A Roadmap for Multilingual, Multimodal Domain Independent Deception Detection^††thanks: All authors are with the University of Houston

Deception is a complex and pervasive phenomenon with profound implications for various domains, including security, law enforcement, healthcare, and human-computer interaction. Accurately identifying deception has long been a critical goal for researchers and practitioners alike. Traditional methods for deception detection (DD) have primarily relied on linguistic cues and textual analysis [34, 37]. A DD task is typically a binary classification problem, aiming to label a statement as being deceptive or not. Less often, the goal is to categorize a statement as falling into one of the more or less deceptive categories. It is a problem of growing importance that is made more challenging by the need to build different datasets and detectors for the ever-increasing variety of domains and tasks where deceptive language poses a threat. However, these methods often fall short in the face of sophisticated deceivers who can manipulate language effectively, leaving the task of deception detection far from foolproof [23]. Recently, there has been a paradigm shift towards more comprehensive and robust approaches to deception detection, which leverage multimodal data sources. This shift recognizes that deception is not confined to language alone and that individuals may convey deceptive information through various channels, including speech, facial expressions, body language, and by using different languages¹¹1However, multilingual deception detection efforts are relatively few. Another frequently debated topic is the transfer of linguistic cues of deception across domains and modalities. The need for domain-independence in deception detection is paramount since there are many manifestations of deception.

We call for a holistic approach to deception detection, focusing on integrating multimodal (multiple modes of communication) and multilingual (cross-linguistic) data while maintaining domain independence. We propose leveraging cutting-edge advances in natural language processing (NLP), computer vision, and machine learning (ML) to enhance the accuracy and robustness of deception detection across a wide array of applications and settings. The research in this area must address several critical challenges in deception detection, including integrating non-verbal cues from multiple modalities (e.g., speech, facial expressions, gestures, image/video attachments) and considering linguistic variations across different languages. By developing a domain-independent approach, we call for creating a versatile approach that can be applied to diverse scenarios, from border security and criminal investigations to healthcare diagnostics and online content moderation.

This paper will present the theoretical foundations of multimodal multilingual deception detection through existing work and suggest the methodologies to be employed. We aim to open a new direction of research that will usher valuable insights into a comprehensive approach to deception detection that transcends linguistic and contextual boundaries, opening up new possibilities for enhancing trust, security, and decision-making across various domains.

History is replete with famous lies and deceptions. Examples include P. T. Barnum, Nicolo Machiavelli, Sun Tzu, Operation Mincemeat, and the Trojan Horse [18]. A chronology of deception is included in [18]. More recently, the proliferation of deceptive attacks such as fake news, phishing, and disinformation is rapidly eroding trust in Internet-dependent societies. The situation has deteriorated so much that 45% of the US population believes the 2020 US election was stolen.²²2https://www.surveymonkey.com/curiosity/axios-january-6-revisited.

Social media platforms have come under severe scrutiny regarding how they police content. Facebook and Google partner with independent fact-checking organizations that typically employ manual fact-checkers. Things will only get worse with the advent of Large Language Models, such as ChatGPT.

Natural-language processing (NLP) and machine learning (ML) researchers have joined the fight by designing fake news, phishing, and other types of domain-specific detectors. Building single-domain detectors may be suboptimal. Composing them sequentially requires more time, and composing them in parallel requires more hardware. Moreover, building single-domain detectors means one can only react to new forms of deception after they emerge. We aim to stimulate research on domain-independent deception. Unfortunately, research in this area is currently hampered by the lack of computational definitions and taxonomy, high-quality datasets, and systematic approaches to domain-independent deception detection. Thus, the results are neither generalizable nor reliable, leading to much confusion. By domain independence, we mean that deception can have many different goals and motivations, such as phishing, job scams, political lies, fake news, etc., not just different topical content For example, in previous work, researchers used “multi-domain” to refer to lies on abortion, the death penalty, or feelings about best friends (see related work in  [3]).

Below, we briefly survey some of the work that has been done on deception so far. Of course, there is a lot of work on phishing, fake news, etc., when considered in isolation. Still, there are hardly any works on identifying common patterns in different deceptive attacks and some have even claimed that there are no common linguistic cues of deception [11].

