I. Introduction
Today, the problem of photo fraud is very rampant and has become a serious problem in modern society. With the continuous development of AI technology, people can easily tamper and forge pictures through image editing and AI intelligent generation, making them look real and difficult to distinguish. I have seen a couple with a master’s degree tampering with marriage certificates, divorce certificates and other information in order to deceive insurance:
Even the papers published by Nobel Prize winners have suspected image tampering:
This has brought many negative impacts to the society, especially in the fields of insurance, finance, and banking. If the false and falsified information is approved, it will bring huge impacts and even economic losses.
Moreover, in the context of today's rapid development of AI, the technical threshold for image tampering is getting lower and lower, and the effect is becoming more and more realistic.
Therefore, it is very important to research and develop image tampering and forgery detection technology, and it is imminent to introduce a method or tool that can efficiently and accurately detect image forgery!
Just at the recent WAIC2023 conference, Hehe Information shared their three strategies in the field of image tampering detection and AI image security: image tampering detection, AIGC discrimination, OCR anti-attack technology:
Let's see how they solve these problems.
2. Meeting sharing
1) Image tampering detection
As early as last year's World Artificial Intelligence Conference, Hehe Information's "PS tamper detection" technology made its debut. "Pixel-level" bottom-up modification traces, covering various identification categories such as ID cards and passports, attracted the attention of all sectors of society. I have also used the PS detection service provided by them to detect the forgery of the ID card, and the effect is also very good, and the tampered part can be accurately identified:
This year, the Hehe Information team has continued to optimize and upgrade the "black technology" of image tampering detection, and its application has also expanded to "screenshot tampering detection". Previously, the technical research objects of image tampering detection mainly focused on natural scene images. However, it is usually tampered qualification certificates, documents, screenshots, etc. that really bring risks to people's lives. Now Hehe Information's AI tampering detection technology can also take various screenshots including transfer records, transaction records, chat records, etc., whether it is "copying and moving" image tampering means of "cutting out" key elements from the original image and then moving "paste" to another place, or "erasing", "reprinting" and other methods, image tampering detection technology can "wisdom eye" to identify fakes:
Screenshot anti-counterfeiting detection is more difficult for license detection, because the background of the screenshot has no texture and background color, and the entire screenshot has no lighting difference. Document tampering identification can still judge the tampering traces through the imaging difference generated when taking pictures, but the screenshots do not have such "information". Existing vision models are usually difficult to fully explore the fine-grained difference features of the original image and the doctored image, so it is difficult to achieve a satisfactory accuracy rate. To this end, Hehe Information proposes an image authenticity identification model based on the encoder-decoder structure of HRNet, which combines the information of the image itself, including but not limited to noise, spectrum, etc., so as to capture fine-grained visual differences and achieve high-precision identification purposes:
2) Generative Image Discrimination
In addition, combined information has also made achievements in generative image identification
At the end of last year, I experienced the power of AIGC. I gave AI a description, and a matching painting could be generated in just a few tens of seconds. The picture below shows the painting I generated using an AIGC product on a certain platform (the description text is: mushroom house in the forest, dreamy fairyland, mushroom flowers and plants):
It can be seen that the effect is still very good, in line with the description.
However, with the explosion of AIGC, many people use it in gray or illegal industries, and use AI to generate pictures that do not comply with copyright and regulations to illegally profit and confuse the public. Seriously endanger the property of the general public, and even social stability:
Fortunately, Hehe Information has developed AI-generated picture identification technology to help individuals and institutions identify and judge whether AI pictures are generated, prevent "virtual person" fraud, and help the healthy development of generative AI by solving some ethical problems faced by generative AI:
The combined information is modeled based on the relationship between the spatial domain and the frequency domain. After the image is input, the model focuses on the spatial features through multiple spatial attention heads, and uses the texture enhancement module to amplify the subtle artifacts in the shallow features to enhance the model's perception and judgment accuracy of real faces and fake faces. It can use multi-dimensional features to distinguish the subtle differences between real pictures and generative pictures without exhaustively enumerating pictures, and solves the two major difficulties that the generated image scenes are too numerous to be exhaustive, and some generated pictures are too similar to real pictures, making it difficult to distinguish.
