Fake it till you make it? Deepfakes, Deception, and a path to Detection
What is a deepfake?
Deepfakes, a term frequently mentioned in contemporary discussions, often conjure images of a frightening present or future where individuals can be manipulated into saying or doing anything, regardless of its basis in reality. Utilizing artificial intelligence to generate images or videos, deepfakes can depict virtually anything, even implausible scenarios like President Joe Biden laughing and playing poker with North Korea’s Supreme Leader, Kim Jong Un. While such a video might not be widely believed, there are more plausible deepfakes that could have serious political implications, such as a fabricated video of Joe Biden or one of his associates meddling with the 2020 election results. Although image and video manipulations have been possible with software like Photoshop for some time, the integration of artificial intelligence makes these tools even more potent, accessible, and difficult to detect. Deepfakes, a term derived from “fake” and “deep learning,” are generated using artificial neural networks trained on extensive datasets of target individuals and objects to create counterfeit representations.[i]
While the potential to deceive and exploit human perception may be alarming, it is crucial to remember that the technology itself is only as menacing as the individuals who wield it. And for one bad actor, there will always be five good actors trying to protect against harm. Moreover, although it is natural to focus on those with malicious intent, many others use deepfake technology for positive purposes. These applications include creating content for entertainment, which might involve a degree of deception, but ultimately seeks to amuse and engage audiences.
Look at this funny video of Jerry Seinfeld in Pulp Fiction.
So how are deepfakes created? What is the role of deep learning and artificial intelligence in generating falsified media?
Deepfakes are typically created using Generative Adversarial Networks (GANs), which consist of two competing neural networks: a generator and a discriminator. The generator produces new images, while the discriminator aims to determine if they are real or fake. As the generator learns to create images that can deceive the discriminator, the discriminator becomes better at distinguishing real from fake content. This process results in increasingly convincing deepfakes that are difficult to differentiate from authentic material.
In their paper “DeepFakes and Beyond — A Survey of Face Manipulation and Fake Detection,” Toscana et al. discuss GANs’ central role in advancing deepfake technology. The authors explore various deepfake techniques, including facial manipulation, attribute manipulation, expression swap, full face synthesis, and identity swap, all of which involve different GAN styles.[i] They examine ProGAN and StyleGAN in depth. StyleGAN is an improved version of ProGAN that incorporates a new training methodology to enhance both the generator and discriminator.[ii]While the basic architecture of the two networks remains the same, StyleGAN updates the discriminator architecture to an automatically learned, unsupervised version that can differentiate high-level attributes like pose and identity from finer details such as hair and nose shape. This enables more precise control of image manipulation and creation. Such advancements in GAN architecture and deep learning, combined with access to extensive public databases, have led to remarkably accurate and increasingly accessible deepfake creations. These innovations simplify anything from altering age, color, and gender to replacing entire faces or generating entirely new, nonexistent faces.
Of all these deepfake manipulation styles, face swapping is the most prevalent application of deepfake technology. The researchers investigate recent updates and new databases aimed at enhancing the quality of these deepfakes. FaceForensics++, a first-generation database introduced in early 2019, contains 1000 real videos and 1000 identity-swap fake videos generated with computer graphics and deepfake methods using GAN architecture.[iii] Second-generation datasets, such as Celeb-DF and DeepFakeDetection, comprise higher-quality fake videos characterized by improved resolution, lighting conditions, and variability compared to their first-generation counterparts.
DeepFaceLab (DFL), an open-source project initiated in 2018, produces high-quality deepfake images and videos primarily for entertainment purposes. In “DeepFaceLab: Integrated, flexible and extensible face-swapping framework,” the researchers present the project and its framework for simplifying photorealistic face swapping (which has garnered over 100 million hits). Users merely need to select the source and destination videos. DeepFaceLab is convenient, flexible, scalable with its large datasets, and robust in its processing capabilities. The algorithm workflow begins with extraction, which detects, aligns, and segments faces from both source and target videos. The training phase, crucial for achieving photorealistic face-swapping results, employs two structures, LIAE and DF, to maintain the fidelity and perceptual quality of generated content. Weights are assigned to specific facial regions, such as the eyes, to ensure that the generated face exhibits clear features. During conversion, the input pair is passed through an encoder, inter, and destination decoder before being realigned to produce the deepfake. Finally, the image is blended, and features are sharpened to ensure a realistic appearance.
Take a look at this deepfake video. It is incredibly realistic and entertaining.
So how are these deepfake technology being used in the real world?
