What is it about?
With the advances in deep generative models, synthetic media have become so realistic that they are often indiscernible from authentic content for human eyes. However, synthetic media generation techniques used by malicious users to deceive pose a severe societal and political threat. In this context, Deepfakes - facial forgery technique that depicts human subjects with altered identities or malicious actions using various deep fake generation techniques- has been flagged as a top AI threat. Deep fakes have been used to commit fraud, falsify evidence, manipulate public debates, and destabilize political processes. However, the popular DeepFake passive detection is an ex-post forensics countermeasure and fails in blocking the disinformation spread in advance. Alternatively, precautions such as adding perturbations to the real data for unnatural distorted DeepFake output easily spotted by the human eyes are introduced as proactive defenses. The aim of this paper is to propose a novel proactive facial forgery-based DeepFake detection technique using GAN-based visible watermarking.
Featured Image
Photo by Steve Johnson on Unsplash
Why is it important?
With the advances in generative adversarial networks (GAN), facial manipulations called DeepFakes have caused major security risks and raised severe societal concerns. However, the popular DeepFake passive detection is an ex-post forensics countermeasure and fails in blocking the disinformation spread in advance. Alternatively, precautions such as adding perturbations to the real data for unnatural distorted DeepFake output easily spotted by the human eyes are introduced as proactive defenses. Recent studies suggest that these existing proactive defenses can be easily bypassed by employing simple image transformation and reconstruction techniques when applied to the perturbed real data and the distorted output, respectively. The aim of this paper is to propose a novel proactive DeepFake detection technique using GAN-based visible watermarking. To this front, we propose a reconstructive regularization added to the GAN's loss function that embeds a unique watermark to the assigned location of the generated fake image. Thorough experiments on multiple datasets confirm the viability of the proposed approach as a proactive defense mechanism against DeepFakes from the perspective of detection by human eyes. Thus, our proposed watermark-based GANs prevent the abuse of the pretrained GANs and smartphone apps, available via online repositories, for DeepFake creation for malicious purposes. Further, the watermarked DeepFakes can also be detected by the SOTA DeepFake detectors. This is critical for applications where automatic DeepFake detectors are used for mass audits due to the huge cost associated with human observers examining a large amount of data manually.
Perspectives
The aim of this paper is to propose a novel proactive facial forgery-based DeepFake detection technique using GAN-based visible watermarking. A digital watermark allows a piece of data to be identified as being owned by someone or having a specific copyright. Most of the traditional image-based watermarking techniques operate by changing the transform domain coefficients of the image using different transforms (such as Discrete Cosine Transform (DCT) and Discrete Fourier Transform (DFT)). Existing studies demonstrate the low robustness of these traditional techniques against adversarial and removal attacks compared to watermarking techniques embedded in deep neural networks. Further, the watermarked DeepFakes embedded using traditional watermarking techniques may obtain poor performance on the SOTA DeepFake detectors. This is because of the modification of the high-frequency components in fake images representing the artifacts used for DeepFake detection. Although a number of watermarking techniques embedded in Deep Neural Networks have been proposed, the challenge in GAN-based watermarking is partially ascribed to the large variety of GAN-based application domains. Therefore, how to embed a watermark through appropriate regularization terms is challenging. A study in proposed GAN-based visible watermarking technique for Intellectual Property Right (IPR) protection of different GAN models. Following the same line, our aim is DeepFake detection in a proactive fashion.
Aakash Varma Nadimpalli
Wichita State University
Read the Original
This page is a summary of: ProActive DeepFake Detection using GAN-based Visible Watermarking, ACM Transactions on Multimedia Computing Communications and Applications, September 2023, ACM (Association for Computing Machinery),
DOI: 10.1145/3625547.
You can read the full text:
Resources
Contributors
The following have contributed to this page
