Adversarial Attack on Deepfake Detection Using RL Based Texture Patches
Abstract
The advancements in GANs have made creating deepfake videos a relatively easy task. Considering the threat that deepfake videos pose for manipulating political opinion, recent research has focused on ways to better detect deepfake videos. Even though researchers have had some success in detecting deepfake videos, it has been found that these detection systems can be attacked. The key contributions of this paper are (a) a deepfake dataset created using a commercial website, (b) validation of the efficacy of DeepExplainer and heart rate detection from the face for differentiating real faces from adversarial attacks, and (c) the proposal of an attack on the FaceForensics++ deepfake detection system using a state-of-the-art reinforcement learning-based texture patch attack. To the best of our knowledge, we are the first to successfully attack FaceForensics++ on our commercial deepfake dataset and DeepfakeTIMIT dataset.
Cite
Text
Fernandes and Jha. "Adversarial Attack on Deepfake Detection Using RL Based Texture Patches." European Conference on Computer Vision Workshops, 2020. doi:10.1007/978-3-030-66415-2_14Markdown
[Fernandes and Jha. "Adversarial Attack on Deepfake Detection Using RL Based Texture Patches." European Conference on Computer Vision Workshops, 2020.](https://mlanthology.org/eccvw/2020/fernandes2020eccvw-adversarial/) doi:10.1007/978-3-030-66415-2_14BibTeX
@inproceedings{fernandes2020eccvw-adversarial,
title = {{Adversarial Attack on Deepfake Detection Using RL Based Texture Patches}},
author = {Fernandes, Steven Lawrence and Jha, Sumit Kumar},
booktitle = {European Conference on Computer Vision Workshops},
year = {2020},
pages = {220-235},
doi = {10.1007/978-3-030-66415-2_14},
url = {https://mlanthology.org/eccvw/2020/fernandes2020eccvw-adversarial/}
}