Reflective features in modern programming languages allow programs to introspect and modify their own structures and behavior during runtime. As these self-referential capabilities are frequently adopted in practice, security of the reflective systems becomes crucial. In this paper, we explore an adversary against reflective systems with access to a data leakage channel, which has previously been considered impractical to pose a realistic threat. In particular, we show that a crucial component of reflection, referred to as metaobjects, can be exploited to reinforce these data leakage channels. We introduce a novel attack strategy that exploits certain metaobjects as in-memory gadgets to leak data in a selective and target-oriented manner, consequentially eliminating the unnecessary sampling procedures inevitable in naive data leakage attacks. Such approach significantly optimizes the data space subject to extraction, elevating the practicality of the underlying data leakage channel. As an instantiation of our strategy, we propose and demonstrate SMDL, a framework that exploits reflection to reinforce Meltdown-type attacks to steal valuable data from the victim's memory. To demonstrate the efficacy of our attack, we implement SMDL against two different target applications, cryptographic library and deep learning service, and show that the secret key and neural network can be extracted with high accuracy and efficiency. Finally, we suggest metaobject obfuscation techniques to mitigate such exploitation.
|Title of host publication
|Proceedings of 25th International Symposium on Researchin Attacks, Intrusions and Defenses, RAID 2022
|Association for Computing Machinery
|Number of pages
|Published - 2022 Oct 26
|25th International Symposium on Researchin Attacks, Intrusions and Defenses, RAID 2022 - Limassol, Cyprus
Duration: 2022 Oct 26 → 2022 Oct 28
|ACM International Conference Proceeding Series
|25th International Symposium on Researchin Attacks, Intrusions and Defenses, RAID 2022
|22/10/26 → 22/10/28
Bibliographical noteFunding Information:
This work was supported by IITP grant funded by the MSIT, Korea (No. 2019-0-00533, IITP-2022-2020-0-01819, IITP-2022-2021-0-01810) and Basic Science Research Program through the National Research Foundation funded by the Ministry of Education, Korea (NRF-2021R1A6A1A13044830).
© 2022 ACM.
- memory disclosure
- reflective programming
ASJC Scopus subject areas
- Human-Computer Interaction
- Computer Vision and Pattern Recognition
- Computer Networks and Communications