Detecting Zero-Day Attacks in Digital Substations via In-Context Learning

TL;DR

This work tackles zero-day intrusion detection in IEC-61850 digital substations by introducing an in-context learning framework based on GPT-2–style transformers. The authors generate diverse training data through multi-mixing and leverage weak classifiers to provide in-context labels, enabling four training regimes: WCTF, MTF, WCDTF, and MDTF, implemented in two architectures (simple transformer and distributional transformer). Results on the IEC-61850 dataset show strong zero-day detection, with MDTF delivering robust zero-shot performance and minimal failure cases, and high accuracy on known attacks, while meeting real-time latency constraints for deployment in substations. The approach demonstrates practical viability for securing digital substations with limited or no retraining, offering a path toward resilient protection against novel cyber threats in critical infrastructure.

Abstract

The occurrences of cyber attacks on the power grids have been increasing every year, with novel attack techniques emerging every year. In this paper, we address the critical challenge of detecting novel/zero-day attacks in digital substations that employ the IEC-61850 communication protocol. While many heuristic and machine learning (ML)-based methods have been proposed for attack detection in IEC-61850 digital substations, generalization to novel or zero-day attacks remains challenging. We propose an approach that leverages the in-context learning (ICL) capability of the transformer architecture, the fundamental building block of large language models. The ICL approach enables the model to detect zero-day attacks and learn from a few examples of that attack without explicit retraining. Our experiments on the IEC-61850 dataset demonstrate that the proposed method achieves more than $85\%$ detection accuracy on zero-day attacks while the existing state-of-the-art baselines fail. This work paves the way for building more secure and resilient digital substations of the future.

Figures (7)

• Figure 1: Traditional ML models, such as Random Forest, Decision Trees, and Convolutional Neural Networks trained on a specific dataset (GOOSE High Status Number (HSN), Inverse Replay (IR), SV High Status Number (HSN), SV Injection (SVI)), often fail to identify novel attacks during the deployment phase. To adapt to the new threats, they require retraining with datasets that include these novel attacks. In contrast, the proposed ICL-based approach can detect novel attacks even if they were not included in the training dataset. ICL allows it to use the in-context data and weak labels $(\hat{y}_{wc,i})$ to better generalize and recognize new attacks without the need for retraining or parameter updates.
• Figure 2: High-level overview of experimentation frameworks.a, Schematic of the overall training and testing methodology (refer to Figure \ref{['fig:pretraining']} for detailed architecture). Simple Transformer Models (TF) utilize hard labels (Lab) for in-context data, while Distributional Transformer Models (DTF) leverage distributions (Dist) for in-context data. Weak-classifier-trained transformers rely solely on weak Lab/Dist, whereas mixed-trained transformers incorporate both weak and ground truth Lab/Dist for in-context data. In Lab + X, Lab represent ground truth hard labels used for loss calculation and X represent ground truth Lab/Dist used in in-context data. b, Sensitivity analysis is conducted by synthetically training weak classifiers using in-distribution (ID) and out-of-distribution (OOD) classes. The pre-trained transformer model is then employed to evaluate OOD detection performance on these weak classifiers. c, Application of the proposed methodology in a real-world substation. $IED_1$ transmits GOOSE messages to $IED_2$ within the stringent latency requirement of 3 ms (per IEC-61850). Concurrently, sampled values (SV) from the merging unit and GOOSE packets are captured, downsampled ($D_{SV}$, $D_{GOOSE}$), preprocessed, and batched (batch size $BS$) before being processed by the proposed transformer-based detection framework (DTF Model). Each packet is processed with an average latency of $T_{average}(H,BS)$ seconds. Anomalous packets trigger a signal to the network controller, preventing the transmission of compromised messages.
• Figure 3: Transformer model architectures perform under different training regimes and ablation studies.a, In-context learning (ICL) performance of the mixed-trained distributional transformer (MDTF) under varying shot counts for out-of-distribution (OOD) attacks and different levels of attack-class diversity. Higher shot numbers consistently improve accuracy, underscoring the emergence of ICL across five random seeds. b ICL performance of the mixed-trained transformer (MTF) model under the same conditions. As with MDTF, greater shot counts lead to higher accuracy, indicating robust ICL emergence over multiple seeds and training diversities. c, Change in performance of MTF and MDTF across varying shot counts for OOD attacks, evaluated at different levels of training-attack diversity. MTF exhibits a more pronounced accuracy gain at lower shot numbers, indicating faster adaptation to OOD patterns compared to MDTF. d, ICL capability of MTF and MDTF across OOD attacks for varying training diversity. Increasing the number of attack classes in training boosts ICL, with MTF generally surpassing MDTF under similar diversity conditions. e Comparison of simple transformer (TF) and distributional transformer (DTF) models under mixed-trained and weak-classifier-trained strategies for various OOD attacks. Weak-classifier-trained models exhibit stronger ICL gains but reduced zero-shot performance relative to mixed-trained models.
• Figure 4: Performance of different models on out-of-distribution (OOD) and in-distribution (ID) data.
• Figure 5: Average inference time per sample ($T_{average}$) under various batch sizes ($BS)$, and hardware and frameworks ($H)$.