How ‘Game of Thrones’ Will Predict the Next Bin Laden

Egyptian Salafis hold posters of former al-Qaeda leader Osama Bin Laden in front of security headquarters in Cairo, Egypt.

Amr Nabil/AP

AA Font size + Print

Egyptian Salafis hold posters of former al-Qaeda leader Osama Bin Laden in front of security headquarters in Cairo, Egypt.

Targeting the next terrorist mastermind is a lot like a close watch of 'Game of Thrones.' By Patrick Tucker

How do you predict the terror leader of the future?

In sort of the same way you can predict what happens next on Game of Thrones, applied statistics. A research team from the University of Maryland has devised a system to predict the top three players (out of hundreds) most likely to become the new leader of a given terror group when you remove the person in charge. The method also predicts whether the terror group will become more dangerous after the succession or less so and how the terror network will evolve as a result.

University of Maryland computer scientists V.S. Subrahmanian, Francesca Spezzano, and Aaron Mannes call their method Shaping Terrorist Organization Network Efficiency or STONE. They published their findings in the August 2014 issue of Communications of the ACM.

Using carefully cultivated open-source data on four terrorist networks, al-Qaeda, Hamas, Hezbollah, and Lashkar-e-Taiba (the group associated with the 2008 terror attacks in Mumbai), they looked to explain how the removal of specific individuals would change the group in order to predict who would rise in the organization if that leader was removed. Some of the variables include the role that the leader plays, such as fundraiser, spiritual leader or recruiter; how dangerous he was on the basis of hostility and capability; and the potential for retaliation in the event that he was taken out.

This application of statistical weights and measures to group dynamics is called network theory. It’s the sort of analysis that the Facebook Data Science team is constantly undertaking to see how people influence one another on the site, such as which of your friends can influence whether you like specific products and brands.

In large groups with hierarchical structures, traditional network theory puts a very high emphasis on what’s called centrality, the influence of the centermost node, i.e. the terror leader and his closest affiliations. “Identifying key actors in networks has been studied extensively using centrality measures,” they write. But according to Subrahmanian, fixating on centrality to the exclusion of other potential dynamics is particularly problematic when analyzing terror networks because these networks are too dynamic.

So what are the variables that indicate who rises to be king terrorist when the leader is removed? It’s a combination of influence, connectedness (captured by a clustering co-efficient score) and rank.

Just like in Game of Thrones, ascension in terror networks is too often over-determined by rank rather than other leadership criteria. “The rank of the person in the organization played a more important role than I expected,” said Subrahmanian.

That conclusion may seem intuitive, but it’s why analyzing other network variables, and how a given terror group evolves when leader is taken out, is so important. Too often, governments and anti-terror forces overestimate the damage that they can cause a terrorist group by removing a leader. They don’t consider the possibility of a terror group actually growing stronger with its leader removed. “Removal of incompetent leaders can actually lead to a more lethal organization…or if he is competent, he may be replaced by someone much more deadly,” said Subrahmanian.

In the paper, the researchers represent this through what they call a lethality function. It reveals how removing certain nodes will change the overall group dynamic and possibly generate networks around leaders of lower rank but higher scores in influence or connectedness, which is essentially what happened with the Islamic State of Iraq and the Levant, or ISIL.

So if analysts typically overplay the value of rank, what are they underplaying?

Of the three variables that make a suitable terror leader, connectedness, the clustering co-efficient score, is a particularly interesting one, measuring the cohesive of an individual’s network. In everyday terms, your clustering co-efficient is high if all of your friends on Facebook are connected to one another.

In the world of al-Qaeda, while Ayman al Zawahiri was most likely to ascend to the top leadership position on the basis of rank, Abu Bakr al-Baghdadi, you could say, had forged the best clustering co-efficient score. Similarly, in the popular Game of Thrones books, the character of Joffrey Baratheon is an example of a node with high rank, but low scores in influence and connectedness. The diabolical Tywin Lannister has a high influence, enabling him to effectively determine the course of events despite not being king. Jon Snow, meanwhile, has a high clustering co-efficient score. He’s connected to the men of the Night Watch who are all connected to one another.

It’s a theoretical problem with real-world implications. The paper clearly pushes back at the idea that military leaders couldn’t have possibly predicted the rise of ISIL. In addition to modeling the most likely ascension dynamics in a group, attack data can also yield insight into how dangerous a terror network might become if its disturbed in the wrong way or at the wrong time.

“When an analyst recommends a set of nodes to be removed from a network (e.g. in a capture operation), he must consider both the possible new networks that result and their lethality,” the researchers write. That’s why the lethality function is so important, as it measures the relationship between the structure of the network and number of attacks.   

Subrahmanian reports that the STONE method predicts lethality with a Pearson correlation coefficient of .83 for Lashkar-e-Taiba and .65 for al-Qaeda. A Pearson correlation coefficient is a bit like a percentage but the scale is from -1, which is a totally negative correlation, to +1, a near perfect correlation, so .83% is very good. The slightly less good score for al-Qaeda, he says, was the result of data paucity. “The accuracy increases as the size of the network increases. With more data you can predict things better.”

Some of that data might consist of edge analysis, specifically how different individuals are relating to one another. This can help better determine influence. It’s the sort of analysis that Jure Leskovec has been pioneering at Stanford can be observed playing out in real time in web forums, on Facebook, and even in Wikipedia edits. 

Of course, any research published out on the open could tip off the enemy. But Subrahmanian doesn’t consider that a problem, so much as an opportunity. “Should al-Qaeda read this paper and understand it thoroughly, how might they restructure themselves to keep themselves more secure against the kind of analysis that we’re doing? We’ve shown that disclosing some rules can shape the behavior of your adversary” in a way you can influence them, says Subrahmanian. In other words, you can game Al-Qaeda with game theory, which is also pretty Game of Thrones.

The potential value of this sort of enhanced clairvoyance is on display right now in the events playing out in the burning Middle East. Before there was ISIL, there was Al-Qaeda in Iraq, a terror group headed by Abu Massab al-Zarqawi. When the military took out Zarqawi with a drone attack in 2012, the Pentagon celebrated until a new head grew in the place of the old one, that of al-Baghdadi, leader of ISIL, sometimes called the most dangerous man on Earth.

Subrahmanian said he and his team will be applying the methodology in the months ahead in a new way, not just to prove that works — but to actually predict the characters most likely to become the next terror mastermind. 

Close [ x ] More from DefenseOne

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Ongoing Efforts in Veterans Health Care Modernization

    This report discusses the current state of veterans health care

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

  • Top 5 Findings: Security of Internet of Things To Be Mission-Critical

    As federal agencies increasingly leverage these capabilities, government security stakeholders now must manage and secure a growing number of devices, including those being used remotely at the “edge” of networks in a variety of locations. With such security concerns in mind, Government Business Council undertook an indepth research study of federal government leaders in January 2017. Here are five of the key takeaways below which, taken together, paint a portrait of a government that is increasingly cognizant and concerned for the future security of IoT.

  • Coordinating Incident Response on Posts, Camps and Stations

    Effective incident response on posts, camps, and stations is an increasingly complex challenge. An effective response calls for seamless conversations between multiple stakeholders on the base and beyond its borders with civilian law enforcement and emergency services personnel. This whitepaper discusses what a modern dispatch solution looks like -- one that brings together diverse channels and media, simplifies the dispatch environment and addresses technical integration challenges to ensure next generation safety and response on Department of Defense posts, camps and stations.

  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation


When you download a report, your information may be shared with the underwriters of that document.