Enhancing Resilience for IoE: A Perspective of Networking-Level Safeguard
Guan-Yan Yang, Jui-Ning Chen, Farn Wang, Kuo-Hui Yeh

TL;DR
This paper proposes a Graph Structure Learning framework to improve the resilience of IoE networks against cyber threats, demonstrating superior robustness through a case study and discussing future research directions.
Contribution
It introduces a novel GSL-based safeguard framework that jointly optimizes graph topology and node representations to resist adversarial attacks in IoE networks.
Findings
GSL outperforms traditional methods in robustness against adversarial attacks
The framework enhances security and reliability of IoE networks
Case study confirms effectiveness of the proposed approach
Abstract
The Internet of Energy (IoE) integrates IoT-driven digital communication with power grids to enable efficient and sustainable energy systems. Still, its interconnectivity exposes critical infrastructure to sophisticated cyber threats, including adversarial attacks designed to bypass traditional safeguards. Unlike general IoT risks, IoE threats have heightened public safety consequences, demanding resilient solutions. From the networking-level safeguard perspective, we propose a Graph Structure Learning (GSL)-based safeguards framework that jointly optimizes graph topology and node representations to resist adversarial network model manipulation inherently. Through a conceptual overview, architectural discussion, and case study on a security dataset, we demonstrate GSL's superior robustness over representative methods, offering practitioners a viable path to secure IoE networks against…
| \columncolor LightBlue\rowcolorLightPink Study | Year | Model | Networking-Level Security | Resilience to Adv. Attacks 111Adv. Attacks: Adversarial Attacks | Scalability | Main Contribution |
| \columncolor LightBlueSong et al. [7] | 2020 | ResNet + ALSTM | \faCheckCircle | \faTimesCircle | \faTimesCircle | Develops an intrusion detection system combining ResNet and Attention-based LSTM (ALSTM) for enhanced detection accuracy in IoE environments. |
| \columncolor LightBlueLee et al. [8] | 2020 | DNN | \faCheckCircle | \faTimesCircle | \faTimesCircle | Implements a deep learning approach to detect various cyber-attacks within AMI networks. |
| \columncolor LightBlueWu et al. [9] | 2022 | GNN | \faTimesCircle | \faTimesCircle | \faCheckCircle | Applies GNNs to identify anomalies in industrial IoT settings, enhancing detection capabilities. |
| \columncolor LightBlueSuárez-Varela et al. [10] | 2023 | GNN | \faTimesCircle | \faTimesCircle | \faCheckCircle | Provides a comprehensive overview of GNN applications in communication networks, highlighting potential use cases. |
| \columncolor LightBlueLuo et al. [11] | 2025 | GNN | \faTimesCircle | \faTimesCircle | \faCheckCircle | Explores the use of GNNs for evaluating trustworthiness within network entities. |
| \columncolor LightBlueLi et al. [12] | 2025 | GNN + DRL | \faCheckCircle | \faTimesCircle | \faCheckCircle | Combines GNNs with deep reinforcement learning to bolster network resilience against various threats. |
| \columncolor LightBlueThis paper | – | GSL | \faCheckCircle | \faCheckCircle | \faCheckCircle | Substitute GNN to GSL for enhancing network resilience for IoE against various future networking-level threats. |
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
\definecolor
LightPinkrgb1.0, 0.9, 0.9 \definecolorLightBluergb0.9, 0.95, 1.0
Enhancing Resilience for IoE: A Perspective of Networking-Level Safeguard
Guan-Yan Yang
Jui-Ning Chen
Farn Wang
Kuo-Hui Yeh, This work was partially supported by the Taiwan Academic Cybersecurity Center at the National Taiwan University of Science and Technology and by the National Science and Technology Council (NSTC) under Grants 114-2221-E-002-217, 114-2622-E-A49-022, 114-2221-E-A49-210, 114-2634-F-011-002-MBK, 114-2923-E-194-001-MY3, and MOST 110-2221-E-002-069-MY3. Additional financial support was provided by National Taiwan University (NTU) and the NTU Core Consortium Project as part of the Higher Education Sprout Project by the Ministry of Education in Taiwan, under Grants NTU-CC-114L895501 and NTU-G0647. Further partial financial support was provided by the Department of Industrial Technology, Ministry of Economic Affairs, under the ”2025 ITRI Advanced Research Program” (Grant No.: 114-EC-17-A-21-0337) and by the Hon Hai Research Institute, Taipei Taiwan (Project No.: 114UA90042). The authors would like to express their gratitude for the financial support. *(Corresponding author: Kuo-Hui Yeh & Farn Wang.)