I dont know how stratum works at all, but the only solution I can think off that would be 100% watertight is changing the protocol in such a way that the miner can not know if his share solves a block or a not, and only the pool can determine that. Is that something thats even theoretically possible to implement?
Not without a Bitcoin hardfork. Miners inherently have to know if their hash solves a block, because they need to know if their hash meets the difficulty the pool expects. It's the same string of binary either way, one just has more 0-bits in front than the other.