Deep Anomaly Detection Framework Utilizing Federated Learning for Electricity Theft Zero-Day Cyberattacks

Smart power grids suffer from electricity theft cyber-attacks, where malicious consumers compromise their smart meters (SMs) to downscale the reported electricity consumption readings. This problem costs electric utility companies worldwide considerable financial burdens and threatens power grid stability. Therefore, several machine learning (ML)-based solutions have been proposed to detect electricity theft; however, they have limitations. First, most existing works employ supervised learning that requires the availability of labeled datasets of benign and malicious electricity usage samples. Unfortunately, this approach is not practical due to the scarcity of real malicious electricity usage samples. Moreover, training a supervised detector on specific cyberattack scenarios results in a robust detector against those attacks, but it might fail to detect new attack scenarios. Second, although a few works investigated anomaly detectors for electricity theft, none of the existing works addressed consumers' privacy. To address these limitations, in this paper, we propose a comprehensive federated learning (FL)-based deep anomaly detection framework tailored for practical, reliable, and privacy-preserving energy theft detection. In our proposed framework, consumers train local deep autoencoder-based detectors on their private electricity usage data and only share their trained detectors' parameters with an EUC aggregation server to iteratively build a global anomaly detector. Our extensive experimental results not only demonstrate the superior performance of our anomaly detector compared to the supervised detectors but also the capability of our proposed FL-based anomaly detector to accurately detect zero-day attacks of electricity theft while preserving consumers' privacy.