In this paper, we present the framework MONGT, to aid administrators to manage monitoring properties in an automated fashion in order to detect and define defense strategies against possible networking attacks.
In particular, we propose a novel game theory based approach to reason whether the system is behaving as expected (based on the notion of Nash equilibrium). The framework requires input from KPI deployed in the system (i.e., CPU load), and may dynamically decide to add more monitors to the system in order to diagnose any eventual problem.
This dynamic deployment of monitors takes place when the equilibrium is broken. Furthermore, after diagnosing the problem, the framework has a set of strategies to restore the equilibrium for the system under test. In addition to introduce the MONGT, we present a case study to show the applicability and usefulness of our framework.