Abstract:
A sharp rise in terrorist activities has motivated many researchers to device techniques of
identification, analysis, detection, and prediction of terrorist activities using computing
techniques. Terrorists secretly structure themselves in organizations to be more effective.
Members in these organizations have to interact and communicate with others in order to plan
and carry out haronious acts of terrorism. The pattern of these interactions and communication
can reveal the secret structure of these organizations and can also help in predicting their plans
of undertaking these activities. The current research proposes to employ techniques for the
analysis of social networks to evaluate their applicability on these secretly formed and
structured networks. As it can be viewed from the definition of social network which is “A social
network is defined as a social collection made up of social actors like persons or organizations
and a compound set of links between these actors”. This definition entices us to view terrorist
networks as social networks to apply social network analysis to extract their inner structure in
form of useful knowledge. The inner structure would reveal the importance of each actor in the
network and can then be used for suggesting counter actions that can help in easy destabilization
of such organizations preventing them to carry out terrorist incidents. Based on our
investigation, we could formulate the fact that traditional social network analysis measures are
not directly relevant. This is because of their desires of hiding their intentions and links. Keeping
such considerations in mind, this thesis proposes a new measure “Relative Degree” for terrorist
network analysis. This thesis, builds on to this novel measure and the techniques for the analysis
of the network and presents a model to detect active status of the network using outlier detection
techniques on the communication/interaction or work patterns of these networks. An active state
of a terrorist group or network is defined as the state in which the group is either planning or is
already ready for execution on a worked out plan. The other state is passive, where the group is
dormant and not executing any activities. The thesis proposes a technique where a percentage of
communication is classified as outlier. These cases of outliers contain the active state of the
terrorist network if contained. The technique is validated on a privately held record of cyberattacks
on an ERP system. To make the novel tool comprehensive for use the thesis further
proposes a hybrid classifier for key player detection, This novel classifier has been tested on
various publicly available and a privately held dataset. The technique gives an average accuracy
5
of 91.98% on available datasets. The proposed technique out performed once compared with
individual classifiers.
The performance of the newly designed classifier is found satisfactory and up to the mark.
This thesis also proposes a novel Terrorist Group Prediction model. The model uses data
classification of globally available historical data relating to act of terrorism for predicting the
responsible terrorist group in a new incident. The classification is performed based on majority
vote. The different options for the voting are the outcome of an ensemble of classifiers. The
developed model is applied and tested on Global Terrorism Database (GTD), a publicly
available dataset containing data of terrorist incidents occurred since 1970 till 2013,
constructed by university of Maryland. The performance is calculated based on 10 fold
validation that uses 10% of the data for testing and 90% for training in ten different iterations.
The model achieves 93% accuracy that is the best accuracy once compared with the accuracies
of the individual classifiers in the ensemble. To the best of our knowledge no such classification
is performed on the dataset.