In the past few years, there have been several studies of applying computational methods to deal with deception detection in a single domain. For fake news, [4] used topic models and [12] used Bag of Words (BoW) and BERT [6] embedding. The state of the art (SOTA) in phishing detection has been dominated by classical supervised machine learning approaches and deep neural nets [8]. More recently, BERT [6], a character-level CNN, and sentence embeddings from Sentence-BERT (SBERT) [26] were used to find emails exhibiting psychological traits most dominant in phishing texts [31]. In detecting opinion spam and fake reviews, weakly supervised graph networks have been recently used with some success [21]. [9, 24, 20] used part-of-speech tags and context-free grammar parse trees, behavioral features, and spatial-temporal features, respectively. Neural network methods for spam detection consider the reviews as input without specific feature extraction. In [27], authors used a gated recurrent neural network to study the contextual information of review sentences. DRI-RCNN [38] used a recurrent network for learning the contextual information of the words in the reviews. Several studies on cross-domain deception detection have been published, as well [15, 28, 30]. Recently, a quality domain-independent deception dataset was introduced in [37], with the empirical evidence suggesting that large language models such as BERT and RoBERTa perform well on individual tasks when fine-tuned on a combination of out of domain deceptive texts. Closer to our stated goals, [36] created a multi-modal deception detection tool that used early deep learning models and word embeddings, although ultimately, the performance was not always robust and it lacked domain-independence capabilities. Finally, [10] propose a framework for evaluating the robustness of deception detection models across two domains (Twitter and Reddit), modalities (Text, images), and five languages.

The authors in [10] propose a framework to evaluate the robustness of deception detection models in two domains (Twitter and Reddit), modalities (text, images), and five languages (English, French, German, Russian, and Spanish) highlighting similar challenges. In our topic, we would like to extend the investigation further to include domain-independent deception instead of domain-specific models as discussed in [10].

In this section, we briefly discuss significant research challenges and point out future research opportunities. One of the main problems that makes this an open-ended idea is the fact that there is no consensus on the transferability of deceptive cues across domains, even within a single modality. For example, a recent review of deception literature [11] found unclear and contradictory results and concluded there was no evidence of deception’s stylistic trace. On the other hand, a more recent publication by [37] found evidence to the contrary insofar as DD within the text. Other substantial challenges include:

1. 1.

   Defining deception computationally. So far, deception has been defined using the intent of the deceiver, but the attacker is elusive in the real world, so intentions are impossible to access. We point the reader to [33] for a new definition and taxonomy.

2. 2.

   Giving a taxonomy for deception that is comprehensive and useful to guide further research. For example, the taxonomy should help build a quality general deception dataset and then generalized deception detection models. Making sure it is high quality can also be a challenge (but see [35, 5]).

3. 3.

   Finding a common basis for the different forms of deception.

4. 4.

   Finding common linguistic cues and invariants across the different forms of deception. Some evidence is reported in [33].

5. 5.

   Dealing with imbalanced data. Deceptive attacks, by their nature, would be targeted, e.g., spearphishing, or overly broad, such as spam or phishing. This gives rise to imbalanced scenarios. An adapter, Prexia, is reported in [2].

6. 6.

   Distributed nature. People and companies are uncomfortable sharing sensitive information, such as targeted attacks (spearphishing). Can we design models that can work with limited shared data?

7. 7.

   Human in the loop. Can the detector improve human ability? Can humans improve the detector’s ability with just a few examples? Or by providing access to his/her cognitive load through a sensor?

Ideally, we would achieve a deception detection model that does not need any labeled data to detect new attacks since it is based on invariants of deception. However, this may be too difficult a holy grail to achieve. Thus, success would be a detector that helps the human in the loop do significantly better at resisting attacks (e.g., a novice email user can detect quite sophisticated spearphishing attacks). If we can achieve this goal, then we can start researching the problem of building teachable detectors so that the human and the detector can improve each other.

In this section, we present a preliminary solution to address the problem outlined in this work. Our proposed approach leverages the power of advanced, large-scale, multilingual, and multimodal contextual learners, complemented by Retrieval Augmented Generation (RAG). It is important to note that this approach is just one of several promising avenues that warrant further exploration.

