DF-Captcha: A Deepfake Captcha for Preventing Fake Calls

TL;DR

This paper introduces DF-Captcha, a lightweight challenge-response system designed to detect deepfake-based social engineering attacks, effectively exposing attackers by exploiting deepfake limitations and avoiding heavy, easily evaded defenses.

Contribution

The paper presents a novel, lightweight deepfake CAPTCHA that leverages the technical constraints of deepfake technology to prevent impersonation-based social engineering attacks.

Findings

Effective in exposing deepfake attackers

Lightweight and easy to deploy

Breaks the reactive arms race in deepfake detection

Abstract

Social engineering (SE) is a form of deception that aims to trick people into giving access to data, information, networks and even money. For decades SE has been a key method for attackers to gain access to an organization, virtually skipping all lines of defense. Attackers also regularly use SE to scam innocent people by making threatening phone calls which impersonate an authority or by sending infected emails which look like they have been sent from a loved one. SE attacks will likely remain a top attack vector for criminals because humans are the weakest link in cyber security. Unfortunately, the threat will only get worse now that a new technology called deepfakes as arrived. A deepfake is believable media (e.g., videos) created by an AI. Although the technology has mostly been used to swap the faces of celebrities, it can also be used to `puppet' different personas. Recently, researchers have shown how this technology can be deployed in real-time to clone someone's voice in a phone call or reenact a face in a video call. Given that any novice user can download this technology to use it, it is no surprise that criminals have already begun to monetize it to perpetrate their SE attacks. In this paper, we propose a lightweight application which can protect organizations and individuals from deepfake SE attacks. Through a challenge and response approach, we leverage the technical and theoretical limitations of deepfake technologies to expose the attacker. Existing defence solutions are too heavy as an end-point solution and can be evaded by a dynamic attacker. In contrast, our approach is lightweight and breaks the reactive arms race, putting the attacker at a disadvantage.