Part 1 of the series on Deepfakes
Why should Cyber Security professionals be discussing GANs (Generative Adversarial Networks)?
From a Cyber Security perspective, discussions centred around GANs ultimately lead to the emerging threat of Deepfakes. In a post pandemic world, it is predicted that Deepfakes will become mainstream. Deepfakes are fake video or audio renderings of real people, but done with a malicious intent.
Imagine a deepfake video of a prominent political leader giving a speech filled with incite? What ramifications would it have on the person? How would his followers react? Or, imagine receiving a phone call from the CEO asking for an immediate transfer of funds to a specific account? Well, that has already happened.
The risks associated with Deepfakes will be digital, physical and political. In essence, Cyber Security will move deeper into the realms of politics and national security.
Generative Adversarial Networks
GANs belong within the framework of AI, Machine Learning and Deep Learning. The term “Generative” indicates that the network can generate something of its own. Now, how is that possible? The answer is – Machine Learning, where it can learn from past data.
GANs use Machine Learning models to learn from a huge set of training data (e.g. a huge set of images) and start generating images on its own. But, there is an interesting conundrum here? Who keeps check of the quality or accuracy of images?
This is where the interesting concept of “Adversarial Networks” comes in.
Software Vs Software – The Adversarial Network
The Adversarial Network is the second part of the network that challenges the output of the Generative Network. The Generative Network keeps creating outputs with an intent to fool the Adversarial Network into believing that the output is real. Whereas, the Adversarial Network will try to better the Generative Network by identifying the output as fakes.
To quote verbatim from the paper, Generative Adversarial Nets (published by Ian J. Goodfellow, Jean Pouget-Abadie, Mehdi Mirza, Bing Xu, David Warde-Farley, Sherjil Ozair, Aaron Courville and Yoshua Bengio),
In the proposed adversarial nets framework, the generative model is pitted against an adversary: a discriminative model that learns to determine whether a sample is from the model distribution or the data distribution. The generative model can be thought of as analogous to a team of counterfeiters, trying to produce fake currency and use it without detection, while the discriminative model is analogous to the police, trying to detect the counterfeit currency. Competition in this game drives both teams to improve their methods until the counterfeits are indistiguishable from the genuine articles.
Thus by competing against each other, the Generative network becomes better and better at producing outputs that are as close to real as possible.
And, this is precisely the logic behind Deepfakes – to create video and audio renderings that are as close to real as possible.
Deepfake videos and audios can be used for malicious and criminal purposes. Examples are;
- Creating fake identities and fooling KYC systems that accept online videos
- For Robocalling (fake voice messages) to perpetrate fraud
- Faking an individual and depict them committing wrong acts or saying wrong things in order to humiliate them
- Creating fake videos of politicians inciting acts of violence toward minority groups
- Using videos or images of children for child pornography
Criminal use case of Deepfakes
In March 2019, cybercriminals fooled the chief of an unnamed UK-based energy firm. The chief received a call from an individual who used deepfake audio technology to impersonate the voice of the firm’s CEO, with an instruction to transfer nearly 200,000 British pounds (approximately US$260,000 as of writing) to a Hungarian bank account.
Deepfake video of Barack Obama created by Jordan Peele and Buzzfeed.