Hidden Markov models for the activity profile of terrorist groups

The main focus of this work is on developing models for the activity profile of a terrorist group, detecting sudden spurts and downfalls in this profile, and, in general, tracking it over a period of time. Toward this goal, a $d$-state hidden Markov model (HMM) that captures the latent states underlying the dynamics of the group and thus its activity profile is developed. The simplest setting of $d=2$ corresponds to the case where the dynamics are coarsely quantized as Active and Inactive, respectively. A state estimation strategy that exploits the underlying HMM structure is then developed for spurt detection and tracking. This strategy is shown to track even nonpersistent changes that last only for a short duration at the cost of learning the underlying model. Case studies with real terrorism data from open-source databases are provided to illustrate the performance of the proposed methodology.Comment: Published in at http://dx.doi.org/10.1214/13-AOAS682 the Annals of Applied Statistics (http://www.imstat.org/aoas/) by the Institute of Mathematical Statistics (http://www.imstat.org

ON META-NETWORKS, DEEP LEARNING, TIME AND JIHADISM

Il terrorismo di stampo jihadista rappresenta una minaccia per la società e una sfida per gli scienziati interessati a comprenderne la complessità. Questa complessità richiede costantemente nuovi sviluppi in termini di ricerca sul terrorismo. Migliorare la conoscenza empirica rispetto a tale fenomeno può potenzialmente contribuire a sviluppare applicazioni concrete e, in ultima istanza, a prevenire danni all’uomo. In considerazione di tali aspetti, questa tesi presenta un nuovo quadro metodologico che integra scienza delle reti, modelli stocastici e apprendimento profondo per far luce sul terrorismo jihadista sia a livello esplicativo che predittivo. In particolare, questo lavoro compara e analizza le organizzazioni jihadiste più attive a livello mondiale (ovvero lo Stato Islamico, i Talebani, Al Qaeda, Boko Haram e Al Shabaab) per studiarne i pattern comportamentali e predirne le future azioni. Attraverso un impianto teorico che si poggia sulla concentrazione spaziale del crimine e sulle prospettive strategiche del comportamento terroristico, questa tesi persegue tre obiettivi collegati utilizzando altrettante tecniche ibride. In primo luogo, verrà esplorata la complessità operativa delle organizzazioni jihadiste attraverso l’analisi di matrici stocastiche di transizione e verrà presentato un nuovo coefficiente, denominato “Normalized Transition Similarity”, che misura la somiglianza fra paia di gruppi in termini di dinamiche operative. In secondo luogo, i processi stocastici di Hawkes aiuteranno a testare la presenza di meccanismi di dipendenza temporale all’interno delle più comuni sotto-sequenze strategiche di ciascun gruppo. Infine, il framework integrerà la meta-reti complesse e l’apprendimento profondo per classificare e prevedere i target a maggiore rischio di essere colpiti dalle organizzazioni jihadiste durante i loro futuri attacchi. Per quanto riguarda i risultati, le matrici stocastiche di transizione mostrano che i gruppi terroristici possiedono un ricco e complesso repertorio di combinazioni in termini di armi e obiettivi. Inoltre, i processi di Hawkes indicano la presenza di diffusa self-excitability nelle sequenze di eventi. Infine, i modelli predittivi che sfruttano la flessibilità delle serie temporali derivanti da grafi dinamici e le reti neurali Long Short-Term Memory forniscono risultati promettenti rispetto ai target più a rischio. Nel complesso, questo lavoro ambisce a dimostrare come connessioni astratte e nascoste fra eventi possano essere fondamentali nel rivelare le meccaniche del comportamento jihadista e come processi memory-like (ovvero molteplici comportamenti ricorrenti, interconnessi e non randomici) possano risultare estremamente utili nel comprendere le modalità attraverso cui tali organizzazioni operano.Jihadist terrorism represents a global threat for societies and a challenge for scientists interested in understanding its complexity. This complexity continuously calls for developments in terrorism research. Enhancing the empirical knowledge on the phenomenon can potentially contribute to developing concrete real-world applications and, ultimately, to the prevention of societal damages. In light of these aspects, this work presents a novel methodological framework that integrates network science, mathematical modeling, and deep learning to shed light on jihadism, both at the explanatory and predictive levels. Specifically, this dissertation will compare and analyze the world's most active jihadist terrorist organizations (i.e. The Islamic State, the Taliban, Al Qaeda, Boko Haram, and Al Shabaab) to investigate their behavioral patterns and forecast their future actions. Building upon a theoretical framework that relies on the spatial concentration of terrorist violence and the strategic perspective of terrorist behavior, this dissertation will pursue three linked tasks, employing as many hybrid techniques. Firstly, explore the operational complexity of jihadist organizations using stochastic transition matrices and present Normalized Transition Similarity, a novel coefficient of pairwise similarity in terms of strategic behavior. Secondly, investigate the presence of time-dependent dynamics in attack sequences using Hawkes point processes. Thirdly, integrate complex meta-networks and deep learning to rank and forecast most probable future targets attacked by the jihadist groups. Concerning the results, stochastic transition matrices show that terrorist groups possess a complex repertoire of combinations in the use of weapons and targets. Furthermore, Hawkes models indicate the diffused presence of self-excitability in attack sequences. Finally, forecasting models that exploit the flexibility of graph-derived time series and Long Short-Term Memory networks provide promising results in terms of correct predictions of most likely terrorist targets. Overall, this research seeks to reveal how hidden abstract connections between events can be exploited to unveil jihadist mechanics and how memory-like processes (i.e. multiple non-random parallel and interconnected recurrent behaviors) might illuminate the way in which these groups act

