Neural network faked speech to trick algorithms or other people
Scientists from the University of Chicago
Researchers played out a situation wherethe attacker had a recording of the victim's voice, which can be found in the public domain, as well as the ability to communicate live and record the speech. It is noted that during training the neural network took into account not only the voice, but also the timbre with intonation.
Further, the authors used the already trainedneural networks that can be found in the public domain. They chose two: SV2TTS and AutoVC. To train the models, the authors used speech recordings of 90 people from three public datasets: VCTK, LibriSpeech, and SpeechAccent.
As a result, researchers in approximately 50% of casessuccessfully logged into your account using a voice synthesized by a neural network. Also, when talking to the algorithm, a person could not distinguish a real voice from a fake one by 50%.
Neural network helped apply makeup to trick the facial recognition system
Israeli researchers from the University named afterBen-Gurion made a neural network that deceives facial recognition systems using makeup. She determines those features of appearance that the device most often reads, and then selects special makeup that will help make the face unrecognizable to the system.
During operation, the algorithm first processespictures of that person and then pictures of other people of the same gender. Next, a heat map is created that shows the main areas where the distinctive features that need to be corrected are located. After this, the system creates an image of a new face with makeup and tests it against a typical facial recognition system until it stops responding to it.
When the optimal make-up is obtained, it can be applied. The authors note that the accuracy of the face recognition system decreases from 47.5% to 1.2%.
The neural network has made a universal face to deceive the identification system
Researchers from Israel have created a neural networkwhich generates images of faces capable of simulating a large number of personalities for recognition systems. According to the developers, their algorithm makes “universal” faces. For example, nine such images can replace photos of at least 40% of people from the open database.
As a result, the system generated faces that were successfully identified as positive in 40-60% of cases. They used just nine generated photos for this.
The neural network deceives the eyes, creating the perfect camouflage
Scientists from the University of Bristol have madea neural network that analyzes the environment and selects the optimal color for an object. They noted that their algorithm will help evolutionary biologists understand how the coloration of various living species changed, as well as what it depended on.
To create their own algorithm, researchersused a set of genetic algorithms and deep learning. They ended up with millions of templates with just a few colors and little input from human observers.
The method was tested on volunteers, they shouldwere to look at pictures with objects on different backgrounds and press a button as soon as they saw the object. Each time, the algorithm reduced the set of colors and patterns to those that were most difficult or easiest to see. Depending on whether we want to find coloring for camouflage or to be noticeable.
A neural network that tricks other neural networks
Scientists have created a neural network that triesfight against fake classifiers. The new algorithm can insert special noise into an image or video that causes other classifiers to recognize the content as original and unedited.
We are talking about deepfakes - this is content in whicha person is deliberately changed their face or facial expressions, for example, to a famous star, actor or politician, in order to compromise a person on something that he has never done or said. Naturally, after deepfakes, neural networks appeared that recognize whether a video or photo has been edited.
At the next stage of development of thisconfrontation, neural networks have appeared that deceive the algorithms for recognizing deepfakes. A deceiving neural network can potentially adapt to any deepfake classifiers, including those yet unknown. As a result, this algorithm manages to deceive classifiers in 99% of cases, provided that the video result will not be compressed. In case of compression, the success rate drops to 60-90%.
Read more:
AI solved a biological problem that scientists have been battling for 50 years
A millisecond instead of 30 trillion years for a task: China introduced a new quantum computer
Scientists are looking for people who cannot be infected with COVID-19. Based on their data, they will make a medicine