defense 2025

Generalizable Speech Deepfake Detection via Information Bottleneck Enhanced Adversarial Alignment

Pu Huang 1, Shouguang Wang 1, Siya Yao 1, Mengchu Zhou 1,2

1 Zhejiang Gongshang University

2 New Jersey Institute of Technology

0 citations · 29 references · arXiv
α

Published on arXiv

2509.23618

Output Integrity Attack

OWASP ML Top 10 — ML09

Key Finding

IB-CAAN consistently outperforms baseline detectors and achieves state-of-the-art results on multiple speech deepfake detection benchmarks by learning attack-invariant discriminative features

IB-CAAN

Novel technique introduced

Neural speech synthesis techniques have enabled highly realistic speech deepfakes, posing major security risks. Speech deepfake detection is challenging due to distribution shifts across spoofing methods and variability in speakers, channels, and recording conditions. We explore learning shared discriminative features as a path to robust detection and propose Information Bottleneck enhanced Confidence-Aware Adversarial Network (IB-CAAN). Confidence-guided adversarial alignment adaptively suppresses attack-specific artifacts without erasing discriminative cues, while the information bottleneck removes nuisance variability to preserve transferable features. Experiments on ASVspoof 2019/2021, ASVspoof 5, and In-the-Wild demonstrate that IB-CAAN consistently outperforms baseline and achieves state-of-the-art performance on many benchmarks.

Key Contributions

  • Formalizes speech deepfake detection as a dual distribution shift problem (covariate shift + concept shift) and proposes attack-invariant feature learning as the solution
  • Proposes IB-CAAN: confidence-guided adversarial alignment that selectively suppresses attack-specific artifacts while preserving discriminative cues, combined with an information bottleneck to compress nuisance variability
  • Achieves state-of-the-art performance on ASVspoof 2019/2021, ASVspoof 5, and In-the-Wild benchmarks, demonstrating improved generalization to unseen spoofing methods

🛡️ Threat Analysis

Output Integrity Attack

Proposes a novel AI-generated content detection architecture (IB-CAAN) specifically for detecting synthetic/deepfake speech — directly addresses output integrity and authenticity of AI-generated audio content.

Details

Domains
audio
Model Types
transformer
Threat Tags
inference_time
Datasets
ASVspoof 2019ASVspoof 2021ASVspoof 5In-the-Wild
Applications
speech deepfake detectionautomatic speaker verification
Read PDF arXiv DOI

Similar Papers

defense

Fake-Mamba: Real-Time Speech Deepfake Detection Using Bidirectional Mamba as Self-Attention's Alternative

2025 0 cit.
Output Integrity Attack
100%
defense

Generalizable Audio Spoofing Detection using Non-Semantic Representations

2025 0 cit.
Output Integrity Attack
100%
defense

Segment Transformer: AI-Generated Music Detection via Music Structural Analysis

2025 0 cit.
Output Integrity Attack
100%
defense

Fusion Segment Transformer: Bi-Directional Attention Guided Fusion Network for AI-Generated Music Detection

2026 0 cit.
Output Integrity Attack
100%
defense

QAMO: Quality-aware Multi-centroid One-class Learning For Speech Deepfake Detection

2025 0 cit.
Output Integrity Attack
100%
defense

SONAR: Spectral-Contrastive Audio Residuals for Generalizable Deepfake Detection

2025 0 cit.
Output Integrity Attack
100%
defense

Deepfake Word Detection by Next-token Prediction using Fine-tuned Whisper

2026 0 cit.
Output Integrity Attack
100%
defense

XLSR-Kanformer: A KAN-Intergrated model for Synthetic Speech Detection

2025 1 cit.
Output Integrity Attack
100%