ML Security PapersRevisiting Deepfake Detection: Chronological Continual Learning and the Limits of Generalization
Federico Fontana 1, Anxhelo Diko 1, Romeo Lanzino 1, Marco Raoul Marini 1, Bachir Kaddar 2, Gian Luca Foresti 3, Luigi Cinque 1
Published on arXiv
2509.07993
Output Integrity Attack
OWASP ML Top 10 — ML09
Key Finding
Continual learning enables 155x faster adaptation than full retraining with strong historical retention, but generalization to future deepfake generators remains near-random (FWT-AUC ≈ 0.5) regardless of method.
C-AUC / FWT-AUC
Novel technique introduced
The rapid evolution of deepfake generation technologies poses critical challenges for detection systems, as non-continual learning methods demand frequent and expensive retraining. We reframe deepfake detection (DFD) as a Continual Learning (CL) problem, proposing an efficient framework that incrementally adapts to emerging visual manipulation techniques while retaining knowledge of past generators. Our framework, unlike prior approaches that rely on unreal simulation sequences, simulates the real-world chronological evolution of deepfake technologies in extended periods across 7 years. Simultaneously, our framework builds upon lightweight visual backbones to allow for the real-time performance of DFD systems. Additionally, we contribute two novel metrics: Continual AUC (C-AUC) for historical performance and Forward Transfer AUC (FWT-AUC) for future generalization. Through extensive experimentation (over 600 simulations), we empirically demonstrate that while efficient adaptation (+155 times faster than full retraining) and robust retention of historical knowledge is possible, the generalization of current approaches to future generators without additional training remains near-random (FWT-AUC $\approx$ 0.5) due to the unique imprint characterizing each existing generator. Such observations are the foundation of our newly proposed Non-Universal Deepfake Distribution Hypothesis. \textbf{Code will be released upon acceptance.}
Key Contributions
- Continual learning framework for deepfake detection that simulates the real-world chronological evolution of 7 years of deepfake generators, enabling efficient incremental adaptation without full retraining
- Two novel evaluation metrics: Continual AUC (C-AUC) for historical retention and Forward Transfer AUC (FWT-AUC) for future generalization, evaluated across 600+ simulations
- Non-Universal Deepfake Distribution Hypothesis: empirical finding that current approaches fail to generalize to unseen future generators (FWT-AUC ≈ 0.5) due to unique generator-specific imprints
🛡️ Threat Analysis
Deepfake detection is AI-generated content detection — a canonical ML09 output integrity problem. The paper proposes novel detection methodology (continual learning framework), evaluation metrics (C-AUC, FWT-AUC), and an empirical hypothesis about the limits of deepfake detector generalization.