The global deployment of the phasor measurement units (PMUs) enables real-time monitoring of the power system, which has stimulated considerable research into machine learning-based models for event detection and classification. However, recent studies reveal that machine learning-based methods are vulnerable to adversarial attacks, which can fool the event classifiers by adding small perturbations to the raw PMU data. To mitigate the threats posed by adversarial attacks, research on defense strategies is urgently needed. This paper proposes an effective adversarial purification method based on the diffusion model to counter adversarial attacks on the machine learning-based power system event classifier. The proposed method includes two steps: injecting noise into the PMU data; and utilizing a pre-trained neural network to eliminate the added noise while simultaneously removing perturbations introduced by the adversarial attacks. The proposed adversarial purification method significantly increases the accuracy of the event classifier under adversarial attacks while satisfying the requirements of real-time operations. In addition, the theoretical analysis reveals that the proposed diffusion model-based adversarial purification method decreases the distance between the original and compromised PMU data, which reduces the impacts of adversarial attacks. The empirical results on a large-scale real-world PMU dataset validate the effectiveness and computational efficiency of the proposed adversarial purification method.

翻译：相量测量单元（PMU）在全球范围内的部署实现了对电力系统的实时监测，这激发了基于机器学习的事件检测与分类模型的大量研究。然而，近年来的研究表明，基于机器学习的方法易受对抗攻击影响，攻击者可通过向原始PMU数据中添加微小扰动来欺骗事件分类器。为缓解对抗攻击带来的威胁，亟需开展防御策略研究。本文提出一种基于扩散模型的有效对抗净化方法，以应对针对机器学习式电力系统事件分类器的对抗攻击。所提方法包含两个步骤：向PMU数据注入噪声；利用预训练神经网络消除添加的噪声，同时移除对抗攻击引入的扰动。该对抗净化方法在满足实时运行要求的前提下，显著提升了事件分类器在对抗攻击下的准确率。此外，理论分析表明，本文提出的基于扩散模型的对抗净化方法能够缩小原始PMU数据与受攻击数据之间的距离，从而降低对抗攻击的影响。基于大规模真实PMU数据集的实证结果验证了所提对抗净化方法的有效性与计算效率。