TITLE:
Nonhomogeneous Risk Rank Analysis Method for Security Network System
AUTHORS:
Pubudu Kalpani Hitigala Kaluarachchilage, Chris P. Tsokos, Sasith M. Rajasooriya
KEYWORDS:
Markov Chain, Vulnerability, Non Homogeneous Risk Analysis, Network Security, Google Page Rank
JOURNAL NAME:
International Journal of Communications, Network and System Sciences,
Vol.12 No.1,
January
25,
2019
ABSTRACT: Security measures for a computer network system can be enhanced with better understanding the vulnerabilities and their behavior over the time. It is observed that the effects of vulnerabilities vary with the time over their life cycle. In the present study, we have presented a new methodology to assess the magnitude of the risk of a vulnerability as a “Risk Rank”. To derive this new methodology well known Markovian approach with a transition probability matrix is used including relevant risk factors for discovered and recorded vulnerabilities. However, in addition to observing the risk factor for each vulnerability individually we have introduced the concept of ranking vulnerabilities at a particular time taking a similar approach to Google Page Rank Algorithm. New methodology is exemplified using a simple model of computer network with three recorded vulnerabilities with their CVSS scores.