algorithm classifies normal and cyberattack events using the selected optimal features. This study describes a set of experiments conducted on public datasets from a SCADA power system based on a 10-fold cross-validation technique. Experimental results show that the proposed approach achieves a high detection rate based on a small number of features drawn from SCADA power system measurements.

智能电网是一种复杂的网络物理系统（CPS），它将智能设备的通信功能集成到电网中，以促进电力系统的远程操作和控制。但是，这种集成暴露了常规监督控制和数据采集（SCADA）系统的许多现有漏洞，从而对智能电网造成严重的网络威胁，并可能违反安全目标。窃取敏感信息，修改固件或通过受损设备注入功能代码是对智能电网可能进行攻击的示例。因此，尽早发现电网上的网络攻击对于保护其免受破坏至关重要。机器学习（ML）方法是使用智能电网网络功能检测网络攻击的常规方法。但是，开发有效的，减少计算量的高精度检测方法仍然是一个具有挑战性的研究问题。在这项工作中，提出了一种有效的安全控制方法来检测智能电网上的网络攻击。所提出的方法结合了特征约简和检测技术，以减少大量特征并提高检测率。基于相关的特征选择（CFS）方法用于删除不相关的特征，从而提高检测效率。基于实例的学习（IBL）算法使用所选的最佳功能对正常事件和网络攻击事件进行分类。这项研究描述了基于10倍交叉验证技术对SCADA电力系统的公共数据集进行的一组实验。