DeepFaceLab is already being used by everyday people to create amusing TikTok videos, like the ones above.[iv]As this technology becomes more widespread, it will likely permeate various industries, particularly creative ones like Hollywood. While deepfake applications range from innocuous to alarming, they also offer numerous benefits. In the film industry, styleGAN and tools like DeepFaceLab can be employed to create entirely novel characters on screen, offering post-production solutions, saving time and money, and enhancing efficiency. Deepfakes could even facilitate the creation of modern films featuring deceased actors, such as another Black Panther movie with Chadwick Boseman or a new Audrey Hepburn film. Truly miraculous!
Deepfake applications and websites like Lensa, Dall-E, FaceApp, and DeepFaceLab enable users to generate comedic, creative, and generally harmless content with their smartphones. Dall-E, developed by OpenAI, uses contrastive models trained on text-image pairs to generate images based on textual input, unlocking creative possibilities for art and design.[v] Recently, it added a feature where users can input pictures for the algorithm to manipulate and produce an outputted image. Although Dall-E does not exactly fall in the deepfake category, its generative capacity could be used to create deepfakes.
As an experiment, I tested both of these features out. First, I imputed an image of myself to see what Dall-E would output. It generated an image of me with an extremely distorted face. I then prompted Dall-E to create “A group of Harvard students wearing crimson-colored capes and wielding swords, charging across a battlefield towards a group of Yale students in blue armor.” The network works by taking this textual prompt, mapping it to a set of visual features, and generating a series of images that align visually with the description. It then decodes these representations into a coherent image. Although the resulting image is impressive and consistent with the prompt, the characters are faceless. To prevent harmful content, Dall-E restricts users from generating images with human faces, regardless of how generic they may be. This explains why my face was utterly unrecognizable. While this safeguard affects the type and quality of content produced, it highlights the potential pitfalls of such technology. Animal faces are not affected, however. The Shih Tzu’s face, shown below, looks excellent and resembles my late dog, Finn.
Ok so what about the downside?
Naturally, along with the remarkable positive innovations resulting from such profound technology, there exists a set of equally astounding yet more sinister creations made possible. Starting with the least harmful implication of deepfakes, a new category of copyright infringements — like using someone’s likeness — will occur. Laws are already in place to protect people’s original work or identity, but the film industry, for example, could see deepfakes used to represent an actor without their consent. In music, deepfake audio might create new songs using an artist’s voice, beats, or writing style. These new deepfake versions — of people, of art, of music — could act to replace us and our creativeness.
More concerning is the use of deepfakes used to impersonate individuals, leading to improved catfishing, identity theft, or impersonation. Deepfake technology can undoubtedly pose risks to individuals’ privacy, reputation, and security. Even more alarming is the use of deepfakes in creating and producing pornography. Without consent, a person’s likeness could be superimposed onto explicit material, generating fake and violating content. Interestingly, face synthesis could be employed to protect the identities of adult film stars or others who wish to remain anonymous. Deepfakes could misrepresent anyone, from politicians and executives to ordinary people, damaging reputations and undermining personal agency. The idea that anyone can create a video depicting someone saying or doing anything and present it to the world as fact is a genuinely frightening concept. It instills not only unease and stress regarding what could be created about an individual, but also skepticism and distrust in media. Presently, with the technology used fairly infrequently, people tend to trust what they see. The question remains whether that will change in the future and what can be done to ensure that it does not.
This is precisely why detection is so critical. Simply put, deepfakes, due to their inherent ability to deceive and fool humans, have the potential to cause harm. They are masters of deception, quite literally. The primary purpose of deepfakes is to convince humans and their visual systems that what they are seeing is real, even if it is not. Such deception can be entertaining at times, but when created with impure and malicious intent, it can instill doubt, erode trust, generate fear, and threaten safety and privacy.
The failure of biological vision
Why is it that people’s visual systems can be deceived by deepfakes? What distinguishes instances when people can detect a deepfake from those when they cannot? Although the answers to these questions may seem intuitive, examining them through the lens of the biological visual system and its processing of stimuli is intriguing. Broadly speaking, visual processing integrates bottom-up processing with top-down modulation to not only process visual stimuli but also contextualize inputs in relation to higher-level cognition such as attention, memory, expectations, and more.
Bottom-up processing involves the visual system taking in visual stimuli from the environment and processing it hierarchically, starting with the most basic elements and building upon them to create more complex representations of the visual scene.[vi] Firstly, light enters the eye and is processed by rods and cones in the retina. Then the visual information is fed to the primary visual cortex (V1). In the early stages of visual processing in the brain, simple cells detect edges, lines, and shadows to gather the necessary pieces for constructing a perspective image.[vii] Deepfakes can have flaws at this level of feature details, such as fuzzy edges or misplaced shadows, which simple cells may detect. Information collected by simple cells is then passed to complex cells, where details of orientation, color, and spatial frequency are combined. It is here that more detailed and complex representations start to take shape. Inconsistencies in natural colors or oddly oriented facial features are some deepfake signals that might be picked up at this stage of processing. Next, more complex information like motion, object and face recognition, and color vision are processed in higher-order visual areas. While the human visual system is capable of detecting deepfakes, it may struggle to distinguish between real and fake when deepfakes are perfected.