The emergence of this technology has a wide application space in anti-fraud, copyright protection and other fields. For example, in the financial industry, criminals can use AI synthesis technology to steal online funds, threatening the safety of citizens' property. This technology can reduce the probability of fund theft by intervening in the payment link; in the media industry, some picture suppliers use software to automatically generate posters and other pictures, deliberately conceal their sources and sell them to third parties, and the third parties commercialize without knowing it, leading to infringement problems, and relevant detection technologies can solve these problems to a certain extent.
3) OCR against attack technology
I believe that in daily life, due to work or other business needs, almost all of you will encounter the situation of taking your own ID photos and sending them to a third party. The personal information carried on these pictures is usually personal privacy, and you do not want to be obtained by others except the third party and yourself. Once the criminals with ulterior motives use OCR technology to identify, extract and leak it, it will cause relatively large losses. For example, it is often seen in the news that identity information is used for telecom fraud, and they are later held accountable and sent to prison. It is simply a disaster!
There are also such anti-attack technologies on the market to avoid this situation. For example, the image is encrypted in the following four ways to avoid OCR recognition:
-
Image interference: Attackers interfere with the OCR system's recognition of images by adding noise, blurring, rotating, deforming, and other operations. In order to resist this kind of attack, the OCR system needs to improve the image processing ability through image enhancement, edge detection and other technologies.
-
Text scrambling: Attackers disrupt the OCR system's recognition of text by inserting other characters into the text, modifying character spacing, and changing fonts. In order to combat this attack, the OCR system needs to design a more robust font and character matching algorithm.
-
Adversarial Generative Network (GAN): Adversarial Generative Network is a technique that simultaneously improves the quality of generated samples and distinguishes the authenticity of samples by training generators and discriminators. Attackers can use GANs to generate images that appear real but interfere with OCR systems. In order to combat this attack, the OCR system needs to improve the detection ability of forged images through adversarial training, adding additional discriminators and other methods.
-
Adversarial sample generation: Attackers can change the image by adding specific noise or interference, causing the OCR system to produce wrong recognition results. In order to combat this attack, the OCR system needs to adopt a powerful adversarial sample detection algorithm to identify and reject adversarial samples in time.
On this basis, Hehe Information has also carried out innovative technological explorations, and has developed OCR anti-attack technology to "encrypt" document pictures to prevent criminals from using OCR technology to identify and extract personal information. This technology can disturb the scene text or text in the document without affecting the naked eye viewing and judgment, and "attack" the content containing key information such as Chinese, English, numbers, etc., preventing third parties from reading and saving all the text content in the image through the OCR system, reducing the risk of data leakage, so as to achieve the purpose of protecting information:
3. Summary
Through AI, fake pictures and news reports can be produced to undermine the credibility of the media and the authenticity of the news. This may lead to a decline in public trust in the media and news, affecting public opinion and social stability. It is no exaggeration to say that AI counterfeiting technology will have a huge impact on multiple industries such as media, law, politics, entertainment, social media and personal security.
Therefore, the research and development of detecting these false information is of great significance for protecting social security and maintaining justice. The emergence of Hehe Information's AI image content detection products has played an important role in protecting the authenticity of images and recognizing text. Through automation, high accuracy, and diverse detection capabilities, these technologies can help users detect and defend against issues such as image tampering, generative image spoofing, and OCR adversarial attacks. However, we still need continuous efforts and innovations to deal with the ever-changing and complex means of tampering and counterfeiting. Only in this way can we better deal with image tampering and forgery and maintain social stability and justice.
It is gratifying that the China Academy of Information and Communications Technology has taken the lead in launching the formulation of the "Document Image Tampering Detection Standard". In order to provide reliable guarantee for the security of document image content, and help the construction of AI security system in the new era. Based on the status quo of the industry, focusing on "fine-grained" visual difference forgery image identification, generative image identification, document image integrity protection and other industry focus issues, to gather industry consensus, in order to provide effective guidance for the industry, explore document image tampering detection technology trends, and help the healthy growth of the image industry.
It is believed that with the formulation of this standard and the efforts of so many top companies, more security and stability will be injected into the industry.