Jointly Defending DeepFake Manipulation and Adversarial Attack Using Decoy Mechanism

Guan Lin Chen, Chih Chung Hsu

研究成果: Article同行評審

1 引文 斯高帕斯(Scopus)


Highly realistic imaging and video synthesis have become possible and relatively simple tasks with the rapid growth of generative adversarial networks (GANs). GAN-related applications, such as DeepFake image and video manipulation and adversarial attacks, have been used to disrupt and confound the truth in images and videos over social media. DeepFake technology aims to synthesize high visual quality image content that can mislead the human vision system, while the adversarial perturbation attempts to mislead the deep neural networks to a wrong prediction. Defense strategy becomes difficult when adversarial perturbation and DeepFake are combined. This study examined a novel deceptive mechanism based on statistical hypothesis testing against DeepFake manipulation and adversarial attacks. First, a deceptive model based on two isolated sub-networks was designed to generate two-dimensional random variables with a specific distribution for detecting the DeepFake image and video. This research proposes a maximum likelihood loss for training the deceptive model with two isolated sub-networks. Afterward, a novel hypothesis was proposed for a testing scheme to detect the DeepFake video and images with a well-trained deceptive model. The comprehensive experiments demonstrated that the proposed decoy mechanism could be generalized to compressed and unseen manipulation methods for both DeepFake and attack detection.

頁(從 - 到)9922-9931
期刊IEEE Transactions on Pattern Analysis and Machine Intelligence
出版狀態Published - 2023 8月 1

All Science Journal Classification (ASJC) codes

  • 軟體
  • 電腦視覺和模式識別
  • 計算機理論與數學
  • 人工智慧
  • 應用數學


深入研究「Jointly Defending DeepFake Manipulation and Adversarial Attack Using Decoy Mechanism」主題。共同形成了獨特的指紋。