AI: Detectors and Precautions against Deepfakes Attacks

Published on | April 22, 2021


Lies spread faster than truth, fake news and misleading headlines can fool millions of watchers and readers, and the ability to alter reality has taken a leap forward with the prevalence of “deepfake” technology. Deepfake technology doesn’t only have the ability to produce fake news but it is also used in financial fraud, hoaxes, and pornography.  

What is a Deepfake?

The term Deepfake melds two words: deep and fake. It combines the concept of deep learning which is a subfield of artificial intelligence with creating content that isn’t real. Deepfakes are generated images, videos, and sounds created by Deep learning algorithms for real people doing things they never did or said and it’s hard to detect by the average user. It gained more attention after a lot of users used it for making pornography for celebrities and fake videos for politicians saying and doing things they never did or said which is a real threat. Below is a deepfake image of Jim Carrey instead of Jack Nicholson in the movie ‘The Shining.

How does Deep Fake work?

The technique first extracts information about the anonymous subject’s facial expressions by finding the positions of their eyes, ears, shoulders and nose.
It then uses deep learning methods – the most powerful of which is GANs (Generative Adversarial neural networks). GANs are relatively recent concepts in AI which aim to synthesize artificial images that are indistinguishable from authentic ones. GANs consist of two separate artificial neural networks contesting with each other in a game, one of the networks working as a generator and the other one as a discriminator.
  • The Generator is like a money forger that wants to fool the police detective to successfully use his forged money.
  • Simultaneously, the Discriminator is the police detective who wants to detect the forged money and allow people with real money to safely spend it without punishment.
  • With time, both players get better and better in doing their job until the generator becomes smart enough to fool the discriminator in 50% of the cases which is the goal of GANs to establish equilibrium between the errors of the two networks so that the generator is capable of creating very realistic fake images.
  The whole system will be trained on millions of face images to create an entirely new face with the same expression. Then the new face is blended into the original photo, retaining the same background.  

How to detect the deep fakes?

Poorly made deepfake videos and images may be easy to identify, but higher-quality deepfakes can be tough and difficult to detect. Below are some characteristics we can use to detect deepfakes:
  • Unnatural body shape, hair, or skin color.
  • A lack of blinking.
  • Unnatural eye movement.
  • Bad lip-syncing.
  • A mismatch between the size of eyes and ears.
  • Unnatural positioning between the head and body during the video.
Even with these characteristics, the continuous advances in technology created more trained and advanced deepfakes that are very hard to detect and that’s why a lot of researches and initiatives have been made to use AI algorithms to detect and attack the deepfakes which are also generated by AI. Hence, It’s like using AI against AI. One of these initiatives have been done to detect the deepfakes like DFDC (Deepfake Detection challenge) that was kicked off by major companies like Facebook to help innovation in deepfake detection technologies and to achieve faster solutions by sharing work and motivating the researchers to create creative solutions, the highest average precision achieved in this competition was 82.56% on a public dataset shared with 124k videos. The whole challenge also featured 8 different algorithms to detect facial modifications. Also, one of the most recent and interesting researches has been made by scientists from the University at Buffalo to detect deepfakes by detecting the reflection of light in the eyes. The concept is that, if you captured a photo for a real face with a source of light, the reflection on both eyeballs will be similar because they are seeing the same thing in the scene, which successfully attacks GANs. In this case, while generating these deepfakes, it failed to imitate this reflection behavior on both eyeballs, and by analyzing the corneas, a score generated for each eyeball which used as a similarity metric that indicates the deepfakes with the smaller scores  

Images of real human eyes 

Images of Fake synthesized human eyes 

  The system is effective with 94% accuracy in deepfakes detection. Despite that, it has some limitations regarding the ] need for a light reflection source for both eyeballs and it’s proven effective only in portrait images. Overall, the researchers plan to investigate these issues to improve the effectiveness of their method. Read more about the research here.

Some precautions you can take against a Deepfake

One of the precautions you can take is to limit your public presence on social media and apply more privacy restrictions to prevent scammers from stealing your images and voice. Applying more powerful verification procedures in your work and validating well the people you are talking to through digital communications. Don’t believe anything you see or hear for the first time on social media or even the news, always validate first. In the end, more education and awareness of the technology to the average users will help society more than anything else to face these new challenges – as detectors get better and smarter, so will the deepfake technology.    

Author:  Mina Tharwat, Computer Vision Engineer