Deepfake detection is formulated as a hypothesis testing problem to classify an image as genuine or GAN-generated. A robust statistics view of GANs is considered to bound the error probability for various GAN implementations in terms of their performance. The bounds are further simplified using a Euclidean approximation for the low error regime. Lastly, relationships between error probability and epidemic thresholds for spreading processes in networks are established.

Manipulating video content is easier than ever. Due to the misuse potential of manipulated content, multiple detection techniques that analyze the pixel data from the videos have been proposed. However, clever manipulators should also carefully forge the metadata and auxiliary header information, which is harder to do for videos than images. In this paper, we propose to identify forged videos by analyzing their multimedia stream descriptors with simple binary classifiers, completely avoiding the pixel space. Using well-known datasets, our results show that this scalable approach can achieve a high manipulation detection score if the manipulators have not done a careful data sanitization of the multimedia stream descriptors.

From TV news to Google StreetView, face obscu- ration has been used for privacy protection. Due to recent advances in the field of deep learning, ob- scuration methods such as Gaussian blurring and pixelation are not guaranteed to conceal identity. In this paper, we propose a utility-preserving gen- erative model, UP-GAN, that is able to provide an effective face obscuration, while preserving facial utility. By utility-preserving we mean pre- serving facial features that do not reveal identity, such as age, gender, skin tone, pose, and expres- sion. We show that the proposed method achieves a better performance than the common obscura- tion methods in terms of obscuration and utility preservation.

The recent increase in social media based pro- paganda, i.e., ‘fake news’, calls for automated methods to detect tampered content. In this paper, we focus on detecting tampering in a video with a person speaking to a camera. This form of ma- nipulation is easy to perform, since one can just replace a part of the audio, dramatically chang- ing the meaning of the video. We consider sev- eral detection approaches based on phonetic fea- tures and recurrent networks. We demonstrate that by replacing standard MFCC features with embeddings from a DNN trained for automatic speech recognition, combined with mouth land- marks (visual features), we can achieve a signif- icant performance improvement on several chal- lenging publicly available databases of speakers (VidTIMIT, AMI, and GRID), for which we gen- erated sets of tampered data. The evaluations demonstrate a relative equal error rate reduction of 55% (to 4.5% from 10.0%) on the large GRID corpus based dataset and a satisfying generaliza- tion of the model on other datasets.

This paper evaluates the effectiveness of a Cycle- GAN based voice converter (VC) on four speaker identification (SID) systems and an automated speech recognition (ASR) system for various pur- poses. Audio samples converted by the VC model are classified by the SID systems as the intended target at up to 46% top-1 accuracy among more than 250 speakers. This encouraging result in imitating the target styles led us to investigate if converted (synthetic) samples can be used to improve ASR training. Unfortunately, adding syn- thetic data to the ASR training set only marginally improves word and character error rates. Our re- sults indicate that even though VC models can successfully mimic the style of target speakers as measured by SID systems, improving ASR train- ing with synthetic data from VC systems needs further research to establish its efficacy.