Abstract

The growing prevalence of Internet of Things (IoT) devices in smart grids streamlines energy management, automation, and monitoring, yet brings along significant security threats, including zero-day attacks that exploit unexplored vulnerabilities in systems. It is difficult for current intrusion detection models to properly manage zero-day attacks in real-time, especially with wide variations in parameters, low-dimensional insights can be weak, and they may have limited visibility to various types of attacks. As such, this research proposes a privacy-aware transformer-based meta-learning framework for zero-day intrusion detection for IoT-enabled environments such as smart grids. Meta-learning supports the knowledge obtained from prior attack types to proactively detect a new or unseen attack; therefore, it will serve as an additional layer of cybersecurity, with greater response time, and can offer preventive capabilities. In addition, the transformer model was selected so that it can model temporal dependencies and interdependencies between all of the IoT devices. For example, on a smart grid, there may be millions of IoT devices; prior deep learning approaches have failed over large datasets experiencing hundreds of thousands of data inputs or interactions. The meta-learning enables precise identification of unfounded alerts, contributing to a lower likelihood of false-positive alerts. Performing any type of protection for end-users and operations is important; therefore, the fusion of meta-learning with privacy, or privacy-preserving, is addressed through federated learning so that sensitive operations and user data can remain locally on the device while contributing to the central, or global, detection model. Experimental evaluation of benchmark IoT smart grid datasets shows that the proposed framework outperforms conventional machine learning and deep learning approaches in detection accuracy, adaptability to new threats, and resilience to adversarial attacks. The findings support the value of utilizing Transformer architectures, meta-learning techniques, and privacy-preserving approaches to build a scalable, secure, and reliable approach to zero-day intrusion detection in smart grid systems. The results from this research will serve as a foundation to develop next-generation cybersecurity solutions that can actively safeguard critical energy infrastructure against new threats emerging from the IoT.