A Unified Cybersecurity Framework for Smart Grids Against Data Integrity Attacks Using Ensemble Learning and Hybrid Encryption

The increasing frequency and sophistication of cyberattacks on smart grid infrastructures have raised critical concerns over data integrity, operational resilience, and real-time response capabilities. This study introduces a unified cybersecurity framework for cyber-physical power systems that integrate high-performance anomaly detection with provably secure cryptographic protection. A comprehensive dataset, built upon the IEEE 24-bus test system, includes a diverse set of operational states and five classes of false data injection attacks (FDIAs), including stealthy and replay-based intrusions. To accurately detect both common and sophisticated threats, we implement a suite of supervised learning models—RF, MLP, and Decision Trees—alongside an ensemble strategy termed MVCC, which achieves up to 99.90% accuracy in binary classification and 99.88% in multiclass settings. For defense at the data level, we deploy a two-tier encryption architecture combining AES-GCM (for confidentiality and authenticity) with RSA-OAEP (for secure key management), demonstrating strong resilience against standard attack models (COA, KPA, CPA, CCA) and achieving nearly uniform ciphertext entropy (7.99 bits/byte). The system’s real-time applicability is validated through the deployment of the RF classifier on a PYNQ-Z2 FPGA platform, attaining sub-second inference latency. Further, unsupervised (DBSCAN, K-Means) and temporal (LSTM) models are incorporated for stealthy anomaly localization and early threat prediction. This work presents a scalable, interpretable, and cryptographically secure solution for protecting next-generation smart grids against evolving data integrity threats.