Software Engineering Institute

This talk from Shannon Gallagher and Thomas Scanlon will explain the fundamentals of deepfakes. The tools and techniques used to create deepfakes will be presented as well as an overview on how to detect deepfakes. Further, security concerns relevant to deepfakes will be presented along with discussion of real-world incidents.

In summer 2021, Shannon Gallagher joined CERT as a data scientist. Her interests include modeling, uncertainty quantification, and data visualization. She always enjoys meeting and chatting with potential collaborators. Currently, she is the PI of the "A Prototype Software Framework for Digital Content Forgery Detection" which aims to develop a statistical pipeline to help determine the authenticity of images and videos. Specifically, her team will modify existing algorithms to work at scale (thousands/day) while maintaining accuracy, precision, and recall. Previously, Shannon worked on a team to implement a machine learning algorithm to detect code vulnerabilities on source code intermediate representation.

Shannon joined the SEI after completion of her post doc at the National Institute of Allergy and Infectious Diseases. There she worked on statistical modeling of infectious diseases, competing events analysis for the ACTT-1 COVID-19 trial, and analysis of statistical tests in low event rate settings. Prior to that, Shannon received her PhD in Statistics at Carnegie Mellon University and was advised by Bill Eddy. Her dissertation studied statistical properties of agent-based models. While at CMU, she was a research and teaching assistant and served as President of the Women in Statistics group.

Thomas Scanlon holds a doctoral degree in Information Systems and currently is a researcher in the SEI’s CERT Division. He has more than 10 years of industry experience with Fortune 500 companies. Scanlon currently specializes in applied research topics related to secure software engineering, such as authentication and authorization, secure software development, automated testing tools, cyber threat modeling, and the Risk Management Framework (RMF). During the past 2 years, he has worked directly with the Joint Federated Assurance Center (JFAC) within the Department of Defense on the prototyping and selection of software testing tools and developing guidelines for others on selecting appropriate software testing tools.