Given a poorly documented neural network model, we take the perspective of a forensic investigator who wants to find out the model's data domain (e.g. whether on face images or traffic signs). Although existing methods such as membership inference and model inversion can be used to uncover some information about an unknown model, they still require knowledge of the data domain to start with. In this paper, we propose solving this problem by leveraging on comprehensive corpus such as ImageNet to select a meaningful distribution that is close to the original training distribution and leads to high performance in follow-up investigations. The corpus comprises two components, a large dataset of samples and meta information such as hierarchical structure and textual information on the samples. Our goal is to select a set of samples from the corpus for the given model. The core of our method is an objective function that considers two criteria on the selected samples: the model functional properties (derived from the dataset), and semantics (derived from the metadata). We also give an algorithm to efficiently search the large space of all possible subsets w.r.t. the objective function. Experimentation results show that the proposed method is effective. For example, cloning a given model (originally trained with CIFAR-10) by using Caltech 101 can achieve 45.5% accuracy. By using datasets selected by our method, the accuracy is improved to 72.0%.

翻译：给定一个文档记录不全的神经网络模型，我们从取证调查员的角度出发，旨在探明该模型的数据域（例如，是针对人脸图像还是交通标志）。尽管现有方法（如成员推断和模型反演）可用于揭示未知模型的某些信息，但它们仍需预先知晓数据域。本文提出通过利用如ImageNet等综合性语料库，为给定模型选择与原始训练分布相近的有意义分布，从而提升后续调查性能。该语料库包含两大组成部分：大型样本数据集，以及样本的层次结构和文本信息等元数据。我们的目标是从语料库中为给定模型筛选出一组样本。方法核心在于构建一个目标函数，该函数统筹考虑两个筛选标准：模型功能特性（源自数据集）与语义特性（源自元数据）。同时，我们提出了一种高效搜索算法，可在所有可能子集构成的巨大空间中依据目标函数进行寻优。实验结果表明，所提方法效果显著：例如，使用Caltech-101数据集对原基于CIFAR-10训练的模型进行克隆，准确率仅达45.5%；而采用本方法筛选的数据集后，准确率提升至72.0%。