‘Deepfakes’ are computationally created entities that falsely represent reality. They can take image, video, and audio modalities, and pose a threat to many areas of systems and societies, comprising a topic of interest to various aspects of cybersecurity and cybersafety. In 2020, a workshop consulting AI experts from academia, policing, government, the private sector, and state security agencies ranked deepfakes as the most serious AI threat. These experts noted that since fake material can propagate through many uncontrolled routes, changes in citizen behaviour may be the only effective defence. This study aims to assess human ability to identify image deepfakes of human faces (these being uncurated output from the StyleGAN2 algorithm as trained on the FFHQ dataset) from a pool of non-deepfake images (these being random selection of images from the FFHQ dataset), and to assess the effectiveness of some simple interventions intended to improve detection accuracy. Using an online survey, participants (N = 280) were randomly allocated to one of four groups: a control group, and three assistance interventions. Each participant was shown a sequence of 20 images randomly selected from a pool of 50 deepfake images of human faces and 50 images of real human faces. Participants were asked whether each image was AI-generated or not, to report their confidence, and to describe the reasoning behind each response. Overall detection accuracy was only just above chance and none of the interventions significantly improved this. Of equal concern was the fact that participants’ confidence in their answers was high and unrelated to accuracy. Assessing the results on a per-image basis reveals that participants consistently found certain images easy to label correctly and certain images difficult, but reported similarly high confidence regardless of the image. Thus, although participant accuracy was 62% overall, this accuracy across images ranged quite evenly between 85 and 30%, with an accuracy of below 50% for one in every five images. We interpret the findings as suggesting that there is a need for an urgent call to action to address this threat.

中文翻译：

---

测试人类检测“深度伪造”人脸图像的能力

“Deepfakes”是通过计算创建的实体，错误地代表了现实。它们可以采用图像、视频和音频形式，并对系统和社会的许多领域构成威胁，包括网络安全和网络安全各个方面感兴趣的主题。2020 年，一个咨询来自学术界、警察、政府、私营部门和国家安全机构的人工智能专家的研讨会将深度造假列为最严重的人工智能威胁。这些专家指出，由于虚假材料可以通过许多不受控制的途径传播，因此改变公民行为可能是唯一有效的防御措施。本研究旨在评估人类从非深度伪造图像池（从 FFHQ 数据集中随机选择图像）中识别人脸图像深度伪造（这些是在 FFHQ 数据集上训练的 StyleGAN2 算法的未经策划的输出）的能力，并评估一些旨在提高检测准确性的简单干预措施的有效性。通过在线调查，参与者 (N = 280) 被随机分配到四组之一：对照组和三项援助干预措施。向每位参与者展示了从 50 张深度伪造人脸图像和 50 张真实人脸图像中随机选择的 20 张图像序列。参与者被问及每张图像是否是人工智能生成的，以报告他们的信心，并描述每个答案背后的原因。总体检测准确性仅略高于偶然性，并且没有任何干预措施能够显着改善这一点。同样令人担忧的是，参与者对自己答案的信心很高，并且与准确性无关。对每个图像的结果进行评估表明，参与者始终发现某些图像易于正确标记，而某些图像则很难，但无论图像如何，都报告了类似的高置信度。因此，虽然参与者的总体准确度为 62%，但图像的准确度相当均匀地分布在 85% 到 30% 之间，每五张图像中就有一张的准确度低于 50%。我们将调查结果解读为表明需要紧急呼吁采取行动来应对这一威胁。同样令人担忧的是，参与者对自己答案的信心很高，并且与准确性无关。对每个图像的结果进行评估表明，参与者始终发现某些图像易于正确标记，而某些图像则很难，但无论图像如何，都报告了类似的高置信度。因此，虽然参与者的总体准确度为 62%，但图像的准确度相当均匀地分布在 85% 到 30% 之间，每五张图像中就有一张的准确度低于 50%。我们将调查结果解读为表明需要紧急呼吁采取行动来应对这一威胁。同样令人担忧的是，参与者对自己答案的信心很高，并且与准确性无关。对每个图像的结果进行评估表明，参与者始终发现某些图像易于正确标记，而某些图像则很难，但无论图像如何，都报告了类似的高置信度。因此，虽然参与者的总体准确度为 62%，但图像的准确度相当均匀地分布在 85% 到 30% 之间，每五张图像中就有一张的准确度低于 50%。我们将调查结果解读为表明需要紧急呼吁采取行动来应对这一威胁。但无论图像如何，都报告了同样高的置信度。因此，虽然参与者的总体准确度为 62%，但图像的准确度相当均匀地分布在 85% 到 30% 之间，每五张图像中就有一张的准确度低于 50%。我们将调查结果解读为表明需要紧急呼吁采取行动来应对这一威胁。但无论图像如何，都报告了同样高的置信度。因此，虽然参与者的总体准确度为 62%，但图像的准确度相当均匀地分布在 85% 到 30% 之间，每五张图像中就有一张的准确度低于 50%。我们将调查结果解读为表明需要紧急呼吁采取行动来应对这一威胁。