Top-down modulation, where non-visual cues inform and influence visual processing, could be helpful when the details of a deepfake are indistinguishable from its real counterpart. Contextual information could prompt skepticism in what the eyes perceive during and after perceptual construction. Top-down processing integrates knowledge, memory, context, and expectations in perceiving and understanding visual stimuli.[viii] For deepfakes, this could involve identifying inconsistencies in the scene’s context or noticing uncharacteristic facial expressions or movements in familiar people.
Numerous studies, including one titled “Effect of Familiarity on the Processing of Human Faces,” which used PET scans for investigation, have shown that the brain processes familiar faces differently from unknown ones.[ix] The brain tends to process familiar faces more holistically and rapidly, as it has already formed an understanding of what that face should look like. Top-down processing plays a more significant role in facial recognition of known individuals than in unknown ones. Consequently, it is likely easier to spot a deepfake featuring a familiar person than an unfamiliar one due to the additional contextual information that informs visual processing.
Interestingly, the study mentioned earlier revealed that the amygdala exhibits stronger activation in response to unknown faces. Contrary to expectations, familiar faces do not necessarily evoke strong emotions. However, when presented with familiar faces, additional brain regions activate to bring in contextual information about the person’s identity and emotional associations. Therefore, top-down modulation plays a critical role and can help scrutinize unfettered visual inputs. For example, if one sees a video of Putin expressing love for the Ukrainian people, they would likely question the video’s authenticity. Top-down modulation and the inclusion of contextual information would cast doubt on the video’s genuineness.
Nevertheless, when all aspects align, from the edges and facial features of the deepfake to the video’s context and the viewer’s knowledge of a person’s identity, the biological system will likely be fooled.
Once again, AI has an artificial solution
Leveraging technology to verify real content and flag fake content is essential in addressing the challenges posed by deepfakes. The ongoing cat-and-mouse game of deepfake detection is likely to continue, as efforts to improve detection methods persist alongside attempts to maintain transparency. As deepfake technology becomes more advanced and widely available, the importance of detection increases.
“DeepFakes and Beyond” delves into this pursuit in detail, emphasizing the critical need for enhancing detection technology to combat the negative impacts of deepfakes. One notable advancement lies in GAN technology.[x] Currently, StyleGAN leaves GAN fingerprints on deepfakes, making them easily identifiable. However, a recent innovation called GANprintR can now remove these fingerprints, highlighting the necessity for continuous advancements to ensure detectability. The authors also discuss other novel detection approaches using GANs, deep learning features such as CNN, and incremental learning. One approach involves color analysis, which capitalizes on the distinct color differences between real camera images and fake synthetic images. Another innovative method, FakeSpotter, tracks neuronal activation patterns in response to images and has proven to be significantly more accurate than color detection.
The two most accurate detection approaches to date involve GAN and deep learning, respectively. The GAN approach analyzes convolution traces in images, while the deep learning solution employs an autoencoder to conduct a thorough analysis of face manipulations. These methods boast 99.8% and 100% accuracy within the context in which they were trained.[xi] However, when applied to real-world situations, their accuracy declines significantly. They struggle to adapt and process images that have undergone common manipulations such as compression, resizing, and editing.
The development of robust deepfake detection technology remains crucial in the fight against malicious uses of deepfakes. As the technology behind deepfake creation evolves, so must the methods employed to detect and counteract them. The pursuit of innovative and adaptable detection techniques is essential in preserving transparency and trust in digital media.
What Now?
Once again, we find ourselves grappling with the challenge of deepfake detection, as both artificial and biological visual systems can be successfully deceived. The ongoing struggle to develop effective detection methods requires significant time and investment. Interestingly, GAN architecture, with its use of adversarial networks, helps address this issue, as improvements in generating deepfakes are inherently linked to advancements in detection. While this relationship is limited to GAN architecture, it is a fascinating aspect worth noting.
It is evident that solutions beyond artificial intelligence must be explored to tackle this problem. One such approach mirrors a recent initiative by Twitter, called Community Notes, aimed at combating the spread of misinformation on its platform. This crowd-sourced method allows contributors to add notes to tweets, with everyday users voting on the helpfulness of these notes. If deemed helpful by enough users, the note becomes publicly visible on the tweet.[xii]Applying a similar concept to image and video content could empower the collective to verify and detect deepfakes. For instance, if a deepfake video featuring an individual surfaced, that person could add a note declaring the content fake. If those familiar with the person voted the note as “helpful,” it could be attached to the video, warning future viewers of its deceptive nature. Computer vision could also act as a moderator, detecting fake content and adding community notes for public evaluation. However, for more harmful content like non-consensual pornography, community notes might not be a sufficient deterrent to protect individuals and communities.
