We explore two strategies to protect application against prototype poisoning attacks. A first solution is to copy secured properties from the prototype to the base object, which prevents manipulation at the prototype level. A second solution is to freeze properties at the prototype level, preventing them from being changed or deleted. We prototype our solution in Guardia, which is an application-level security mechanism that uses security policies to con- trol access to resources.
To validate the correctness of these solutions, we conduct two experiments. One experiment is on a web application that does not use prototypes and is not vulnerable to these attacks. We adjust the source code to include prototypes for this. The other experiment is on another web application that has prototypes in its source code and is vulnerable to these attacks. We check if objects with prototypes that we secure cannot be attacked (i.e are tamper-proof) and if the security policies do not alter the application behaviour (i.e are transparent). We can conclude from these experiments that there is a transparency issue coming from one object but is related to the base Guardia implementation and not to our solution, hence our solution is both tamper-proof and transparent.
|Datum Prijs||sep 2018|
|Begeleider||Elisa Gonzalez Boix (Promotor), Angel Luis Scull Pupo (Advisor) & Jens Nicolay (Advisor)|