Urban Studies and Public Administration

Prioritizing on most critical weaknesses in a network system at the correct time is a very important role in network security administration. Due to the complexity and high unpredictability of exploitations it is hard to decide which vulnerabilities and which IP s are at the highest risk at a particular time. Present study proposes a new methodology that enables network administrators to rank vulnerabilities based on the probability of being exploited at a given time using the Markovian process. Markovian process allows us to iterate a transition probability matrix for a network system consisting identified or discovered vulnerabilities. This process result in a steady state with probabilities that a vulnerability will be exploited. Similar approach is used here to develop a risk rank model. Well known Google Page Rank Algorithm also uses a similar approach in estimating the probability of a web surfer reaching a particular webpage. Same concept can be used with several modifications to estimate and rank the risk level of each vulnerability in a network system. New methodology is presented with an example of a small network model with three vulnerabilities.