Exploring Strengths and Weaknesses of Super-Resolution Attack in Deepfake Detection

Authors: Davide Alessandro Coccomini, Roberto Caldelli, Fabrizio Falchi, Claudio Gennaro, Giuseppe Amato

Published: 2024-10-05 15:47:34+00:00

AI Summary

This paper explores the effectiveness of super-resolution (SR) attacks on deepfake detectors. The authors investigate the impact of different SR techniques and scales on detector performance across various datasets, finding that SR effectively hides artifacts in real image deepfakes but not in fully synthetic images. They also propose improvements to detector training to enhance robustness against SR attacks.

Abstract

Image manipulation is rapidly evolving, allowing the creation of credible content that can be used to bend reality. Although the results of deepfake detectors are promising, deepfakes can be made even more complicated to detect through adversarial attacks. They aim to further manipulate the image to camouflage deepfakes' artifacts or to insert signals making the image appear pristine. In this paper, we further explore the potential of super-resolution attacks based on different super-resolution techniques and with different scales that can impact the performance of deepfake detectors with more or less intensity. We also evaluated the impact of the attack on more diverse datasets discovering that the super-resolution process is effective in hiding the artifacts introduced by deepfake generation models but fails in hiding the traces contained in fully synthetic images. Finally, we propose some changes to the detectors' training process to improve their robustness to this kind of attack.