Anti-Forensic Deepfake Personas and How To Spot Them

Anti-Forensic Deepfake Personas and How To Spot Them

연구 분야: Strategies

학회: 2022 International Joint Conference on Neural Networks (IJCNN)

Forensic systems have recently been studied to detect and prevent deepfakes abuses such as fake personas, frauds, misinformation, or harassment. At the same time, anti-forensic deepfakes are being investigated to understand the gaps in these detection systems and pave the way for improvement. In this paper, we investigate the threat of anti-forensic fake personas, where a fraudster creates a fake personal profile from multiple anti-forensic deepfake images portraying a single identity. To comprehensively study this threat model, we consider three approaches that an attacker may use to conduct such attacks, encompassing both white- and black-box scenarios. A range of defense strategies is then proposed with the aim to improve the robustness of current forensic systems against such threats. Experimental result shows that while the attacks can bypass current detection, our proposed defense approaches that consider the multi-image nature of a fake persona can effectively mitigate this threat by lowering the attack success rate.