Defeating DeepFakes via Adversarial Visual Reconstruction

摘要

Existing DeepFake detection methods focus on passive detection, i.e., they detect fake face images by exploiting the artifacts produced during DeepFake manipulation. These detection-based methods have their limitation that they only work for ex-post forensics but cannot erase the negative influences of DeepFakes. In this work, we propose a proactive framework for combating DeepFake before the data manipulations. The key idea is to find a well defined substitute latent representation to reconstruct target facial data, leading the reconstructed face to disable the DeepFake generation. To this end, we invert face images into latent codes with a well trained auto-encoder, and search the adversarial face embeddings in their neighbor with the gradient descent method. Extensive experiments on three typical DeepFake manipulation methods, facial attribute editing, face expression manipulation, and face swapping, have demonstrated the effectiveness of our method in different settings.

出版物
Proceedings of the 30th ACM International Conference on Multimedia
何子文
何子文
在读博士、联合指导

主要从事人工智能安全、对抗样本等方面的研究。

王伟
王伟
副研究员、硕导

主要从事多媒体内容安全、人工智能安全、多模态内容分析与理解等方面的研究工作。

管伟楠
管伟楠
在读博士、联合指导

主要以多模态信息不一致性检测为研究方向,开展研究生科研工作。

董晶
董晶
研究员、硕导

主要从事多媒体内容安全、人工智能安全、多模态内容分析与理解等方面的研究工作。详情访问:http://cripac.ia.ac.cn/people/jdong

谭铁牛
谭铁牛
研究员,博导

主要从事图像处理、计算机视觉和模式识别等相关领域的研究工作,目前的研究主要集中在生物特征识别、图像视频理解和信息内容安全等三个方向。