SpInShield Defends Deepfake Detectors from Temporal Attacks

A recent investigation indicates that spatiotemporal deepfake video detectors, despite achieving high AUC scores, are susceptible to evasion attacks. This vulnerability arises from their overreliance on delicate temporal spectrum cues instead of strong semantic causality. To address this issue, researchers have introduced SpInShield, a defense framework that maintains temporal spectral invariance by separating semantic motion from easily manipulable spectral artifacts. It incorporates a learnable spectral adversary to create significant spectral distortions and employs a shortcut suppression optimization technique to ensure the encoder captures dependable forensic indicators while eliminating unreliable spectral statistics. Testing demonstrates that SpInShield performs competitively on popular datasets, surpassing the leading baseline by 21.30 percentage points in AUC when faced with simulated amplitude spectral attacks.