Check these out next
VOGIN-IP-lezing-Zeno_ geradts
22 Oct 2021•0 j'aime•684 vues
0 j'aime
Soyez le premier à aimer ceci
afficher plus
vues
Nombre de vues
0
Sur Slideshare
0
À partir des intégrations
0
Nombre d'intégrations
0
Télécharger pour lire hors ligne
Signaler
Internet
VOGIN-IP-lezing 2021 Zeno Geradts - Deepfakes en de authenticiteit van videomateriaal
voginipSuivre
Recommandé
IRJET - Deepfake Video Detection using Image Processing and Hashing ToolsIRJET Journal
Deep fakeelisetty pavan
DeepFake: Trick or TreatSamama Khan
DeepFake Detection: Challenges, Progress and Hands-on Demonstration of Techno...Symeon Papadopoulos
Deepfakes: An Emerging Internet Threat and their DetectionSymeon Papadopoulos
Deepfakes: Trick or Treat?Ian McCarthy
VOGIN-IP-lezing-Zeno_ geradts
- Deepfake en de authenticiteit van videomateriaal VOGIN ip-lezing Prof. dr. ing. Zeno Geradts zelftestenbestellen.nl zelftestenbestellen.nl
- › - Introduction NFI expertise AI4Forensics ICAI lab Deepfakes › Making deepfakes › Detecting deepfakes › Challenges : realtime deepfakes › Take home message Outline 2
- 3 Beeldonderzoek en Biometrie in het kort Herstel gewiste beelden: • Herstel de gewiste beelden op de harde schijf van de DVR • Herstel de gewiste beelden op de smartphone Authenticiteitsonderzoek: • Is het voertuig in de video geplakt? • Is de afgebeelde gebeurtenis een authentieke weergave van de werkelijkheid?
- 4 Beeldonderzoek en Biometrie in het kort Beeldverbetering: • Tweeluik • Maak details van persoon beter zichtbaar Bronbepaling foto/video: • Is de foto gemaakt met de inbeslaggenomen camera? • Welke foto’s in de verzameling zijn met dezelfde camera gemaakt?
- 5 Beeldonderzoek en Biometrie in het kort Fotogrammetrie: • Hoe hard reed de auto? • Hoe lang is de persoon? Vergelijking gezichtsbeelden: • Is de persoon in beeld de verdachte? • Is de persoon in beeld A dezelfde als de persoon in beeld B?
- Nieuws 6
- On line deepfake maker 7
- Faceswap booth 8
- Lip syncing app 9
- Everybody can deepfake Deepfacelab 10
- Make persons that do not exist thispersondoesnotexist.com 11
- Make cats that do not exist thiscatdoesnotexist.com 12
- Ambitie Creatie van een Forensisch AI lab binnen ICAI met de Universiteit van Amsterdam en het Nederlands Forensisch Instituut in samenwerking met verschillende stakeholders zoals de Nationale Politie, het Openbaar Ministerie, Rechters, en de Advocatuu om onderzoek te verrichten naar nieuwe AI technieken voor het forensisch veld
- Kansen invulling onderzoekers • Directe financiering • PhD Automotive met Politie • PhDs met Openbaar Ministerie / Zittende Magistratuur / FIOD / PIDS / BZK • Kansen voor additionale Nationale / EU subsidies • PhDs in andere EU projecten • NWO Data and Intelligence • AI Coalitie • Taal NAIN • Potentiele additionale samenwerking • Forensische radiologie en AI • Interpretatie van Fysische / Chemische beelden met AI • NTNU Noorwegen
- Basic principles
- Machine learning vs deep learning 16
- Recap: Autoencoder
- Basic approach
- Video forgeries - interframe forgery - intraframe forgery 19
- 20
- It was real 21
- 22 https://www.youtube.com/watch?v=dn ZNrp0-mF8
- It was a deepfake 23
- Some issues - the face is vague, especially at the edges - look to teeth, mouth and hair they are not detailed - audio is not synchronized with video - the body language is different from the way one should expect to speak - the light source is different 24
- Real time frame forgery With webcam a different background 25
- Manipulations of faces - face swap - face attributes - face expressions 26
- lip sync deepfake https://news.berkeley.edu/2019/06/18/researchers-use-facial-quirks-to-unmask- deepfakes/ 27
- Puppet master https://spectrum.ieee.org/tech-talk/computing/software/the-worlds-first-audit-of-deepfake-videos-and-tools-on-the-open-web 28
- Audio deepfake look at github 29
- Practical issues Access to the image; The skill level of the artist necessary to perform the manipulation; The time necessary to create the manipulation; The availability of software and hardware necessary to perform the manipulation; The level of fine detail in the image; and The complexity of the image content, such as physical interaction of people with one another and the environment. 30
- Best practices • Skin tones & textures • Skeletal structure • Flesh & muscle movement • Body-to-object contact • Skin-to-skin contact • Skin creases • Hair • Ears • Eyes • Reaction of subjects/objects to gravity and physics. • Continuity Issues •
- Video detection of forgeries • Same as images, also to metadata • Look to changes of scenes, detect differences • Time of recording ENF
- Other methods in research
- Biological signals heartbeat Heart Beat "Cardiocam: Technology for Non-Contact Multi-Parameter Physiologic Measurements". by Ming-Zher Optics Express, Vol. 18, Issue 10, pp. 10762-10774 (2010) doi:10.1364/OE.18.010762
