Social media authentication and combating Deepfakes using semi-fragile invisible image watermarking
Nadimpalli, Aakash Varma Rattani, Ajita
Nadimpalli, Aakash Varma
Rattani, Ajita
Citations
Altmetric:
Other Names
Location
Time Period
Advisors
Original Date
Digitization Date
Issue Date
2024-12-09
Type
Article
Genre
Keywords
Deepfakes,Facial manipulations,Media authentication,Watermarking
Subjects (LCSH)
Citation
Aakash Varma Nadimpalli and Ajita Rattani. 2024. "Social Media Authentication and Combating Deepfakes Using Semi-Fragile Invisible Image Watermarking". Digit. Threat. Res. Pract. 5, 4, Article 40 (December 2024), 30 pages.
Abstract
With the significant advances in deep generative models for image and video synthesis, Deepfakes and manipulated media have raised severe societal concerns. Conventional machine learning classifiers for deepfake detection often fail to cope with evolving deepfake generation technology and are susceptible to adversarial attacks. Alternatively, invisible image watermarking is being researched as a proactive defense technique that allows media authentication by verifying an invisible secret message embedded in the image pixels. A handful of invisible image watermarking techniques introduced for media authentication have proven vulnerable to basic image processing operations and watermark removal attacks. In response, we have proposed a semi-fragile image watermarking technique that embeds an invisible secret message into real images for media authentication. Our proposed watermarking framework is designed to be fragile to facial manipulations or tampering while being robust to benign image-processing operations and watermark removal attacks. This is facilitated through a unique architecture of our proposed technique consisting of critic and adversarial networks that enforce high image quality and resiliency to watermark removal efforts, respectively, along with the backbone encoder-decoder and the discriminator networks. This allows images shared over the Internet to retain the verifiable watermark as long as facial manipulations or any other Deepfake modification technique is not applied. Thorough experimental investigations on SOTA facial Deepfake datasets demonstrate that our proposed model can embed a -bit secret as an imperceptible image watermark that can be recovered with a high-bit recovery accuracy when benign image processing operations are applied while being non-recoverable when unseen Deepfake manipulations are applied. In addition, our proposed watermarking technique demonstrates high resilience to several white-box and black-box watermark removal attacks. Thus, obtaining state-of-the-art performance. © 2024 Copyright held by the owner/author(s).
Table of Contents
Description
This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Publisher
Association for Computing Machinery
Journal
Digital Threats: Research and Practice
Book Title
Series
Digital Collection
Finding Aid URL
Use and Reproduction
Archival Collection
PubMed ID
DOI
ISSN
25765337