aircraft performance

At the end of each flight, firewall, avionics and operational data logs are downloaded and ingested into Exabeam and analyzed for anomalies by UEBA (User and Entity Behavior Analytics). For example, if engine performance numbers begin to deviate over time, or sensors report abnormal results, the tool escalates these anomalies to the airline's maintenance team. This allows the team to investigate the issue and take corrective action. This analysis helps us maintain large, aging airframes with different specifications for different aircraft makes and models.

Logistics and baggage handling

Abnormal baggage handling can reveal fraud. Consider a bag that is secretly checked into the baggage handling system by a malicious baggage handler after the passenger has boarded.

This additional bag may contain items for resale, such as rare decorations, or items subject to high customs duties. When an accomplice picks up this bag at the destination, the passenger may not know that their identity has been misrepresented, leaving the airline unaware that it has been exploited by criminals. Exabeam identifies this type of abuse by analyzing anomalous patterns from the activity logs of baggage handlers and the bag itself. This helps airlines effectively manage this risk.

Baggage Fraud

Ticket agents or baggage handlers with access and ticketing authority may use loopholes in the system to pocket excess baggage piece or weight charges paid by customers in cash. The agent enters "exemption" into the baggage handling system to cover up the crime. Using Exabeam's analytics capabilities, managers can be notified if a particular agent is issuing an unusually high number of waivers (relative to the baseline value of the waiver itself, or the behavior of the agent's colleagues) and You can alert them to investigate and resolve financial issues in your report.

Fraud regarding ticket agent's family

Many airlines allow employees and family members to board for free only if they are on the waitlist. In this scenario, an agent uses his or her privileges to upgrade a family member's ticket for free, moving it from the waitlist to reserved status. This frees the family from the hassles of waiting lists, such as not being able to secure a seat or having to change the itinerary. Exabeam detects these anomalous upgrades by modeling the normal activity and setting a baseline for normal behavior for both specific agents and their colleagues.

seat reservation

In this scenario, an airline employee travels by plane and wants to avoid the hassle of waiting to board. To do this, the employee books several seats on the desired flight, typically in first class. Shortly before departure, this unoccupied seat is released, and the employee gets a large seat, good food and wine as planned. Analytics can easily identify this fraud by identifying anomalous upgrades or bookings compared to other employees' normal behavioral standards.

All of the scenarios presented here show how Exabeam is used in an airline specific way, but it has broad applicability across a variety of industries. Machine learning and insights can help improve processes and track user and entity activity, customized for your industry. If your company already uses Exabeam, why not consider what you can do with that deployment?

ORION CASSETTO
Exabeam, Inc. Director, Product Marketing

video on demand

The threat is in full view! Realizing effective log analysis with machine learning
～What is Exabeam, the next-Next-Gen SIEM Platform Exabeam?～

As targeted attacks and internal fraud continue to increase in recent years, an increasing number of companies are building mechanisms (such as SIEM) to correlate and analyze logs from multiple security products in order to implement appropriate security operations. . This is because it is difficult to visualize the impact of each incident using only the logs of security products that have already been installed, and threats may be overlooked. However, building such a system requires security-related knowledge, analytical know-how, and ideas. In this seminar, we will introduce “Exabeam” which realizes log analysis by UEBA (User Entity Behavior Analytics) technology and efficiency of conventional SIEM operation.

Click here to watch