Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Ideas for defeating Anti-Deep-Fakes
Search
Sponsored
·
SiteGround - Reliable hosting with speed, security, and support you can count on.
→
Ren Kimura
November 14, 2024
Programming
120
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
Ideas for defeating Anti-Deep-Fakes
[email protected]
Ren Kimura
November 14, 2024
More Decks by Ren Kimura
See All by Ren Kimura
脅威解析概論
rkx1209
0
250
セキュリティベンチャーのリスク管理
rkx1209
0
160
ファジング+トリアージ技術を用いた脆弱性解析自動化
rkx1209
0
140
Introduction to Fuzzing
rkx1209
6
4.4k
ARM TrustZone エクスプロイト入門
rkx1209
7
8.7k
More efficient remote debugging with Thin Hypervisor
rkx1209
3
2.7k
Reverse Debugging with radare2
rkx1209
6
2k
カーネルエクスプロイトによるシステム権限奪取
rkx1209
13
8.1k
$Hell on Sony Snatch the Kernel privilage from Browser
rkx1209
6
27k
Other Decks in Programming
See All in Programming
コーディングルールの鮮度を保ちたい for SRE NEXT 2026 / keep-fresh-go-internal-conventions-sre-next-2026
handlename
0
130
Vue × Nuxt × Oxc どこまで使える?実運用の現在地
andpad
0
360
AI 輔助遺留系統現代化的經驗分享
jame2408
1
1.2k
Strategic Design in the Frontend: Moduliths & Micro Frontends @DDDEurope
manfredsteyer
PRO
0
150
エージェンティックRAGにAWSで入門しよう!
har1101
9
1.9k
これからAgentCoreを触る方へトレンドはGatewayです
har1101
6
480
壊れたパーサから始める関数型設計と構成的なパーサ #fp_matsuri
raiga0310
2
180
Embedded SREと共に達成した会員管理システムのAWS移行 - SRE NEXT 2026 ランチスポンサーセッション
niftycorp
PRO
0
2k
自作OSでスライド発表する
uyuki234
1
3.7k
初めてのKubernetes 本番運用でハマった話
oku053
0
120
【やさしく解説 設計編・中級 #1】一つの車に、運転手は一人 ~ある倉庫システムの事例から~
panda728
PRO
0
130
Hatena Engineer Seminar #37「言語モデルの活用に関する研究」
slashnephy
0
500
Featured
See All Featured
Designing for Timeless Needs
cassininazir
1
280
How to Align SEO within the Product Triangle To Get Buy-In & Support - #RIMC
aleyda
2
1.6k
Skip the Path - Find Your Career Trail
mkilby
1
160
Kristin Tynski - Automating Marketing Tasks With AI
techseoconnect
PRO
0
290
Code Reviewing Like a Champion
maltzj
528
40k
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
21
1.5k
End of SEO as We Know It (SMX Advanced Version)
ipullrank
3
4.3k
The Mindset for Success: Future Career Progression
greggifford
PRO
0
410
Intergalactic Javascript Robots from Outer Space
tanoku
273
27k
jQuery: Nuts, Bolts and Bling
dougneiner
66
8.5k
The Anti-SEO Checklist Checklist. Pubcon Cyber Week
ryanjones
0
180
New Earth Scene 8
popppiees
3
2.4k
Transcript
Ideas for defeating Anti-Deep-Fakes Ren Kimura (@RKX1209) AVTOKYO 2024.11.14 Prepare
for the next cyber threat
2 whoami Founder & CEO of Ricerca Security, Inc. Product
Manager (PdM) Ren Kimura (X: @RKX1209) Interested in : Bizdev and Vulnerability Research (VR)
Face Synthesis 3 What is the “Deep Fake” = Techniques
to generate fake media (video, image, voice…) Face manipulation techniques for generating fake videos/images. Face Swap Attribute Manipulation Expression Swap
Name cosine dist login Admin’s voice 0.0 N/A Text to
Speach 0.08 ✔ Another person’s voice 0.69 ☓ 4 DeepFake demo Login_With_Voice_Verification Voice Cloning
5 Any perfect verifier exists? Media data movie.mp4 image.jpg voice.wav
verifier “Real” “Fake”
6 Verification methods Detection Science & Tech Spotlight: Combating Deepfakes
(GAO-24-107292) Authentication • Bit patterns • Color abnormalities • Facial/Vocal inconsistencies “Recorded by camera.”
7 C2PA (Coalition for Content Provenance and Authenticity) original.jpg •
2024-09-04 21:00 • Created: Canon EOS R1 … C2PA meta data c2pa.actions hash function encrypt function encrypted hash Private key in EOS R1
8 edited.jpg C2PA meta data c2pa.actions c2pa.ingredients • original.jpg hash
function encrypt function encrypted hash Private key in Adobes account • 2024-09-10 12:54 • Edited: Adobe Photoshop • Actions: Crop, Frame… … Chain of metadata
9 Chain of trust original.jpg edited.jpg C2PA metadata “Recorded by
Canon EOS R1“ X.509 certificate chain “Edited by Adobe Photoshop“ parent Editor (adobe account)
10 C2PA signing by Generative AI services image.webp image.webp C2PA
metadata “Created by DALL-E“ X.509 certificate chain “Use original one as an ingredient“ parent
11 "Captured with a camera" (~2024.10.15) “I am really at
the zoo” https://www.youtube.com/watch?v=gfjgRHtDa38
12 Guessing from their official help page. original.mp4 “Recorded by
Canon EOS R1“ upload ・・・・ Whitelist “They are cameras” How does it work
13 ❌ Generative AI: “No camera” gen_by_sora.mp4 “Created by OpenAIs
SORA“ upload C2PA metadata X.509 certificate chain ・・・・ Whitelist “They are cameras” Not matched!
14 ✔"Captured with a camera" “Recorded by Canon EOS R1
“ “Edited by Adobe Premiere Pro“ ・・・・ Whitelist “They are cameras” upload Get original mp4 by social engineering, crawling…
15 Air gapping scenario edited.mp4 faked.mp4 C2PA metadata “Recorded by
Canon EOS R1 “ X.509 certificate chain Record over the air
16 ❌ “No camera” edited.mp4 faked.mp4 C2PA metadata “Recorded by
Sony α7 IV “ X.509 certificate chain SONY metadata “It may record 2D flattened area“ Record 3d-depth over the air
17 My approach:
18 Perfect verifier doesn’t exist Media data movie.mp4 image.jpg voice.wav
verifier “Real” “Fake”
19 What should Blue/White-team do? “A Guide to Preparing and
Responding to Deepfake Events” OWASP TOP10 LLM App&GenAI (2024.10)
20 What should Blue/White-team do? Financial gain through fraud by
impersonation. Impersonation for cyberattacks Job Interview Fraud Mis/Dis/Mal Information
21 Conclusion Detection and Authentication methods are not perfect Proposed
a new technique to bypass C2PA authentication Defense-in-depth and layered controls are required.
None