Analysis, Event and Group Prediction of Terrorist Networks using Computing Techniques

Abstract

A sharp rise in terrorist activities has motivated many researchers to device techniques of identification, analysis, detection, and prediction of terrorist activities using computing techniques. Terrorists secretly structure themselves in organizations to be more effective. Members in these organizations have to interact and communicate with others in order to plan and carry out haronious acts of terrorism. The pattern of these interactions and communication can reveal the secret structure of these organizations and can also help in predicting their plans of undertaking these activities. The current research proposes to employ techniques for the analysis of social networks to evaluate their applicability on these secretly formed and structured networks. As it can be viewed from the definition of social network which is “A social network is defined as a social collection made up of social actors like persons or organizations and a compound set of links between these actors”. This definition entices us to view terrorist networks as social networks to apply social network analysis to extract their inner structure in form of useful knowledge. The inner structure would reveal the importance of each actor in the network and can then be used for suggesting counter actions that can help in easy destabilization of such organizations preventing them to carry out terrorist incidents. Based on our investigation, we could formulate the fact that traditional social network analysis measures are not directly relevant. This is because of their desires of hiding their intentions and links. Keeping such considerations in mind, this thesis proposes a new measure “Relative Degree” for terrorist network analysis. This thesis, builds on to this novel measure and the techniques for the analysis of the network and presents a model to detect active status of the network using outlier detection techniques on the communication/interaction or work patterns of these networks. An active state of a terrorist group or network is defined as the state in which the group is either planning or is already ready for execution on a worked out plan. The other state is passive, where the group is dormant and not executing any activities. The thesis proposes a technique where a percentage of communication is classified as outlier. These cases of outliers contain the active state of the terrorist network if contained. The technique is validated on a privately held record of cyberattacks on an ERP system. To make the novel tool comprehensive for use the thesis further proposes a hybrid classifier for key player detection, This novel classifier has been tested on various publicly available and a privately held dataset. The technique gives an average accuracy 5 of 91.98% on available datasets. The proposed technique out performed once compared with individual classifiers. The performance of the newly designed classifier is found satisfactory and up to the mark. This thesis also proposes a novel Terrorist Group Prediction model. The model uses data classification of globally available historical data relating to act of terrorism for predicting the responsible terrorist group in a new incident. The classification is performed based on majority vote. The different options for the voting are the outcome of an ensemble of classifiers. The developed model is applied and tested on Global Terrorism Database (GTD), a publicly available dataset containing data of terrorist incidents occurred since 1970 till 2013, constructed by university of Maryland. The performance is calculated based on 10 fold validation that uses 10% of the data for testing and 90% for training in ten different iterations. The model achieves 93% accuracy that is the best accuracy once compared with the accuracies of the individual classifiers in the ensemble. To the best of our knowledge no such classification is performed on the dataset.