Blockchain technology, with its goal of increasing visibility and transparency, could be another means of labeling and tracking deepfakes. The decentralized and tamper-proof nature of the technology makes it an effective way to verify the authenticity of information. Each image or video could be assigned a unique hash (a digital fingerprint) and registered on the blockchain, allowing users to verify content authenticity by comparing hashes.[xiii]
These technologies are not foolproof, but they could help address the issue. Just as human vision has limitations, so do artificial vision and technology. Bad actors will always find ways to cause harm, but deepfakes also have the potential to bring about positive change. The fact that we can generate novel content and transform images and videos using artificial intelligence is remarkable. Deepfakes can entertain, educate, and fuel innovation, with generative AI offering revolutionary applications in business, media, art, politics, and more. Although deepfakes can undoubtedly cause harm, widespread efforts — such as detection tools, law enforcement, and community notes — augmented by artificial intelligence, can help mitigate this. For all the negative aspects, deepfakes also present a wealth of positive possibilities.
[i] The Verge. (2018, May 22). Deepfakes, explained. Retrieved from https://www.theverge.com/2018/5/22/17380306/deepfake-definition-ai-manipulation-fake-news
[i] Tolosana, R., Vera-Rodriguez, R., Fierrez, J., Morales, A., & Ortega-Garcia, J. (2020). DeepFakes and Beyond: A Survey of Face Manipulation and Fake Detection. IEEE Access, 8, 36379–36403. https://doi.org/10.1109/ACCESS.2020.2978871
[ii] Tolosana, R., Vera-Rodriguez, R., Fierrez, J., Morales, A., & Ortega-Garcia, J. (2020). DeepFakes and Beyond: A Survey of Face Manipulation and Fake Detection. IEEE Access, 8, 36379–36403. https://doi.org/10.1109/ACCESS.2020.2978871
[iii] Tolosana, R., Vera-Rodriguez, R., Fierrez, J., Morales, A., & Ortega-Garcia, J. (2020). DeepFakes and Beyond: A Survey of Face Manipulation and Fake Detection. IEEE Access, 8, 36379–36403. https://doi.org/10.1109/ACCESS.2020.2978871
[iv] Petrov, I., Gas, D., Chervoniy, N., Liu, K., Marangonda, S., Ume, C., Jiang, J., RP, L., Zhang, S., Wu, P., & Zhang, W. (2020). DeepFaceLab: Integrated, flexible and extensible face-swapping framework. arXiv preprint arXiv:2005.05535.
[v] Vincent, J. (2021, March 8). OpenAI creates ‘adversarial’ writing tool to combat neural text tricks. The Verge. Retrieved from https://www.theverge.com/2021/3/8/22319173/openai-machine-vision-adversarial-typographic-attacka-clip-multimodal-neuron
[vi] Connor, C. E., Egeth, H. E., & Yantis, S. (2004). Visual attention: Bottom-up versus top-down. Current Biology, 14(19), R850-R852. doi: 10.1016/j.cub.2004.09.041
[vii] Hubel, D. H., & Wiesel, T. N. (1962). Receptive fields and functional architecture of monkey striate cortex. The Journal of Physiology, 160(1), 106–154. https://doi.org/10.1113/jphysiol.1962.sp006837
[viii] Connor, C. E., Egeth, H. E., & Yantis, S. (2004). Visual attention: Bottom-up versus top-down. Current Biology, 14(19), R850-R852. doi: 10.1016/j.cub.2004.09.041
[ix] Dubois, S., Rossion, B., Schiltz, C., Bodart, J. M., Michel, C., Bruyer, R., & Crommelinck, M. (1999). Effect of familiarity on the processing of human faces. Neuropsychologia, 37(6), 671–678.
[x] Tolosana, R., Vera-Rodriguez, R., Fierrez, J., Morales, A., & Ortega-Garcia, J. (2020). DeepFakes and Beyond: A Survey of Face Manipulation and Fake Detection. IEEE Access, 8, 36379–36403. https://doi.org/10.1109/ACCESS.2020.2978871
[xi] Tolosana, R., Vera-Rodriguez, R., Fierrez, J., Morales, A., & Ortega-Garcia, J. (2020). DeepFakes and Beyond: A Survey of Face Manipulation and Fake Detection. IEEE Access, 8, 36379–36403. https://doi.org/10.1109/ACCESS.2020.2978871
[xii] https://help.twitter.com/en/using-twitter/community-notes
[xiii] How to use the power of blockchain to combat deepfake videos. (2019, March 22). Open Democracy. Retrieved from https://www.opendemocracy.net/en/democraciaabierta/cómo-usar-el-poder-de-blockchain-para-combatir-videos-deepfake-en/