Beyond the Surface: Detecting AI-Generated Media with Error Level Analysis

TLDR: AI-generated media is becoming a standard component of social engineering campaigns, yet most security teams lack a reliable way to verify image authenticity. This post breaks down how to identify synthetic media by analyzing compression artifacts, edge anomalies, and metadata remnants. We explore a practical forensic workflow using Error Level Analysis (ELA) and custom GPT-based tools to move beyond visual inspection and into scientific verification.

Visual deception is the new frontier of social engineering. While we have spent decades training users to spot suspicious links and phishing emails, we are now facing a reality where the content itself—the image or video of a CEO, a fake news event, or a fabricated security alert—is entirely synthetic. The barrier to entry for creating high-fidelity deepfakes has collapsed, and the tools available to attackers are evolving faster than our ability to detect them.

The Mechanics of Synthetic Artifacts

Generative Adversarial Networks (GANs) operate on a simple, adversarial principle: a generator creates fake media, and a discriminator attempts to identify it as fake. This loop continues until the generator produces output that the discriminator can no longer distinguish from reality. However, this process leaves behind distinct, machine-readable signatures.

When an image is generated or heavily manipulated in tools like Adobe Photoshop, it rarely maintains the uniform compression characteristics of a raw, camera-captured file. This is where Error Level Analysis (ELA) becomes a critical tool for any researcher. ELA works by re-saving an image at a known error level (usually 95%) and calculating the difference between the original and the re-saved version. In a genuine, unedited image, the compression level should be relatively uniform across the entire file. In a manipulated image, the areas that have been altered—such as a face swap or a pasted-in logo—will exhibit different compression levels, appearing as bright, high-contrast regions in the ELA output.

Forensic Workflow for Media Verification

During a penetration test or a bug bounty engagement, you cannot rely on your eyes alone. You need a repeatable, scientific process to validate media. Start by examining the metadata. While social media platforms often strip EXIF data, they rarely remove all traces of the original rendering engine. Look for inconsistencies in the ICC profile or remnants of the software used to generate the file.

If the metadata is clean, move to the pixel level. A common technique involves creating a noise residual map. By applying a high-pass filter to the image, you can isolate the high-frequency noise patterns. Natural images have a consistent noise floor. AI-generated images, particularly those created by models like DALL-E or Midjourney, often show "patchy" noise distributions where the model struggled to blend synthetic elements with the background.

For those looking to automate this, I have been experimenting with a custom GPT-based forensic examiner. The workflow is straightforward:

1. Extract Frames: For video, break the file into individual frames using ffmpeg.
2. Run ELA: Perform ELA on each frame to identify localized compression anomalies.
3. Edge Analysis: Look for "sharp" edges in areas that should be soft, such as the transition between a subject's skin and a background, which often indicates a cut-and-paste operation.
4. Anatomical Consistency: Check for common GAN failures, such as six fingers, distorted teeth, or unnatural reflections in the eyes.

Real-World Pentesting Context

Imagine you are conducting a red team engagement where the objective is to gain unauthorized access to a corporate network. A common vector is to spoof an executive's identity to bypass multi-factor authentication or to authorize a fraudulent wire transfer. If you can provide the target with a "verified" image or video of their boss confirming the request, the success rate of your social engineering campaign increases exponentially.

Conversely, as a defender or a bug bounty hunter, you should be looking for these same indicators. If a company is hosting user-generated content, they are vulnerable to steganography-based malware injection. Attackers can hide malicious payloads within the noise patterns of an image that appears benign to the human eye but triggers a vulnerability in the image-processing library on the server side.

Defensive Strategies

Defending against deepfakes requires a shift toward provenance. We need to move toward cryptographically signed media, where the camera or the generation tool embeds a digital signature that can be verified by the end-user. Until that becomes the industry standard, security teams should implement automated forensic checks on all incoming media that could be used for authentication or authorization.

Do not assume that because an image looks "good enough" that it is authentic. The next time you encounter a suspicious image in a report or an engagement, run it through an ELA filter. You will be surprised at how often the "perfect" image is hiding a messy, synthetic past. The goal is not to find the perfect detection tool, but to build a workflow that forces the attacker to work harder, increasing the likelihood that they leave behind a detectable, human-made error. Keep testing, keep questioning the source, and keep digging into the pixels.