当前位置:
X-MOL 学术
›
arXiv.cs.CR
›
论文详情
Our official English website, www.x-mol.net, welcomes your
feedback! (Note: you will need to create a separate account there.)
DeepTag: Robust Image Tagging for DeepFake Provenance
arXiv - CS - Cryptography and Security Pub Date : 2020-09-21 , DOI: arxiv-2009.09869 Run Wang, Felix Juefei-Xu, Qing Guo, Yihao Huang, Lei Ma, Yang Liu, Lina Wang
arXiv - CS - Cryptography and Security Pub Date : 2020-09-21 , DOI: arxiv-2009.09869 Run Wang, Felix Juefei-Xu, Qing Guo, Yihao Huang, Lei Ma, Yang Liu, Lina Wang
In recent years, DeepFake is becoming a common threat to our society, due to
the remarkable progress of generative adversarial networks (GAN) in image
synthesis. Unfortunately, existing studies that propose various approaches, in
fighting against DeepFake, to determine if the facial image is real or fake, is
still at an early stage. Obviously, the current DeepFake detection method
struggles to catchthe rapid progress of GANs, especially in the adversarial
scenarios where attackers can evade the detection intentionally, such as adding
perturbations to fool DNN-based detectors. While passive detection simply tells
whether the image is fake or real, DeepFake provenance, on the other hand,
provides clues for tracking the sources in DeepFake forensics. Thus, the
tracked fake images could be blocked immediately by administrators and avoid
further spread in social networks. In this paper, we investigated the potentials of image tagging in serving the
DeepFake provenance. Specifically, we devise a deep learning-based approach,
named DeepTag, with a simple yet effective encoder and decoder design to embed
message to the facial image, which is to recover the embedded message after
various drastic GAN-based DeepFake transformation with high confidence. The
embedded message could be employed to represent the identity of facial images,
which further contributed to DeepFake detection and provenance. Experimental
results demonstrate that our proposed approach could recover the embedded
message with an average accuracy of nearly 90%. Our research finding confirms
effective privacy-preserving techniques for protecting personal photos from
being DeepFaked. Thus, effective proactive defense mechanisms should be
developed for fighting against DeepFakes, instead of simply devising DeepFake
detection methods that can be mostly ineffective in practice.
中文翻译:
DeepTag:DeepFake Provenance 的强大图像标记
近年来,由于生成对抗网络 (GAN) 在图像合成方面的显着进步,DeepFake 正成为我们社会的共同威胁。不幸的是,现有的研究提出了各种方法来对抗 DeepFake,以确定面部图像是真是假,仍处于早期阶段。显然,当前的 DeepFake 检测方法难以赶上 GAN 的快速进步,尤其是在攻击者可以故意逃避检测的对抗性场景中,例如添加扰动以欺骗基于 DNN 的检测器。虽然被动检测只是告诉图像是假的还是真实的,但另一方面,DeepFake 的出处为在 DeepFake 取证中跟踪来源提供了线索。因此,管理员可以立即阻止跟踪的虚假图像,并避免在社交网络中进一步传播。在本文中,我们研究了图像标记在服务 DeepFake 出处方面的潜力。具体来说,我们设计了一种基于深度学习的方法,名为 DeepTag,具有简单而有效的编码器和解码器设计,可将消息嵌入到面部图像中,即在各种基于 GAN 的剧烈 DeepFake 转换后以高置信度恢复嵌入的消息。嵌入的消息可用于表示面部图像的身份,这进一步有助于 DeepFake 检测和出处。实验结果表明,我们提出的方法可以以接近 90% 的平均准确率恢复嵌入的消息。我们的研究结果证实了有效的隐私保护技术可以保护个人照片不被 DeepFake。因此,应该开发有效的主动防御机制来对抗 DeepFake,而不是简单地设计在实践中几乎无效的 DeepFake 检测方法。
更新日期:2020-09-22
中文翻译:
DeepTag:DeepFake Provenance 的强大图像标记
近年来,由于生成对抗网络 (GAN) 在图像合成方面的显着进步,DeepFake 正成为我们社会的共同威胁。不幸的是,现有的研究提出了各种方法来对抗 DeepFake,以确定面部图像是真是假,仍处于早期阶段。显然,当前的 DeepFake 检测方法难以赶上 GAN 的快速进步,尤其是在攻击者可以故意逃避检测的对抗性场景中,例如添加扰动以欺骗基于 DNN 的检测器。虽然被动检测只是告诉图像是假的还是真实的,但另一方面,DeepFake 的出处为在 DeepFake 取证中跟踪来源提供了线索。因此,管理员可以立即阻止跟踪的虚假图像,并避免在社交网络中进一步传播。在本文中,我们研究了图像标记在服务 DeepFake 出处方面的潜力。具体来说,我们设计了一种基于深度学习的方法,名为 DeepTag,具有简单而有效的编码器和解码器设计,可将消息嵌入到面部图像中,即在各种基于 GAN 的剧烈 DeepFake 转换后以高置信度恢复嵌入的消息。嵌入的消息可用于表示面部图像的身份,这进一步有助于 DeepFake 检测和出处。实验结果表明,我们提出的方法可以以接近 90% 的平均准确率恢复嵌入的消息。我们的研究结果证实了有效的隐私保护技术可以保护个人照片不被 DeepFake。因此,应该开发有效的主动防御机制来对抗 DeepFake,而不是简单地设计在实践中几乎无效的 DeepFake 检测方法。
京公网安备 11010802027423号