US 12,423,078 B2
Systems, methods and devices for device fingerprinting and automatic deployment of software in a computing network using a peer-to-peer approach
Nir Montag, Tel Aviv (IL); Ido Kotler, Tel Aviv (IL); Matan Mates, Tel Aviv (IL); Mike Vincent Petronaci, Wellesley, MA (US); Gustavo Ringel, Tel Aviv (IL); and Caleb Joshua Fenton, Union City, CA (US)
Assigned to Sentinel Labs Israel Ltd., Tel Aviv (IL)
Filed by Sentinel Labs Israel Ltd., Tel Aviv (IL)
Filed on Jul. 14, 2023, as Appl. No. 18/353,047.
Application 18/353,047 is a continuation of application No. 18/093,737, filed on Jan. 5, 2023, granted, now 11,748,083.
Application 18/093,737 is a continuation of application No. 17/471,822, filed on Sep. 10, 2021, granted, now 11,579,857, issued on Feb. 14, 2023.
Claims priority of provisional application 63/173,191, filed on Apr. 9, 2021.
Claims priority of provisional application 63/126,162, filed on Dec. 16, 2020.
Prior Publication US 2024/0069881 A1, Feb. 29, 2024
This patent is subject to a terminal disclaimer.
Int. Cl. G06F 9/445 (2018.01); G06F 8/60 (2018.01); H04L 9/40 (2022.01); H04L 67/00 (2022.01)
CPC G06F 8/60 (2013.01) [H04L 63/0876 (2013.01); H04L 63/168 (2013.01); H04L 67/34 (2013.01)] 22 Claims
OG exemplary drawing
 
1. A system for device fingerprinting, the system comprising:
one or more computer readable storage devices configured to store a plurality of computer executable instructions; and
one or more hardware computer processors in communication with the one or more computer readable storage devices and configured to execute the plurality of computer executable instructions in order to cause the system to:
collect, via one or more distributed software agents on one or more endpoint devices of a computer network, endpoint device data;
analyze, by the one or more distributed software agents or a central server, the endpoint device data to determine at least one of an operating system family and an operating system type of at least one of the one or more endpoint devices, wherein analyzing the endpoint device data comprises:
inputting the endpoint device data into a hierarchical machine learning model comprising:
a first layer, the first layer configured to classify each of the one or more endpoint devices into an operating system family classification; and
a second layer, the second layer configured to classify each of the one or more endpoint devices of a classified operating system family into an operating system type classification;
aggregate, by the one or more distributed software agents or the central server, the operating system family classification and the operating system type classification for each of the one or more endpoint devices to generate a device fingerprint for the respective endpoint device.