*Guan-Yan Yang and Farn Wang are with the Department of Electrical Engineering at National Taiwan University, Taipei 106319, Taiwan R.O.C. (e-mail: [email protected]; [email protected]). Jui-Ning Chen is with the Institute of Information Science, Academia Sinica, Taipei, Taiwan, and also with Google. (e-mail: [email protected])Kuo-Hui Yeh is with the Institute of Artificial Intelligence Innovation, National Yang Ming Chiao Tung University, No. 1001, Da Hsueh Road, East District, Hsinchu City, 300093, Taiwan R.O.C., and also with the Department of Information Management, National Dong Hwa University, No. 1, Sec. 2, Da Hsueh Road, Shoufeng, Hualien, 974301, Taiwan R.O.C. (e-mail: [email protected]). 0000-0003-0598-761X
Abstract
The Internet of Energy (IoE) integrates IoT-driven digital communication with power grids to enable efficient and sustainable energy systems. Still, its interconnectivity exposes critical infrastructure to sophisticated cyber threats, including adversarial attacks designed to bypass traditional safeguards. Unlike general IoT risks, IoE threats have heightened public safety consequences, demanding resilient solutions. From the networking-level safeguard perspective, we propose a Graph Structure Learning (GSL)-based safeguards framework that jointly optimizes graph topology and node representations to resist adversarial network model manipulation inherently. Through a conceptual overview, architectural discussion, and case study on a security dataset, we demonstrate GSL’s superior robustness over representative methods, offering practitioners a viable path to secure IoE networks against evolving attacks. This work highlights the potential of GSL to enhance the resilience and reliability of future IoE networks for practitioners managing critical infrastructure. Lastly, we identify key open challenges and propose future research directions in this novel research area.
Index Terms:
Internet of Energy, Cybersecurity, Network Resilience, Internet of Things, Graph Neural Networks, Graph Structure Learning, Adversarial Attacks.
I Introduction
The Internet of Energy (IoE) signifies a transformative evolution of traditional energy systems by integrating energy infrastructure with the Internet of Things (IoT). This convergence enables intelligent energy generation, transmission, and consumption, bolstering efficiency and sustainability [1]. At the heart of this transformation lies the smart grid, where real-time data from smart meters, sensors, actuators, and distributed energy resources enables dynamic control and optimization. Advanced Metering Infrastructure (AMI) often underpins this communication, facilitating bi-directional data exchange between consumers and utilities [2].
However, the same connectivity that empowers IoE also exposes critical vulnerabilities. Each connected device represents a potential attack vector, drastically expanding the attack surface of energy infrastructure. While conventional threats such as Denial-of-Service (DoS) and data theft persist, a new class of threats—adversarial attacks—is emerging [3]. These adversarial attacks exploit security mechanisms themselves rather than directly disrupting operations. For instance, attackers may manipulate sensor data or network traffic to mislead AI-based Intrusion Detection Systems (IDS), causing malicious activities to be misclassified as benign, or generating false alarms that effectively disable network defenses. Incidents like the Ukrainian power grid attack [4] demonstrate the catastrophic consequences of exploiting IoT vulnerabilities in energy networks.
Traditional networking-level defenses, such as firewalls, signature-based IDS, and machine learning-based anomaly detectors, are often ill-equipped to counter such sophisticated and adaptive attacks. These systems rely on static assumptions about network structure or data distribution, which adversaries can manipulate. The need for resilient, adaptive security solutions specifically tailored to the dynamic and heterogeneous nature of IoE networks is critical.
This article offers a tutorial perspective on enhancing IoE resilience at the networking level. We introduce Graph Structure Learning (GSL) [5] as a promising approach for safeguarding IoE networking and propose a GSL-based framework for integrating systems like AMI. GSL’s ability to simultaneously learn network structure and data representations enhances robustness against adversarial manipulation, making it particularly suitable for IoE’s evolving threat landscape.
