Contents I. Introduction
In 2015, sixty substations were unexpectedly switched off as a consequence of an organized cyberattack targeting Ukranian power gird. The result of the attack was a huge power shortage for almost a quarter of a million end-use customers in that country [1]. Three years later in 2018, the U.S. power grid experienced another cyberattack by which the attackers collected sensitive information to figure out how different types of the U.S. power plants operate [2]. According to the Department of Homeland Security, that cyberattack was only one out of several attacks reported to the public [3]. The occurrence of such cyberattacks in noticeably larger dimensions will be inevitable in the future since 1) large-scale synchrophasor systems will provide a huge amount of data for monitoring/controlling of power networks to improve the social welfare of local people [4] and 2) widespread of Internet of Things (IOT) systems links different components of the power grid via a set of specific protocols through Internet [5]. Despite its merits to facilitate the task of automated system operation and control, IoT-based systems are vulnerable to cyberattacks affecting their performance and stability. Toward this end, it is crucial to develop a reliable detection framework to expeditiously track the presence of false data or malicious activities in the cyber layer of power grids and alert the corresponding power system operators about the cyberattack. Therefore, they can respond to the attack and handle the targeted system in a timely manner by mitigating the negative impacts of the cyberattacks.
