AS-TBR: An Intrusion Detection Model for Smart Grid Advanced Metering Infrastructure

Advanced Metering Infrastructure (AMI), as a critical data collection and communication hub within the smart grid architecture, is highly vulnerable to network intrusions due to its open bidirectional communication network. A significant challenge in AMI traffic data is the severe class imbalance, where existing methods tend to favor majority class samples while neglecting the detection of minority class attacks, thereby undermining the overall reliability of the detection system. Additionally, current approaches exhibit limitations in spatiotemporal feature extraction, failing to effectively capture the complex dependencies within network traffic data. In terms of global dependency modeling, existing models struggle to dynamically adjust key features, impacting the efficiency and accuracy of intrusion detection and response. To address these issues, this paper proposes an innovative hybrid deep learning model, AS-TBR, for AMI intrusion detection in smart grids. The proposed model incorporates the Adaptive Synthetic Sampling (ADASYN) technique to mitigate data imbalance, thereby enhancing the detection accuracy of minority class samples. Simultaneously, Transformer is leveraged to capture global temporal dependencies, BiGRU is employed to model bidirectional temporal relationships, and ResNet is utilized for deep spatial feature extraction. Experimental results demonstrate that the AS-TBR model achieves an accuracy of 93% on the UNSW-NB15 dataset and 80% on the NSL-KDD dataset. Furthermore, it outperforms baseline models in terms of precision, recall, and other key evaluation metrics, validating its effectiveness and robustness in AMI intrusion detection.