An AI and Blockchain-Based Secure Framework for Cyber-Physical Systems Using SMOTE-Enhanced Random Forest on SWAT and Power System Datasets

Cyber-Physical Systems (CPS) are integral to critical infrastructures such as smart grids, water treatment systems, and industrial control environments, but their increasing connectivity exposes them to sophisticated cyber threats. Recent research highlights that integrating Artificial Intelligence (AI) with decentralized technologies such as blockchain can significantly enhance CPS security by enabling intelligent threat detection and secure, tamper-proof data management [1]. However, a major challenge in CPS intrusion detection is the presence of highly imbalanced datasets, which leads to poor detection of minority attack classes and increased false alarm rates.

This paper proposes a hybrid CPS security framework that combines AI-driven intrusion detection with blockchain-based secure logging. To address class imbalance, the Synthetic Minority Oversampling Technique (SMOTE) is employed to generate representative samples of minority attack classes, improving model learning and detection capability [7] . A Random Forest classifier is utilized due to its robustness and effectiveness in handling high-dimensional CPS data. The proposed model is evaluated using the SWaT water treatment dataset and the MSU power system dataset, which are widely used benchmarks for CPS security research. Experimental results demonstrate that the integration of SMOTE significantly improves detection performance, achieving higher accuracy, precision, recall, and F1-score while reducing false positives.

Furthermore, blockchain technology ensures the integrity, transparency, and immutability of detected intrusion records, addressing trust and auditability challenges in CPS environments. Recent IEEE studies emphasize that such hybrid AI–blockchain architectures represent a promising direction for securing next-generation CPS and industrial IoT systems [6] . Overall, the proposed framework provides an efficient, scalable, and secure solution for CPS intrusion detection, particularly in scenarios with imbalanced data distributions.