- • Splicing • Copy/move forgery (C/M-F) • Contrast Enhancement (CE) • Resampling (RSa) • Articial Blur (AB) Manipulation types 35
- 36
- ? PRNU - Camera identification research disputed camera Reference cameras PRN U PRN U PRN U PRN U PRN U PRN U PRN U PRN U PRN U PRN U PRN U PRN U PRN U PRN U PRN U PRN U PRN U disputed photo PRN U PRN U PRN U PRN U PRN U PRN U PRN U PRN U PRN U PRN U 0.113 0.093 0.149 0.002 0.003 0.001 0.003 0.002 0.003 0.110 0.104 0.002 0.004 0.001 0.003 0.002 0.001 0.003 0.004 0.002 0.001 0.002 0.001 0.177 0.118 Disputed Disputed Ref cam 1 Ref cam 2 Ref cam 10 Ref cam 1 Ref cam 10
- How are Deepfakes made? ● Thousands of images of actor A and of actor B are needed for good results. ● Two autoencoders (A and B) are trained on these images. ● Autoencoder AB puts face of A on body of B
- Forensic Relevance ● Authenticate video evidence ● Technology widely accessible on the internet ● Easy to use for everyone through GUIs ● Authentication of videos is also important for journalism, social media, etc.
- Photo Response Non Uniformity (PRNU) analysis: Method ● ‘The fingerprint of the digital camera’ ● Manipulation can alter PRNU pattern ● Deepfake PRNU pattern less consistent throughout video compared to Authentic? ● Second order and Wavelet method ○ Second wave = faster ○ Wavelet = more reliable ● Cropped and uncropped ○ Increase % variability of PRNU
- PRNU analysis: Method
- PRNU analysis: Conclusions ● Second order > Wavelet method ○ Takes less time ○ Stronger correlation ○ More reliable correlation ● Second order cropped > Second order uncropped ○ Stronger correlation
- 44
- Deepfake 45
- 46
- real 47
- Detection methods
- Image based Extract and annotate each frame individually, then use a feedforward CNN to classify each frame. Training calculate/backpropagate each frame-wise loss Inference predict each frame, then aggregate over all frames to generate video-level prediction > detect manipulations by consulting spatial features
- Video based Extract and annotate frame windows, then use spatio-temporal model to predict frame windows. Training calculate/backpropagate loss associated with each frame-window Inference predict each frame window, then aggregate over all windows to generate video-level prediction > detect manipulations by consulting spatio-temporal features
- Why use video-based modeling? Image based methods work well on in-dataset evaluations But: cross-manipulation accuracy is low! A good detection method should be able to consider features that underlie all manipulation methods. Rossler et al. (2019) Li et al. (2019)
- Arms race Forensic research on deepfakes has a major disadvantage: Deep learning is data hungry > but we cannot wait for availability of training data for each manipulation method Need to find underlying weakness shared by all manipulations: > until now: all deepfake generators are image-based! > frame-to-frame consistencies are not enforced
- Data
- Celeb-DF - 5.639 high resolution deepfakes - generated by a single manipulation method - use kalman filter to increase between-frame correlations of facial landmarks - currently the most challenging set of Deepfakes available Li et al. (2019)
- DFDC - Deepfake Detection Challenge - 470GB of Deepfake material - multiple manipulation methods - diverse in backgrounds, lighting, ethnicity, gender and number of actors (with a subset or all actors manipulated) - unfortunately, most clips far from real-world quality Dolhansky et al. (2019)
- Real-world data - collected from the web - multiple, unknown manipulation methods - subject to pre- and postprocessing - handpicked, highest quality Deepfakes available
- Facebook 100.000 samples deepfakes / real 57
- Models
- EfficientNet Tan & Le (2019) • high performance on ImageNet & co • computationally manageable • available pre- trained on ImageNet • most frequently used model in high ranking teams DFDC
- Watch out for database that is used https://openaccess.thecvf.com/content/CVPR2021W/WMF/papers/Neekhara_Adversarial_Threats_to_DeepFake_Detection_A_Practical_Perspective_CVPRW_2021_paper.pdf 60
- Convolutional Recurrent Neural Networks Sabir et al (2019)
- Making your own deepfakes Try deepfacelab also https://github.com/iperov/DeepFaceLab for Windows
- Zelf testen 63
- Duckduckgoose • Deedetector 64
- Samenvatting • ICAI4Forensics lab samenwerking UvA / NFI in opbouw open voor meer PhDs ook op andere AI onderwerpen • Deepfakes worden steeds moeilijker te detecteren • Het maken wordt steeds makkelijker • Worden in de praktijk ook gebruikt fakenews, maar ook authentieke videos zijn moeilijk te detecteren of ze echt zijn • Fake personen eenvoudig te maken op sociale media 65
- Questions z.geradts@nfi.nl