AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

Boosting Active Defense Persistence: A Two-Stage Defense Framework Combining Interruption and Poisoning Against Deepfake

inforesearchPeer-Reviewed

securityresearch

Source: IEEE Xplore (Security & AI Journals)March 17, 2026

Summary

This research addresses a weakness in active defense systems against deepfakes (AI-generated fake videos or images): these defenses often fail when attackers retrain their models on protected samples. The authors propose a Two-Stage Defense Framework (TSDF) that uses dual-function adversarial perturbations (carefully designed noise patterns that disrupt both the deepfake output and the attacker's retraining process) to make defenses more persistent by poisoning the data (corrupting the training information) that attackers would use to adapt their models.

Solution / Mitigation

The source describes the proposed defense framework (TSDF) as the solution but does not mention an existing patch, update, or mitigation for current systems. The paper presents the framework as a research contribution rather than a fix for deployed software. N/A -- no mitigation for existing systems discussed in source.

Classification

Attack Type

Model Poisoning

Attack SophisticationAdvanced

Impact (CIA+S)

integrityavailability

Related Issues

high

CVE-2024-37052: Deserialization of untrusted data can occur in versions of the MLflow platform running version 1.1.0 or newer, enabling

Similar attackNVD/CVE Database

info

Model Stability Defense Against Model Poisoning in Federated Learning

Original source: http://ieeexplore.ieee.org/document/11436061

First tracked: March 26, 2026 at 08:02 PM

Classified by LLM (prompt v3) · confidence: 85%