Our key contributions are:
- •
A brief overview of the IoE networks landscape, its inherent threats, and the limitations of existing networking-level safeguard methods.
- •
A conceptual introduction to GSL and its application illustration as a networking-level safeguard for IoE environments.
- •
A demonstration of how GSL’s co-optimization of graph structure and node representations enhances resilience for IoE against adversarial attacks.
- •
A case study for IoE using a widely recognized dataset to validate the proposed GSL-based networking-level safeguard framework under adversarial conditions in the network model.
II A Brief Overview of the IoE Network and Its Networking-Level Threats
To protect the Internet of Energy (IoE) effectively, we must first understand its environment, structure, and inherent vulnerabilities. The IoE fundamentally merges Operational Technology (OT), which controls physical energy hardware (generators, transformers, and switches), with Information Technology (IT), which manages data through networks, servers, and software. This powerful integration aims to create a smarter, more efficient energy grid. Key objectives include improved integration of renewable energy, optimized power flow, predictive maintenance capabilities, and support for new consumer services like demand-response programs.
This convergence of OT and IT permeates the entire energy value chain, broadly categorized into interconnected domains, as visualized in the (a) of Figure 1.
Connecting these diverse components across vast geographical areas requires a complex tapestry of communication technologies, also depicted in Figure 1. Wired solutions like power line communication cleverly utilize the existing electrical wiring for data transfer, and traditional Ethernet is often used where feasible. However, the sheer scale and physical distribution of IoE devices necessitate extensive use of wireless technologies. These range from high-bandwidth options like Wi-Fi and cellular (including 5G and future 6G, offering low latency and high capacity) to low-power, wide-area networks (LPWANs) such as LoRaWAN and NB-IoT, which are ideal for connecting numerous low-data-rate devices like sensors and meters over long distances with minimal power consumption [1]. The AMI system alone constitutes a massive network, potentially linking millions of smart meters through various collector nodes and gateways to utility data centers and control centers, which oversee grid operations.
While this hyper-connectivity unlocks unprecedented grid modernization and efficiency capabilities, it fundamentally changes the security landscape. Every connected device, sensor, communication link, and control system becomes a potential entry point or target for malicious actors. This expanded attack surface introduces significant networking-level vulnerabilities that could compromise grid stability, data integrity, and consumer privacy. The (b) of Figure 1 provides a taxonomy of these key threats:
Denial-of-Service (DoS) / Distributed Denial-of-Service (DDoS) Attacks: The IoE depends on reliable communication for monitoring and control. Attackers can target this by overwhelming network links or control systems with useless traffic. They might compromise many IoE devices (which often have limited processing power) and use them together (as a ’botnet’) to launch a large-scale DDoS attack. This flood of traffic can block legitimate communication, preventing operators from seeing grid conditions or sending vital control commands, potentially causing outages or instability. 2. 2.
Malicious Intrusion and Data Manipulation: If an attacker gains access to the IoE network or compromises a device, they can interfere with operations. This could mean changing smart meter readings to steal energy or disrupt billing. More seriously, attackers could send false commands to equipment in substations, potentially damaging hardware or causing blackouts, or alter sensor data to give operators a false picture of the grid’s status. 3. 3.
Malicious Eavesdropping: Data transmitted across the IoE, especially using wireless or older protocols, may not be adequately encrypted. Attackers who intercept these communications could steal sensitive operational details (such as power flow information or equipment status) or private customer data (like energy usage patterns). This stolen information could be used for corporate espionage, planning further attacks, or violating privacy regulations. 4. 4.
Adversarial Attacks Against Smart IoE Systems [6]: As IoE systems become more intelligent, they increasingly incorporate machine learning (ML) algorithms for crucial tasks like anomaly detection, intrusion prevention, load forecasting, and optimizing power flow. Adversarial attacks are designed to deceive these ML models, undermining the ’smart’ defenses and operational logic. These attacks exploit how ML models learn from data and make predictions. As illustrated schematically in Figure 1, key types include:
- •
Poisoning Attacks: These occur during the ML model’s training phase. The attacker subtly injects carefully crafted malicious data into the dataset used to train the model, perturbs the edges and node attributes, or injects nodes. The goal is to degrade the model’s performance on legitimate tasks (such as making a detection system less likely to spot real attacks).
