attack · SynAc

Senses

Sense 1

An attempt to gain unauthorized access to system services, resources, or information, or an attempt to compromise system integrity. The intentional act of attempting to bypass one or more security services or controls of an information system.

An attempt to gain unauthorized access to system services, resources, or information, or an attempt to compromise system integrity.

The intentional act of attempting to bypass one or more security services or controls of an information system.

NICCS (CISA) Cybersecurity Vocabulary

Bibliography

NICCS (CISA) Cybersecurity Vocabulary
Accessed Jan 06, 2026Quoted
NICCS glossary export (CSV)
https://niccs.cisa.gov/rest/vocab/export-csv
NICCS is a CISA (DHS) program. Individual glossary entries include a "From" attribution (e.g., CNSSI 4009, NIST SPs, NICE Framework). Treat "From" values as upstream provenance and verify before quoting large portions of text.
Source: NICCS (CISA) Cybersecurity Vocabulary (niccs.cisa.gov).

1 (I)

An intentional act by which an entity attempts to evade security services and violate the security policy of a system. That is, an actual assault on system security that derives from an intelligent threat. (See: penetration, violation, vulnerability.)

IETF RFC 4949 (Internet Security Glossary)

Bibliography

IETF RFC 4949 (Internet Security Glossary)
Accessed Jan 06, 2026Quoted
RFC 4949 — Internet Security Glossary (Version 2)
https://www.rfc-editor.org/rfc/rfc4949.txt
RFC 4949 is published by the IETF Trust and marked as "Distribution of this memo is unlimited". Verify IETF Trust copyright/licensing terms for reuse.

2 (I)

A method or technique used in an assault (e.g., masquerade). (See: blind attack, distributed attack.) Tutorial: Attacks can be characterized according to intent: An "active attack" attempts to alter system resources or affect their operation. A "passive attack" attempts to learn or make use of information from a system but does not affect system resources of that system. (See: wiretapping.) The object of a passive attack might be to obtain data that is needed for an off line attack. An "off line attack" is one in which the attacker obtains data from the target system and then analyzes the data on a different system of the attacker's own choosing, possibly in preparation for a second stage of attack on the target. Attacks can be characterized according to point of initiation: An "inside attack" is one that is initiated by an entity inside the security perimeter (an "insider"), i.e., an entity that is authorized to access system resources but uses them in a way not approved by the party that granted the authorization. An "outside attack" is initiated from outside the security perimeter, by an unauthorized or illegitimate user of the system (an "outsider"). In the Internet, potential outside attackers range from amateur pranksters to organized criminals, international terrorists, and hostile governments. Attacks can be characterized according to method of delivery: In a "direct attack", the attacker addresses attacking packets to the intended victim(s). In an "indirect attack", the attacker addresses packets to a third party, and the packets either have the address(es) of the intended victim(s) as their source address(es) or indicate the intended victim(s) in some other way. The third party responds by sending one or more attacking packets to the intended victims. The attacker can use third parties as attack amplifiers by providing a broadcast address as the victim address (e.g., "smurf attack"). (See: reflector attack. Compare: reflection attack, replay attack.) The term "attack" relates to some other basic security terms as shown in the following diagram: + + + + + + | An Attack: | |Counter | | A System Resource: | | i.e., A Threat Action | | measure | | Target of the Attack | | + + | | | | + + | | | Attacker |<==================||<========= | | | | i.e., | Passive | | | | | Vulnerability | | | | A Threat |<================= ||<======== | | | | Agent | or Active | | | | + ||| + | | + + Attack | | | | VVV | | | | | | Threat Consequences | + + + + + +

A method or technique used in an assault (e.g., masquerade). (See: blind attack, distributed attack.)