Understanding the strengths and weaknesses of SSL models for audio deepfake model attribution

Abstract

Audio deepfake model attribution aims to mitigate the misuse of synthetic speech by identifying the source model responsible for generating a given audio sample, enabling accountability and informing vendors. The task is challenging, but self-supervised learning (SSL)-derived acoustic features have demonstrated state-of-the-art attribution capabilities, yet the underlying factors driving their success and the limits of their discriminative power remain unclear. In this paper, we systematically investigate how SSL-derived features capture architectural signatures in audio deepfakes. By controlling multiple dimensions of the audio generation process we reveal how subtle perturbations in model checkpoints, text prompts, vocoders, or speaker identity influence attribution. Our results provide new insights into the robustness, biases, and limitations of SSL-based deepfake attribution, highlighting both its strengths and vulnerabilities in realistic scenarios.

Figures (2)

• Figure 1: F1-scores for architecture and checkpoint attribution of the validation set as a function of $k$--number of neighbours.
• Figure 2: Baseline confusion matrices for each architecture. The orange highlight represents the pretrained (PT) model.