Abstract:With the deep integration of the physical power grid and the network, the smart grid is facing a variety of cyber attacks, including malicious traffic attacks. By forwarding malicious traffic blindly, these attacks would cause communication failures in the smart grid. Therefore, it is crucial to detect such attacks in a timely and accurate manner for power enterprises. In this paper, we propose a real-time malicious traffic attack detection method based on the Long Short-Term Memory (LSTM) deep learning model. By collecting network traffic in real time and extracting key features, the proposed method is able to determine whether the network is under attack based on LSTM model. Furthermore, a corresponding prototype system was constructed under the Software-Defined Networking (SDN) architecture. Experimental results from the prototype system demonstrate that the method can effectively defend against malicious traffic attacks in actual networks, enhancing the cybersecurity of the power grid.