Exploiting Metaobjects to Reinforce Data Leakage Attacks.

Reflective features in modern programming languages allow programs to introspect and modify their own structures and behavior during runtime. As these self-referential capabilities are frequently adopted in practice, security of the reflective systems becomes crucial. In this paper, we explore an adversary against reflective systems with access to a data leakage channel, which has previously been considered impractical to pose a realistic threat. In particular, we show that a crucial component of reflection, referred to as metaobjects, can be exploited to reinforce these data leakage channels. We introduce a novel attack strategy that exploits certain metaobjects as in-memory gadgets to leak data in a selective and target-oriented manner, consequentially eliminating the unnecessary sampling procedures inevitable in naive data leakage attacks. Such approach significantly optimizes the data space subject to extraction, elevating the practicality of the underlying data leakage channel. As an instantiation of our strategy, we propose and demonstrate SMDL, a framework that exploits reflection to reinforce Meltdown-type attacks to steal valuable data from the victim’s memory. To demonstrate the efficacy of our attack, we implement SMDL against two different target applications, cryptographic library and deep learning service, and show that the secret key and neural network can be extracted with high accuracy and efficiency. Finally, we suggest metaobject obfuscation techniques to mitigate such exploitation.