Dynamic Security Risk Evaluation via Hybrid Bayesian Risk Graph in Cyber-Physical Social Systems

© 2014 IEEE. Cyber-physical social system (CPSS) plays an important role in both the modern lifestyle and business models, which significantly changes the way we interact with the physical world. The increasing influence of cyber systems and social networks is also a high risk for security threats. The objective of this paper is to investigate associated risks in CPSS, and a hybrid Bayesian risk graph (HBRG) model is proposed to analyze the temporal attack activity patterns in dynamic cyber-physical social networks. In the proposed approach, a hidden Markov model is introduced to model the dynamic influence of activities, which then be mapped into a Bayesian risks graph (BRG) model that can evaluate the risk propagation in a layered risk architecture. Our numerical studies demonstrate that the framework can model and evaluate risks of user activity patterns that expose to CPSSs

Concept Relation Discovery and Innovation Enabling Technology (CORDIET)

Concept Relation Discovery and Innovation Enabling Technology (CORDIET), is a toolbox for gaining new knowledge from unstructured text data. At the core of CORDIET is the C-K theory which captures the essential elements of innovation. The tool uses Formal Concept Analysis (FCA), Emergent Self Organizing Maps (ESOM) and Hidden Markov Models (HMM) as main artifacts in the analysis process. The user can define temporal, text mining and compound attributes. The text mining attributes are used to analyze the unstructured text in documents, the temporal attributes use these document's timestamps for analysis. The compound attributes are XML rules based on text mining and temporal attributes. The user can cluster objects with object-cluster rules and can chop the data in pieces with segmentation rules. The artifacts are optimized for efficient data analysis; object labels in the FCA lattice and ESOM map contain an URL on which the user can click to open the selected document

A survey of statistical network models

Networks are ubiquitous in science and have become a focal point for discussion in everyday life. Formal statistical models for the analysis of network data have emerged as a major topic of interest in diverse areas of study, and most of these involve a form of graphical representation. Probability models on graphs date back to 1959. Along with empirical studies in social psychology and sociology from the 1960s, these early works generated an active network community and a substantial literature in the 1970s. This effort moved into the statistical literature in the late 1970s and 1980s, and the past decade has seen a burgeoning network literature in statistical physics and computer science. The growth of the World Wide Web and the emergence of online networking communities such as Facebook, MySpace, and LinkedIn, and a host of more specialized professional network communities has intensified interest in the study of networks and network data. Our goal in this review is to provide the reader with an entry point to this burgeoning literature. We begin with an overview of the historical development of statistical network modeling and then we introduce a number of examples that have been studied in the network literature. Our subsequent discussion focuses on a number of prominent static and dynamic network models and their interconnections. We emphasize formal model descriptions, and pay special attention to the interpretation of parameters and their estimation. We end with a description of some open problems and challenges for machine learning and statistics.Comment: 96 pages, 14 figures, 333 reference