Robust and Calibrated Detection of Authentic Multimedia Content
Sarim Hashmi, Abdelrahman Elsayed, Mohammed Talha Alam, Samuele Poppi, Nils Lukas
2025-12-18
Summary
This paper is about the growing problem of deepfakes – realistic but fake videos or images created by artificial intelligence – and how to reliably detect them, even as the fakes get more sophisticated.
What's the problem?
Detecting deepfakes is really hard because once they're created, it's often impossible to definitively prove they *aren't* real, leading to false accusations. Also, current detection methods are easily fooled; someone trying to create a deepfake can quickly change it just enough to bypass existing detectors, even with limited computing power. This means detectors are constantly playing catch-up and aren't very reliable in the long run.
What's the solution?
The researchers propose a new approach that doesn't try to definitively *prove* something is a fake, but instead tries to determine if its authenticity can be reasonably doubted. They focus on being very sure when something *is* real, even if they sometimes miss fakes. They developed a 'resynthesis' method that checks how well a sample matches what a real sample should look like, and it's surprisingly good at identifying genuine content while keeping false alarms low. Importantly, this method is also hard to trick, even for someone trying to create deepfakes with limited resources.
Why it matters?
This work is important because it offers a more practical way to deal with deepfakes. Instead of chasing a perfect detector that's always one step behind, it focuses on reliably verifying authentic content. This is crucial for maintaining trust in digital media and preventing the spread of misinformation, especially as deepfake technology becomes more accessible and convincing.
Abstract
Generative models can synthesize highly realistic content, so-called deepfakes, that are already being misused at scale to undermine digital media authenticity. Current deepfake detection methods are unreliable for two reasons: (i) distinguishing inauthentic content post-hoc is often impossible (e.g., with memorized samples), leading to an unbounded false positive rate (FPR); and (ii) detection lacks robustness, as adversaries can adapt to known detectors with near-perfect accuracy using minimal computational resources. To address these limitations, we propose a resynthesis framework to determine if a sample is authentic or if its authenticity can be plausibly denied. We make two key contributions focusing on the high-precision, low-recall setting against efficient (i.e., compute-restricted) adversaries. First, we demonstrate that our calibrated resynthesis method is the most reliable approach for verifying authentic samples while maintaining controllable, low FPRs. Second, we show that our method achieves adversarial robustness against efficient adversaries, whereas prior methods are easily evaded under identical compute budgets. Our approach supports multiple modalities and leverages state-of-the-art inversion techniques.