Adversarial attacks on deepfake detection: Assessing vulnerability and robustness in video-based models
1 Faculty of Computing, Engineering and Science, University of South Wales, UK.
2 Department of Enterprise R&D Net Sec R&D, Palo Network, Santa Clara, California, U.SA.
3 Department of Information and Technology Services University of Michigan, U.S.A.
4 Department of Business Administration & Management of Information Systems, University of Pittsburgh U.S.A.
5 Department of Computer Science, Stephen F. Austin State University, U.S.A.
6 Department of Statistics, Oklahoma State University, U.S.A.
Research Article
Global Journal of Engineering and Technology Advances, 2025, 22(02), 090-102.
Article DOI: 10.30574/gjeta.2025.22.2.0029
Publication history:
Received on 02 January 2025; revised on 09 February 2025; accepted on 12 February 2025
Abstract:
The increasing prevalence of deepfake media has led to significant advancements in detection models, but these models remain vulnerable to adversarial attacks that exploit weaknesses in deep learning architectures. This study investigates the vulnerability and robustness of video-based deepfake detection models, specifically comparing a Long Short-Term Convolutional Neural Network (LST-CNN) with adversarial perturbations using the Fast Gradient Sign Method (FGSM) attacks. We evaluate the performance of the models under both clean and adversarial conditions, highlighting the impact of adversarial modifications on detection accuracy. Our results show that adversarial attacks, even with slight perturbations, significantly reduce the accuracy of the models, with the baseline LST-CNN experiencing sharp performance degradation under FGSM attacks. However, models trained with adversarial examples exhibit enhanced resilience, maintaining higher accuracy under attack conditions. The study also evaluates defense strategies, such as adversarial training and input preprocessing, that help improve model robustness. These findings underscore the critical need for robust defense mechanisms to secure deepfake detection models and provide insights into improving model reliability in real-world applications, where adversarial manipulation is a growing concern.
Keywords:
Adversarial Attacks; Deepfake Detection; LST-CNN; FGSM; Video-Based Models
Full text article in PDF:
Copyright information:
Copyright © 2025 Author(s) retain the copyright of this article. This article is published under the terms of the Creative Commons Attribution Liscense 4.0