<p>In contemporary power systems characterized by massive data volume and high-dimensional information flow, the integration of data-driven algorithms introduces critical vulnerabilities pertaining to both data integrity and algorithmic trustworthiness. This study investigates a novel poisoning attack methodology, specifically designed for power system applications, wherein adversarial backdoors are imperceptibly embedded during the model training process by modeling node-specific vulnerabilities and accounting for existing bad data detection mechanisms. The attack strategy accounts for node-specific backdoor activation rates and the performance of Bad Data Detection (BDD) mechanisms. These latent backdoors may become operational when triggered by carefully crafted data injections or fabricated short-circuit events. To counteract such threats, a comprehensive defense scheme is developed, encompassing poisoned data identification and malicious input filtration. The defense approach leverages frequency-domain co-phenetic correlation analysis across nodes to detect anomalous data behavior indicative of poisoning attempts. Upon identification, data originating from maliciously influenced critical nodes are excised, and a spatial-temporal reconstruction technique is employed based on inter-node similarity to restore system observability and data consistency. The proposed multi-stage defense pipeline demonstrates a substantial reduction in both backdoor implantation success and its activation probability. Experimental validations on a real-time transient stability assessment system affirm the efficacy and resilience of the proposed methods.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

The poisoning attack and defense method for data-driven algorithm in power system

  • Zengji Liu,
  • Junjun Xu,
  • Tengfei Zhang,
  • Yeyi Ji,
  • Qi Wang

摘要

In contemporary power systems characterized by massive data volume and high-dimensional information flow, the integration of data-driven algorithms introduces critical vulnerabilities pertaining to both data integrity and algorithmic trustworthiness. This study investigates a novel poisoning attack methodology, specifically designed for power system applications, wherein adversarial backdoors are imperceptibly embedded during the model training process by modeling node-specific vulnerabilities and accounting for existing bad data detection mechanisms. The attack strategy accounts for node-specific backdoor activation rates and the performance of Bad Data Detection (BDD) mechanisms. These latent backdoors may become operational when triggered by carefully crafted data injections or fabricated short-circuit events. To counteract such threats, a comprehensive defense scheme is developed, encompassing poisoned data identification and malicious input filtration. The defense approach leverages frequency-domain co-phenetic correlation analysis across nodes to detect anomalous data behavior indicative of poisoning attempts. Upon identification, data originating from maliciously influenced critical nodes are excised, and a spatial-temporal reconstruction technique is employed based on inter-node similarity to restore system observability and data consistency. The proposed multi-stage defense pipeline demonstrates a substantial reduction in both backdoor implantation success and its activation probability. Experimental validations on a real-time transient stability assessment system affirm the efficacy and resilience of the proposed methods.