To lay the foundation for a potential solution, we initially focus on a single modality, namely text. In this configuration, we aim to create a system capable of identifying deceptive text in a domain-agnostic and multilingual context. To ensure the system’s relevance and effectiveness, we aim to imbue it with desirable attributes, including result explainability and robust zero to few-shot performance. To achieve these characteristics, a logical system design might involve the integration of an exceptionally large-scale language model that excels in contextual learning, such as Mistral [17]. This model can achieve superior performance in the task, regardless of the domain, and remains resilient in the face of diverse data distributions. To further enhance its explainability, the model can undergo instruction tuning, enabling it to deliver answers and elucidate its underlying reasoning.

To elevate its already outstanding zero to few-shot capabilities and achieve performance parity with fully fine-tuned specialized models in specific domains, it is advisable to augment the learner with a Retrieval Augmented Generation (RAG) infrastructure, as proposed by [19]. This design decision ensures the longevity of the system and its’ ability to stay up-to-date with current threats because it makes continuous finetuning unnecessary.

A standard RAG system’s high-level system design scheme is shown in Figure 1. It consists of mining-derived datasets indexed and stored in a vector database, accessed through FAISS [7] (Facebook AI Similarity Search) or any other approximate nearest neighbors algorithm optimized for searching large vector spaces. Combined with Retrieval-Augmented Generation (RAG) techniques [19], this infrastructure delivers critical context to enhance Mistral’s performance. This system design is a decision-making tool that detects deceptive text followed by a clear explanation of this decision. Moreover, enhancing the LLM input prompt with retrieved context guarantees the model has all the necessary information to generate a comprehensive response.

When presented with a single instance of a task, typically a query from a user, the steps in solving the problem (each step is referenced in Figure 1 as (1),(2),(3), or (4)) are:

1. 1.

   Create Initial Prompt: Starting with the user query.

2. 2.

   Augment Prompt with Retrieved Context: Merges the initial prompt with the context retrieved from the Vector Store, creating an enriched input for the LLM.

3. 3.

   Send Augmented Prompt to LLM: The LLM receives the enhanced prompt.

4. 4.

   Receive LLM’s Response: After processing the augmented prompt, it generates its response.

A multimodal LLM is necessary to extend this approach to multiple modalities, e.g., a unified multimodal model, or UnIVAL [32], which unifies text, images, video, and audio into a single model. Thus, it may be possible to use UnIVAL, or other multimodal models such as OPENAI’s CLIP⁴⁴4https://www.pinecone.io/learn/series/image-search/clip/, in place of a single-mode model like Mistral [17]. In addition, other components, such as RAG, may need to be adjusted as needed. However, most problems to be solved are in the engineering space.

From a research perspective, the main challenge in designing and implementing a functional system as described is model performance as a function of model size and the current lack of multimodal in-context learners that are large enough to perform satisfactorily. For text, we notice that models of 2-3B parameters score 0.25 or so on the HuggingFace LLM benchmark, 7B score 0.73, and 170B score 0.75; in other words, there is a massive jump from 3B to 7B parameters followed by a plateau. So, to have a truly intelligent model, it needs to be at least 7B for a single modality, as a rule of thumb - although it may be possible to bring this number down through quantization and other means. Multiple modalities may require larger models for similar performance. Currently, UnIVAL has only 0.25B parameters. Therefore, we hypothesize that such a system as we described would be made possible by an advance in models like UnIVAL - multimodal transformers that learn in context and have billions of parameters. Perhaps, Flamingo with 80B parameters [1] can help here.

In this paper, we introduce a new concept \sayMultilingual, Multimodal Domain-independence Deception Detection that unifies diverse investigations, creating a new paradigm for detecting deceitful behavior across languages and modalities. This innovative approach harmoniously connects previous research in multimodal and cross-lingual deception detection, paving the way for future breakthroughs. We discuss the research challenges related to this concept and also potential solutions.

Research partly supported by NSF grants 2210198 and 2244279, and ARO grants W911NF-20-1-0254 and W911NF-23-1-0191. Verma is the founder of Everest Cyber Security and Analytics, Inc.