How Deepfakes Are Created, Spread, and Detected

Deepfakes of Women Now Outnumber All Other Categories — 96% Are Non-Consensual Pornography

In 2023, the security firm Sensity AI reported that over 95,000 deepfake videos existed online — up from fewer than 8,000 in 2019. The overwhelming majority — approximately 96% according to research published by Deeptrace — are non-consensual intimate images depicting women who consented to neither the creation nor distribution of the content. This statistic frames the deepfake problem not primarily as a geopolitical threat, though that threat is real, but as a technology-enabled form of gender-based violence at scale. Understanding how deepfakes are created, why they are increasingly convincing, and how detection attempts have struggled to keep pace with generation capabilities is essential context for evaluating policy responses.

The Technical Foundation: Generative Adversarial Networks

The core technology behind most deepfakes is the Generative Adversarial Network (GAN), introduced by Ian Goodfellow in 2014. A GAN consists of two competing neural networks: a generator that creates synthetic images, and a discriminator that tries to distinguish real from synthetic outputs. Through adversarial training, the generator learns to produce increasingly convincing fakes while the discriminator becomes increasingly sensitive to artifacts. The process converges when the discriminator can no longer reliably distinguish real from generated content — a condition that GAN-based systems can reach after training on relatively modest datasets.

For video deepfakes, face-swap architectures like DeepFaceLab and FaceSwap use autoencoder networks trained on images of two people. The encoder learns a compressed representation of facial features, and separate decoders reconstruct faces from this representation. By feeding source face data through the encoder and a target face's decoder, the system maps source expressions and movements onto the target's appearance. Modern refinements add facial landmark tracking, color correction, blending masks, and super-resolution to reduce visible artifacts.

Types of Synthetic Media

• Face swap: The original and most common type; replaces one person's face with another's in video. Used for both entertainment and non-consensual intimate imagery.
• Face reenactment: Transfers the expression and movement of a source face to a target person, making it appear that the target is saying or doing whatever the source performs.
• Voice cloning: Audio synthesis that replicates a person's voice from as little as 3 seconds of sample audio, enabling fake audio calls or dubbed video.
• Full-body synthesis: Emerging technology that generates artificial video of a person's entire body performing specific actions.
• Text-to-video generation: Systems like OpenAI's Sora (2024) generate entirely synthetic video from text prompts, without any source footage.

The Diffusion Model Revolution

By 2022–2023, diffusion models (the technology behind DALL-E, Stable Diffusion, and Midjourney) began producing higher-quality synthetic images than GANs for many applications. Diffusion models work by learning to iteratively remove noise from random noise to generate realistic outputs. They are more stable to train than GANs, produce less characteristic "GAN artifacts," and can generate coherent human faces across varied lighting and expressions. The barrier to creating convincing synthetic media has dropped dramatically — numerous apps offer deepfake face-swaps in real time, on consumer hardware, with no technical expertise required.

Real-World Harms Documented

Detection: An Arms Race the Defense Is Losing

Detection of AI-generated media is an active research field but faces a fundamental asymmetry: generating convincing synthetic media requires one pass through a network, while detection must generalize across all possible generation techniques, including techniques released after the detector was trained. Early detectors looked for GAN-specific artifacts: irregular eye blinking rates (GANs often failed to model blinking correctly), inconsistent facial lighting, unnatural skin texture, and boundary artifacts around replaced faces.

Current-generation detectors use convolutional neural networks and vision transformers trained to classify real versus synthetic. The best-performing models — such as those submitted to Facebook's DeepFake Detection Challenge (DFDC) — achieved around 65% accuracy on held-out test sets, far below the threshold needed for reliable forensic application. Accuracy drops further when deepfakes are compressed (as they invariably are when uploaded to social media), when they depict faces not well-represented in training data, or when the generation method differs from those seen during training.

• Biological signal analysis: Research from Binghamton University found that blood-flow patterns visible in natural skin (rPPG — remote photoplethysmography) are absent or incorrect in deepfakes. This approach is generation-agnostic but requires high-quality video.
• Provenance-based authentication: Standards like C2PA (Coalition for Content Provenance and Authenticity) embed cryptographic credentials into images at creation time. If the credential is absent or broken, authenticity is unverified. Requires camera manufacturer and platform adoption.
• Digital watermarking: Embedding imperceptible signals into AI-generated content at generation time; Google's SynthID is an example. Effective only if generators cooperate; trivially circumvented by adversarial generators.

Legal and Policy Responses

The legislative landscape is patchy but growing. The U.S. DEEPFAKES Accountability Act has repeatedly failed to pass Congress. As of 2024, 24 U.S. states have laws specifically targeting non-consensual deepfake pornography. The EU AI Act classifies real-time biometric identification and certain synthetic media applications as high-risk or prohibited. South Korea became one of the first countries to criminalize viewing (not just creating or distributing) deepfake pornography. The speed of technological development consistently outpaces the legislative process.

Detection tools are freely available at platforms like FakeCatcher (Intel), Deepware Scanner, and Microsoft's Video Authenticator — though all carry significant false positive and false negative rates. Media literacy education — training people to question authenticity, check provenance, and look for physical inconsistencies — remains one of the more scalable countermeasures.