What Counts as Real? Speech Restoration and Voice Quality Conversion Pose New Challenges to Deepfake Detection

Audio anti-spoofing systems are typically formulated as binary classifiers distinguishing bona fide from spoofed speech. This assumption fails under layered generative processing, where benign transformations introduce distributional shifts that are misclassified as spoofing. We show that phonation-modifying voice conversion and speech restoration are treated as out-of-distribution despite preserving speaker authenticity. Using a multi-class setup separating bona fide, converted, spoofed, and converted-spoofed speech, we analyse model behaviour through self-supervised learning (SSL) embeddings and acoustic correlates. The benign transformations induce a drift in the SSL space, compressing bona fide and spoofed speech and reducing classifier separability. Reformulating anti-spoofing as a multi-class problem improves robustness to benign shifts while preserving spoof detection, suggesting binary systems model the distribution of raw speech rather than authenticity itself.

Key Contributions

• Demonstrates that binary audio anti-spoofing systems misclassify benign transformations (voice quality conversion, speech restoration) as spoofed despite preserving speaker authenticity
• Proposes 4-way classification framework (bona fide, converted, spoofed, converted-spoofed) that improves robustness to benign distributional shifts while maintaining spoof detection capability
• Releases dataset pairing bona fide audio with spoofed counterparts and benign-transformed versions across 10 TTS systems for benchmarking deepfake detectors

🛡️ Threat Analysis

Details

Similar Papers