Enhancing adversarial robustness in power quality classification systems: an attention-based defense framework

Power quality monitoring is essential for ensuring the reliability, stability, and security of modern electrical networks. While deep learning models have demonstrated exceptional performance in classifying power quality disturbances, they remain critically vulnerable to adversarial perturbations—posing significant risks to smart grid cybersecurity. This paper introduces three novel contributions to the field of power quality cybersecurity: (1) Signal-Agnostic Adversarial (SAA) attacks—a perturbation method tailored specifically for power quality signals; (2) an attention-based convolutional neural network (CNN) architecture that consistently achieves 5–7% points higher robustness under attack compared to conventional models; and (3) comprehensive vulnerability fingerprinting, which exposes architecture-specific adversarial attack patterns and provides insights into structural weaknesses. We conduct a systematic analysis of CNN-based power quality classification models subjected to adversarial manipulations and propose effective defense strategies. Three attack methodologies are introduced and evaluated: the Fast Gradient Sign Method (FGSM), Signal-Specific Adversarial (SSA) attacks, and the proposed SAA attacks. Experimental results reveal catastrophic degradation in model performance, with accuracy reductions of up to 80–90% points under attack. To mitigate these vulnerabilities, our attention-based CNN model demonstrates significantly improved resilience, and adversarial training further enhances robustness—achieving up to 58.47% accuracy against SSA, the most potent attack vector. The findings underscore critical security implications of deep learning in power systems and offer practical mitigation strategies for enhancing robustness in real-world smart grid deployments.