Bin Laden Hideout vs. Al Qaeda Training Manual

In our Building Intent project, we developed a geoprofiling algorithm that predicts the location of facilities that support adversary operations in the urban environment. Geoprofiling is a technique that is widely used in serial crime investigations. In our project, we researched and developed a building intent inference system based on terrorist preferences, building characteristics, and social network behavior. Our approach learns the utility function that the adversaries are using, and classifies and predicts the potential utility of a facility to the adversaries based on the derived metadata of each facility using influence networks. For terrorist preferences, we have studied Military Studies in the Jihad Against the Tyrants: The Al-Qaeda Training Manual in order to find building use tactics that the adversary is training its recruits, and found a significant number of building use related tactics and procedures embodied in these manuals. In collaboration with the Terrorism Research Center in Fulbright College, University of Arkansas, we then studied the international terrorism cases in the American Terrorism Study, and found empirical evidence that shows the practice of terrorism manual tactics in the observed data. Based on these findings, we developed a baseline set of indicators for modeling building intent, and researched the likely causal connections among these variables. We then built extractors to derive a set of metadata for these indicators, and used machine learning algorithms to find the causal connections between the incidents or events and building attributes, and model parameters, and build classifiers based terrorist process preferences , building characteristics, and guilt by association data.

As shown in the figure below, our geoprofiling algorithm does a nice job in predicting the Japanese Red Army terrorist Yu Kikumura's residence in New York based on the American Terrorism study. Here the blue markers signify police stations and white arrows signify the egress points. As shown in the figure, Yu Kikumura's residence at 327 East 34th Street, NY is in the red hotspot area predicted by our algorithm. Avoiding police stations and ease of egress were two of the primary factors in Kikumura’s choice of housing. Not only is his apartment equidistant from the nearest police departments – all of which are over one kilometer away – it’s back-alley access road to the underground Queens Memorial Tunnel provides a quick get-away by car. In addition, the examination of the residence floor plan reveals that the apartment building had numerous staircases (one of which is private to the unit) to the basement level with a rear exit.

Japanese Red Army.png

The Al Qaeda Training Manual gives several instructions for renting a residence as shown in the table below. For instance, it is preferable to rent apartments on the first floor for ease of egress, avoid apartments near police stations and government buildings, and in isolated or deserted locations, rent in newly developed areas, and the like. In particular, the Al Qaeda Training Manual calls for the use if the following tactics in renting an apartment:

Al Qaeda Tactics.jpg

So how does the location of Bin Laden's secret hideout in in Abbottabad follow the advice of the Al Qaeda Training Manual? Not that closely. Bin Laden clearly did not follow the tactics for selecting a ground floor location by living on the third floor, for avoiding police stations and government buildings by selecting a location near the Pakistan Military Academy, for finding an apartment in newly developed areas where people do not know each other by choosing a neighborhood with retired Army Generals, and for preparing ways of vacating the premises in case of a surprise attack by not building exit stairs. The only tactic that Bin Laden has used from the list above is avoiding an isolated location. One wonders if Bin Laden made a concerted effort to avoid his own tactical advice in order to thwart geoprofiling techniques. Perhaps another consideration that will need to be taken into account in future geoprofiling is the assistance from outside forces, given the possible connection to a support network that included elements of the Pakistani military or intelligence services in the Abottabad area.

Cyber-Terrorism/Warfare – The Emergent Threat: Strategies for Survival

Last night I attended a panel discussion entitled, Cyber-Terrorism/Warfare – The Emergent Threat: Strategies for Survival” at Boston University. While the cyber threat is not a new one, it is something that the intelligence community and the Department of Defense have more recently become invested in examining in some depth. One of the first questions raised to the panel involved defining the problem. What is the difference between cyber-crime, cyber-terrorism, and cyber-warfare? To give my own humble two cents, it would seem that the distinction is the same as in conventional operations. What distinguishes between criminal acts and terrorist attacks is the end goal. In crime, the action, for example robbing somebody, is the end goal. The point is to get the money. In terrorism, the end goal is beyond the intended target. There is a political message inherent in the act that is targeted at an audience beyond the victims. Additionally, cyber-warfare would also have a political motive, and to quote Clausewitz, the action would simply be a continuation of politics by other means. To make the distinction between cyber-warfare and cyber-terrorism, it would matter what the intended target was.  Terrorism is usually distinctive from war because it targets noncombatants, or individuals not in a "declared state of war".  Therefore, the attacks against the Marine barracks in Lebanon in 1983 that killed more than 200 servicemembers was considered terrorism, because the barracks, while being a military target, was housing Marines that were part of a peacekeeping force in the country, and therefore, not in a declared state of war.


The tricky part comes in when one tries to attribute a cyber-attack to a particular actor. Dr. Leonid Reyzin, a cryptology expert stated that our best defense against an attack is to harden our systems. Many government systems do not employ state-of-the art cryptology mechanisms (e.g., many sensitive systems currently use one password for numerous people). Additionally, he pointed out that life-critical systems, systems that if comprised could result in loss-of-life, should be completely disconnected from business networks altogether. He gave an example of a computer virus that spread through email systems, and eventually infected the business system of a nuclear power plant. Due to the fact that the power plant’s business system and critical systems were on the same network, the virus comprised and actually shut off the safety mechanisms of the plant.

Arthur Hulnick, a veteran of 30+ years in the intelligence community, stated that resources to address the cyber threat would best be spent on hiring the best and brightest people. He added that there were too many hurdles to hiring the right people in the intelligence community due to security concerns. Reliance on the polygraph and issues with traveling abroad or having foreign connections (despite the fact that you want bi-cultural or foreign language speakers that often have spent time in these places) prevent people from contributing to the effort.

Another question that was brought up to the panel involved the development of cyber-warfare doctrine. How can one reliably develop a strategy for engagement when there is the issue of attributing an attack to a particular state or actor? Is there a proportional response? Does one respond with offensive cyber capabilities against a country that may not have known their systems were breached? Is there a way to declare this policy for deterrence purposes? Joseph Wippl, another career CIA officer, stated that a robust international effort to share information and best practices would be the best preventive defense against cyber attacks. Dr. Robert Popp, a former DoD official in OSD and DARPA, stated that resources would best be allocated to develop offensive capabilities that could overwhelm our adversaries, hopefully providing some level of deterrence.

Overall, it was interesting and informative evening however, it seems that while there has been much discussion on the subject, there are many more questions than answers.