Author(s)

Pubudu Kalpani Hitigala Kaluarachchilage^1*, Chris P. Tsokos², Sasith M. Rajasooriya³

¹Department of Mathematical and Physical Sciences, Miami University, Middletown, OH, USA.
²Department of Mathematics and Statistics, University of South Florida, Tampa, FL, USA.
³Department of Mathematics, University of Dayton, Dayton, OH, USA.

Security measures for a computer network system can be enhanced with better understanding the vulnerabilities and their behavior over the time. It is observed that the effects of vulnerabilities vary with the time over their life cycle. In the present study, we have presented a new methodology to assess the magnitude of the risk of a vulnerability as a “Risk Rank”. To derive this new methodology well known Markovian approach with a transition probability matrix is used including relevant risk factors for discovered and recorded vulnerabilities. However, in addition to observing the risk factor for each vulnerability individually we have introduced the concept of ranking vulnerabilities at a particular time taking a similar approach to Google Page Rank Algorithm. New methodology is exemplified using a simple model of computer network with three recorded vulnerabilities with their CVSS scores.

Markov Chain, Vulnerability, Non Homogeneous Risk Analysis, Network Security, Google Page Rank

Kaluarachchilage, P. , Tsokos, C. and Rajasooriya, S. (2019) Nonhomogeneous Risk Rank Analysis Method for Security Network System. International Journal of Communications, Network and System Sciences, 12, 1-10. doi: 10.4236/ijcns.2019.121001.