Search for: All records

Deepfake speech represents a real and growing threat to systems and society. Many detectors have been created to aid in defense against speech deepfakes. While these detectors implement myriad methodologies, many rely on low-level fragments of the speech generation process. We hypothesize that breath, a higher-level part of speech, is a key component of natural speech and thus improper generation in deepfake speech is a performant discriminator. To evaluate this, we create a breath detector and leverage this against a custom dataset of online news article audio to discriminate between real/deepfake speech. Additionally, we make this custom dataset publicly available to facilitate comparison for future work. Applying our simple breath detector as a deepfake speech discriminator on in-the-wild samples allows for accurate classification (perfect 1.0 AUPRC and 0.0 EER on test data) across 33.6 hours of audio. We compare our model with the state-of-the-art SSL-wav2vec and Codecfake models and show that these complex deep learning model completely either fail to classify the same in-the-wild samples (0.72 AUPRC and 0.89 EER), or substantially lack in the computational and temporal performance compared to our methodology (37 seconds to predict a one minute sample with Codecfake vs. 0.3 seconds with our model) 

Sharing high-quality research data specifically for reuse in future work helps the scientific community progress by enabling researchers to build upon existing work and explore new research questions without duplicating data collection efforts. Because current discussions about research artifacts in Computer Security focus on reproducibility and availability of source code, the reusability of data is unclear. We examine data sharing practices in Computer Security and Measurement to provide resources and recommendations for sharing reusable data. Our study covers five years (2019–2023) and seven conferences in Computer Security and Measurement, identifying 948 papers that create a dataset as one of their contributions. We analyze the 265 accessible datasets, evaluating their under-standability and level of reuse. Our findings reveal inconsistent practices in data sharing structure and documentation, causing some datasets to not be shared effectively. Additionally, reuse of datasets is low, especially in fields where the nature of the data does not lend itself to reuse. Based on our findings, we offer data-driven recommendations and resources for improving data sharing practices in our community. Furthermore, we encourage authors to be intentional about their data sharing goals and align their sharing strategies with those goals. 

The Heilmeier Catechism consists of a set of questions that researchers and practitioners can consider when formulating research and applied engineering projects. In this article, we suggest explicitly asking who is included and who is left out of consideration. 

A rapidly emerging research community at the intersection of sport and human-computer interaction (SportsHCI) explores how technology can support physically active humans, such as athletes. At highly competitive levels, coaching staff play a central role in the athlete experience by using data to enhance performance, reduce injuries, and foster team success. However, little is known about the practices and needs of these coaching staff. We conducted five focus groups with 17 collegiate coaching staff across three women’s teams and two men’s teams at an elite U.S. university. Our findings show that coaching staff selectively use data with the goal of balancing performance goals, athlete emotional well-being, and privacy. This paper contributes design recommendations to support coaching staff in operating across the data life cycle through gathering, sharing, deciding, acting, and assessing data as they aim to support team success and foster the well-being of student-athletes. 

Cochlear implants (CIs) allow deaf and hard-ofhearing individuals to use audio devices, such as phones or voice assistants. However, the advent of increasingly sophisticated synthetic audio (i.e., deepfakes) potentially threatens these users. Yet, this population’s susceptibility to such attacks is unclear. In this paper, we perform the first study of the impact of audio deepfakes on CI populations. We examine the use of CI-simulated audio within deepfake detectors. Based on these results, we conduct a user study with 35 CI users and 87 hearing persons (HPs) to determine differences in how CI users perceive deepfake audio. We show that CI users can, similarly to HPs, identify text-to-speech generated deepfakes. Yet, they perform substantially worse for voice conversion deepfake generation algorithms, achieving only 67% correct audio classification. We also evaluate how detection models trained on a CI-simulated audio compare to CI users and investigate if they can effectively act as proxies for CI users. This work begins an investigation into the intersection between adversarial audio and CI users to identify and mitigate threats against this marginalized group. 

IMSI-Catchers allow parties other than cellular network providers to covertly track mobile device users. While the research community has developed many tools to combat this problem, current solutions focus on correlated behavior and are therefore subject to substantial false classifications. In this paper, we present a standards-driven methodology that focuses on the messages an IMSI-Catcher must use to cause mobile devices to provide their permanent identifiers. That is, our approach focuses on causal attributes rather than correlated ones. We systematically analyze message flows that would lead to IMSI exposure (most of which have not been previously considered in the research community), and identify 53 messages an IMSI- Catcher can use for its attack. We then perform a measurement study on two continents to characterize the ratio in which connections use these messages in normal operations. We use these benchmarks to compare against open-source IMSI-Catcher implementations and then observe anomalous behavior at a large- scale event with significant media attention. Our analysis strongly implies the presence of an IMSI-Catcher at said public event (p << 0.005), thus representing the first publication to provide evidence of the statistical significance of its findings. 

Audio deepfakes represent a rising threat to trust in our daily communications. In response to this, the research community has developed a wide array of detection techniques aimed at preventing such attacks from deceiving users. Unfortunately, the creation of these defenses has generally overlooked the most important element of the system - the user themselves. As such, it is not clear whether current mechanisms augment, hinder, or simply contradict human classification of deepfakes. In this paper, we perform the first large-scale user study on deepfake detection. We recruit over 1,200 users and present them with samples from the three most widely-cited deepfake datasets. We then quantitatively compare performance and qualitatively conduct thematic analysis to motivate and understand the reasoning behind user decisions and differences from machine classifications. Our results show that users correctly classify human audio at significantly higher rates than machine learning models, and rely on linguistic features and intuition when performing classification. However, users are also regularly misled by pre-conceptions about the capabilities of generated audio (e.g., that accents and background sounds are indicative of humans). Finally, machine learning models suffer from significantly higher false positive rates, and experience false negatives that humans correctly classify when issues of quality or robotic characteristics are reported. By analyzing user behavior across multiple deepfake datasets, our study demonstrates the need to more tightly compare user and machine learning performance, and to target the latter towards areas where humans are less likely to successfully identify threats.