Study Suggests Deepfakes Fool Top Facial Recognition Tech

Deepfakes, in which a person in a video is swapped for another person via AI-enabled tools, are on the rise. Deeptrace reported that, between October 2019 and June 2020, the number of deepfakes on the Internet jumped 330 percent, reaching 50,000 at the peak. Deepfakes have been used to place celebrities in embarrassing and inappropriate content, defraud a major energy producer and many other disruptive or criminal uses. Tools to create deepfakes are readily available, and a recent study said deepfakes can reliably fool commercial facial recognition services.

VentureBeat reports that, “in a paper published on the preprint server Arvix.org, researchers at Sungkyunkwan University in Suwon, South Korea demonstrate that APIs from Microsoft and Amazon can be fooled with commonly used deepfake-generating methods.” More specifically, Microsoft’s Azure Cognitive Services “was fooled by up to 78 percent of the deepfakes the coauthors fed it.”

Amazon Rekognition mistook a deepfake for a celebrity 68.7 percent of the time. The researchers concluded that its study “can shed light on better designing robust web-based APIs, as well as appropriate defense mechanisms, which are urgently needed to fight against malicious use of deepfakes.”

To trick facial recognition services, “the researchers used AI models trained on five different datasets — three publicly available and two that they created themselves — containing the faces of Hollywood movie stars, singers, athletes, and politicians” to create 8,119 deepfakes. They then “extracted faces in the deepfakes’ video frames and had the services attempt to predict which celebrity was pictured.”

In addition to being fooled by deepfakes, “Rekognition misclassified deepfakes of a celebrity as another real celebrity 40 percent of the time and gave 902 out of 3,200 deepfakes higher confidence scores than the same celebrity’s real image.” With Azure Cognitive Services, “the researchers successfully impersonated 94 out of 100 celebrities in one of the open source datasets.”

The researchers also warned that, “voice and video deepfake technologies can be combined to create multimodal deepfakes and used to carry out more powerful and realistic phishing attacks … [and] if the commercial APIs fail to filter the deepfakes on social media, it will allow the propagation of false information and harm innocent individuals.”

Microsoft vice president of customer security and trust Tom Burt wrote that, “as all AI detection methods have rates of failure, we have to understand and be ready to respond to deepfakes that slip through detection methods … thus, in the longer term, we must seek stronger methods for maintaining and certifying the authenticity of news articles and other media.”

Vice reports that the deepfake Tom Cruise videos, posted on the @deeptomcruise TikTok account were the work of Belgian VFX artist Chris Ume, part of a team assembled by “South Park” creators Trey Parker and Matt Stone, and involved the help of Tom Cruise impersonator Miles Fisher. In other words, they took “a lot of time, technical expertise, and the skilled performance of a real actor.”

WITNESS program director Sam Gregory noted that the Tom Cruise deepfake gives the idea that it’s easy to create a successful one. “We are simply not surrounded by deepfakes,” he said. “We live in a world with a lot of shallowfakes — simple, miscontextualized, or edited videos.”

Related:
Your Loved Ones, and Eerie Tom Cruise Videos, Reanimate Unease With Deepfakes, The New York Times, 3/10/21