The invention discloses a power terminal loophole attack detection method based on message features, and belongs to the technical field of intelligent power grid terminal equipment safety. The methodcomprises the following steps: S01, acquiring communication message data between power terminal equipment and a master station, and classifying the communication message data of the power terminal equipment in a normal working state and an attacked state into a positive sample and a negative sample; s02, performing feature extraction on the positive sample and the negative sample, and forming a sample feature vector; s03, based on the sample feature vector, selecting a classifier to perform deep neural network training, and generating a vulnerability attack detection model; s04, collecting real-time communication message data between the power terminal equipment and the main station in work; s05, performing feature extraction on the real-time communication message data, and forming a detection feature vector; and S06, inputting the detection feature vector into a vulnerability attack detection model to detect whether the power terminal is attacked or not and the attack type. Accordingto the method, the power terminal equipment is subjected to safety monitoring from a network layer, and the power grid safety is improved.