The poisoning attack and defense method for data-driven algorithm in power system
摘要
In contemporary power systems characterized by massive data volume and high-dimensional information flow, the integration of data-driven algorithms introduces critical vulnerabilities pertaining to both data integrity and algorithmic trustworthiness. This study investigates a novel poisoning attack methodology, specifically designed for power system applications, wherein adversarial backdoors are imperceptibly embedded during the model training process by modeling node-specific vulnerabilities and accounting for existing bad data detection mechanisms. The attack strategy accounts for node-specific backdoor activation rates and the performance of Bad Data Detection (BDD) mechanisms. These latent backdoors may become operational when triggered by carefully crafted data injections or fabricated short-circuit events. To counteract such threats, a comprehensive defense scheme is developed, encompassing poisoned data identification and malicious input filtration. The defense approach leverages frequency-domain co-phenetic correlation analysis across nodes to detect anomalous data behavior indicative of poisoning attempts. Upon identification, data originating from maliciously influenced critical nodes are excised, and a spatial-temporal reconstruction technique is employed based on inter-node similarity to restore system observability and data consistency. The proposed multi-stage defense pipeline demonstrates a substantial reduction in both backdoor implantation success and its activation probability. Experimental validations on a real-time transient stability assessment system affirm the efficacy and resilience of the proposed methods.