- •
Evasion Attacks: These happen during the model’s operational (inference) phase after training. The attacker crafts malicious inputs (such as network packets and sensor readings) intentionally designed to be misclassified as benign by the ML model. This allows attacks to slip past ML-based security filters undetected.
- •
Backdoor Attacks: While sometimes initiated through poisoning, backdoor attacks focus on creating a specific, hidden vulnerability. The attacker manipulates the model (or the data patterns it learns, such as particular network subgraph structures) to behave normally most of the time but responds incorrectly or grants unauthorized access when presented with a secret trigger known only to the attacker.
The potential impact of adversarial attacks is particularly alarming, as they target the intelligence designed to enhance grid reliability and security [3]. A compromised ML system could fail to detect genuine threats or initiate incorrect control actions based on manipulated inputs, potentially leading to cascading failures or widespread blackouts. Consequently, securing the IoE effectively demands a paradigm shift from static, perimeter-based security to more sophisticated, adaptive defense mechanisms. These solutions must detect not only known attack patterns but also subtle manipulations of data and system behavior inherent in adversarial attacks, ensuring the overall resilience of the energy infrastructure.
III Strengths and Limitations of Current Networking-Level Safeguards
The IoE represents the convergence of modern energy systems with advanced networking technologies, enabling real-time monitoring, decentralized energy trading, and intelligent, autonomous control. As the IoE ecosystem expands, it simultaneously broadens the potential attack surface, necessitating the development of robust, adaptive, and scalable security mechanisms. While IoE networks employ various security mechanisms at the networking level to monitor and control traffic flows, their effectiveness against sophisticated adversarial threats remains a critical area of research.
In recent years, there has been a surge in research aimed at safeguarding IoE infrastructures through integrated and decentralized frameworks. Table III summarizes key approaches potentially for IoE networking-level safeguards, highlighting their respective ability for networking-level security, adversarial attacks, scalability, and main contribution.
The reference list from the paper itself. Each links out to its DOI / PubMed record.
- 1[1] N. Bui, A. P. Castellani, P. Casari, and M. Zorzi, “The internet of energy: a web-enabled smart grid system,” IEEE Network , vol. 26, no. 4, pp. 39–45, 2012.
- 2[2] A. Ghosal and M. Conti, “Key management systems for smart grid advanced metering infrastructure: A survey,” IEEE Communications Surveys & Tutorials , vol. 21, no. 3, pp. 2831–2848, 2019.
- 3[3] N. Abdi, A. Albaseer, and M. Abdallah, “The role of deep learning in advancing proactive cybersecurity measures for smart grid networks: A survey,” IEEE Internet of Things Journal , vol. 11, no. 9, pp. 16 398–16 421, 2024.
- 4[4] A. Kott, G. Y. Dubynskyi, A. Paziuk, S. E. Galaitsi, B. D. Trump, and I. Linkov, “Russian cyber onslaught was blunted by ukrainian cyber resilience, not merely security,” Computer , vol. 57, no. 8, pp. 82–89, 2024.
- 5[5] Y. Guo, D. Bo, C. Yang, Z. Lu, Z. Zhang, J. Liu, Y. Peng, and C. Shi, “Data-centric graph learning: A survey,” IEEE Transactions on Big Data , vol. 11, no. 1, pp. 1–20, 2025.
- 6[6] H. Zhang, B. Wu, X. Yuan, S. Pan, H. Tong, and J. Pei, “Trustworthy graph neural networks: Aspects, methods, and trends,” Proceedings of the IEEE , vol. 112, no. 2, pp. 97–139, 2024.
- 7[7] J. Song, B. Li, Y. Wu, Y. Shi, and A. Li, “Real: A new resnet-alstm based intrusion detection system for the internet of energy,” in 2020 IEEE 45th Conference on Local Computer Networks (LCN) . IEEE, 2020, pp. 491–496.
- 8[8] S. Lee, J. Kim, and H. Park, “Deep learning-based intrusion detection system for advanced metering infrastructure,” in Proceedings of the International Conference on Network and Information Systems Security (NISS) , 2020, pp. 1–6.
