SecuriFly: Runtime Protection and Recovery from Web Application Vulnerabilities

This reports presents a runtime solution to a range of Web application security vulnerabilities. The solution we proposes called SecuriFly consists of instrumenting the application to precisely track the flow of data. When a potential vulnerability is observed, the application is either terminated to prevent the vulnerability from being exploited or special recovery code is executed and the application is allowed to continue on running. We have used SecuriFly to harden and experiment with a range of large open-source benchmarks written in Java. Protection provided by SecuriFly was sufficient to protect against all exploits we were able to generate.