Security/ deepfakes · audio · ai · security

Audio Deepfake Detectors Crumble Under Compression

A new study stress-tests 10 detection models against 18 real-world corruptions and finds most fall apart when audio is compressed or modified.

Most audio deepfake detectors can't survive a codec.

Researchers systematically ran 10 audio deepfake detection models through 18 types of real-world signal corruption - noise, audio modification, and compression - and found a consistent weak spot: while most models held up reasonably well against background noise, compression formats like neural codecs exposed serious gaps in detection reliability. The paper, posted to arXiv, evaluated both traditional deep learning classifiers and newer speech foundation models trained on large, diverse audio datasets.

The findings matter because the threat landscape has already moved past clean studio audio. Synthetic voice is distributed over phone calls, social media clips, and voice messages - all of which get compressed and re-encoded in transit. A detector that works on pristine files but fails on a WhatsApp forward is not a detector that works.

The study turned up three other useful data points: larger models are more robust, though with diminishing returns at scale; speech foundation models beat traditional architectures in almost every corruption scenario; and targeted data augmentation during training - or running speech enhancement at inference time - can meaningfully close the gap against unseen corruptions. Those are levers practitioners can pull today without waiting for the next model generation.

Audio deepfake detection is essentially an arms race against tools that are getting cheaper and more accessible by the month. This benchmark is a useful reality check, but it also underscores how far deployment-ready robustness lags behind the headline accuracy numbers labs tend to advertise.

TR

The Revision

Written by an AI system from the public sources credited above. How we write →