System and method for resolving operating system or service identity conflicts
First Claim
Patent Images
1. A system, comprising:
- a processor device configured to;
receive reports of operating system identities for a single host;
determine a report-type of each of the reports, wherein a report-type is a type of fingerprinting method used to generate the reports;
add together the operating system identities in the reports which have a same report-type to provide, for each of different report-types, a single additive report of operating system identities;
determine which of the operating system identities are an intersection of the reported operating system identities in the single additive reports of the different report-types; and
assign the intersection of the reported operating system identities of the single additive reports of the different report-types as a resolved operating system identity,whereinone report of operating systems is one set of plural different operating system identities to which one host fingerprint maps, andthe intersection of the reported operating system identities is calculated as a set intersection among the operating system identities of the single additive reports for the different report-types for the single host.
3 Assignments
0 Petitions
Accused Products
Abstract
A system includes a processor device. The processor device is configured to receive reports of operating system identities for a single host; determine which of the operating system identities are an intersection of the reported operating system identities; and assign the intersection of the reported operating system identities as a resolved operating system identity.
233 Citations
17 Claims
-
1. A system, comprising:
-
a processor device configured to; receive reports of operating system identities for a single host; determine a report-type of each of the reports, wherein a report-type is a type of fingerprinting method used to generate the reports; add together the operating system identities in the reports which have a same report-type to provide, for each of different report-types, a single additive report of operating system identities; determine which of the operating system identities are an intersection of the reported operating system identities in the single additive reports of the different report-types; and assign the intersection of the reported operating system identities of the single additive reports of the different report-types as a resolved operating system identity, wherein one report of operating systems is one set of plural different operating system identities to which one host fingerprint maps, and the intersection of the reported operating system identities is calculated as a set intersection among the operating system identities of the single additive reports for the different report-types for the single host. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method, comprising:
-
in a processor device, receiving reports of operating system identities for a single host; in the processor device, determining a report-type of each of the reports, wherein a report-type is a type of fingerprinting method used to generate the reports; in the processor device, adding together the operating system identities in the reports have a same report-type to provide, for each of different report-types, a single additive report of operating system identities; in the processor device, determining which of the operating system identities are an intersection of the reported operating system identities in the single additive reports of the different report-types; and assigning the intersection of the reported operating system identities of the single additive reports of the different report-types as a resolved operating system identity, wherein one report of operating systems is one set of plural different operating system identities to which one host fingerprint maps, and the intersection of the reported operating system identities is calculated as a set intersection among the operating system identities of the single additive reports for the different report-types for the single host. - View Dependent Claims (7, 8, 9, 10, 11, 12)
-
-
13. A non-transitory computer-readable storage medium comprising computer-executable instructions for performing the steps of:
-
in a processor device, receiving reports of service identities for a single host; in the processor device, determining a report-type of each of the reports, wherein a report-type is a type of fingerprinting method used to generate the reports; in the processor device, adding together the service identities in the reports which have a same report-type to provide, for each of different report-types, a single additive report of service identities; in the processor device, determining which of the service identities are an intersection of the reported service identities in the single additive reports of the different report-types; and assigning the intersection of the reported service identities of the single additive reports of the different report-types as a resolved service identity, wherein one report of service identities is one set of plural different service identities to which one host fingerprint maps, and the intersection of the reported service identities is calculated as a set intersection among the service identities of the single additive reports for the different report-types for the single host. - View Dependent Claims (14, 15, 16, 17)
-
Specification