Date Added: Jun 2010
Today's programs are implemented in a variety of languages and contain serious vulnerabilities which can be exploited to cause security breaches. These vulnerabilities have been exploited in real life and resulted in damages to related stakeholders such as program users. As most vulnerabilities belong to program code, many techniques have been applied to mitigate vulnerabilities before and after program deployment. Unfortunately, there is no comprehensive comparative analysis of different vulnerability mitigation works. As a result, there exists an obscure mapping between the techniques, the addressed vulnerabilities, and the limitations of different approaches. This paper attempts to address these issues. The paper extensively compares and contrasts the existing program security vulnerability mitigation (testing, static analysis, and hybrid analysis) and monitoring techniques.