Emerging Tech

Blog archive
aftermath of bombing (Prometheus72 / Shutterstock.com)

Predicting suicide attacks by analyzing similarities

Terrorists long used social media to communicate and even to plan attacks -- until they eventually realized that governments had learned to monitor and analyze such use of social media. They have since turned to other encrypted channels and to non-digital communications.

Researchers at Binghamton University in New York have proposed a new way to apply big data tools and network analytics to process data collected from past incidents and to detect patterns that can predict future suicide attacks.

Dubbed NEPAR -- the Networked Pattern Recognition Framework -- the system combines data mining techniques with network analysis. It takes in data from public and private sources, detects features and patterns in the attacks themselves and uses them to predict not only the characteristics of future attacks, but timing and location as well.

“We have to understand how they think,” said Sahil Tutun, a doctoral candidate at Binghamton. “We focus on the spatial and tactical relationships [use of suicide vests, vehicles, hostages) rather than the relationships between individuals in a terrorist group. If a strategy works, they keep using it.  If it doesn't, they change strategies.”  For government officials, that means that if a terrorist attack can be stopped in Baghdad, similarly planned attacks may not become operational.

Tatun and his team applied NEPAR to more than 150,000 terrorist attacks between 1970 and 2015 in Iraq, extracting data on dozens of features, such as the attack location, time of day, weapon types, attack types, targets, number of victims and security measures in place at the targets.

The idea, Tatun said, is to predict the locations and times where terrorist events are likely to occur and secure them.  “If the government has information that an event will take place in one area, the framework works to define patterns and relations from past events so that counter-terrorism units know what to expect and defend against,” he said. Is it likely to be an attack by a lone terrorist wearing a suicide vest and walking on foot?  Or a coordinated attack by a group of terrorists carrying automatic weapons and targeting a shopping mall?  That’s what NEPAR is designed to detect, he said.

Tatun, who is working on the project with two senior advisers in industrial and systems engineering -- Mohammad T. Khasawneh from Binghamton, and Jun Zhuang from University of Buffalo -- said that while network analytics has been used to detect fraud and other crimes, “it has been used mostly for prosecution rather than prevention.”  NEPAR is designed to use those tools to prevent acts of terror, or at least to reduce the impact of acts to do occur.

Tatun said the system is based on the idea that terrorist groups learn from one another as to what types of attacks work.  “When a type of attack fails, they stop doing it,” he said.  So NEPAR is constantly on the outlook for changes in the patterns.

The vast majority of the data and modeling was based on suicide attacks in Iraq, which has struggled to deal with seemingly random bombings. If NEPAR can work for Iraq, Tatun said, then “we can use it for another countries easily.” 

Applying NEPAR in “blind” studies using past data events, it was reportedly able to predict the characteristics of an attack with more than 90 percent accuracy.

Posted by Patrick Marshall on Mar 17, 2017 at 1:21 PM


  • Comment
    customer experience (garagestock/Shutterstock.com)

    Leveraging the TMF to improve customer experience

    Focusing on customer experience as part of the Technology Modernization Fund investment strategy will enable agencies to improve service and build trust in government.

  • FCW Perspectives
    zero trust network

    Why zero trust is having a moment

    Improved technologies and growing threats have agencies actively pursuing dynamic and context-driven security.

Stay Connected