Definition
Attack taxonomy is a systematic classification of cyberattacks based on their targets, goals, tactics, or characteristics. It develops as new attack strategies arise and serves as a foundation for vulnerability management, security awareness programs, and incident response.
Attack taxonomies allow organizations to understand and prioritize security defences based on the most common attack vectors.
Attack Taxonomies Examples
Network-based Attacks
- Denial-of-service (DoS) and Distributed Denial-of-Service (DDoS) attacks.
- Packet sniffing and eavesdropping.
- MITM (Man-in-the-middle) attacks.
- Network scanning and reconnaissance.
Malware-based Assaults
- Ransomware attacks.
- Viruses, Trojans, worms.
- Rootkits and backdoors.
- Command-and-control attacks and Botnets.
Web-based Attacks
- SQL injection.
- Cross-site scripting (XSS).
- Phishing and social engineering.
- Cross-site request forgery (CSRF).
Operating Systems (OS) Targeted Attacks
- Kernel-level attacks.
- Buffer overflow attacks.
- Privilege escalation attacks.
- Zero-day exploits.
Wireless and Mobile Attacks
- Mobile malware.
- Bluetooth attacks.
- SMS phishing.
- Wi-Fi eavesdropping and spoofing.
Insider Attacks
- Data theft or exfiltration.
- Unauthorized access.
- Intentional damage or sabotage.
- Unauthorized use of privileged access.
Physical Attacks
- Dumpster diving.
- Meddling with equipment or hardware.
- Circumventing physical security.
- Physical theft of assets or gadgets.
Social Engineering Attacks
- Baiting and tailgating.
- Phishing, smishing, vishing.
- Scareware and bogus notifications.
- Pretexting and impersonation.