Next Article in Journal
Upper Limb Capacity, Performance, and Leisure Participation in Children with Unilateral Cerebral Palsy
Previous Article in Journal
Deployment Challenges in Electromagnetic Wireless Nanosensor Networks
Previous Article in Special Issue
Evading Antivirus Detection Using Fountain Code-Based Techniques for Executing Shellcodes
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Sensors
Volume 25
Issue 23
10.3390/s25237124
sensors-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
first_page
settings
Order Article Reprints
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
This is an early access version, the complete PDF, HTML, and XML versions will be available soon.
Article

Relational Framework of Cyberattacks: Empirical Evidence from Multistage Incidents †

by
Mikel Ferrer-Oliva
,
José-Amelio Medina-Merodio
*,
José-Javier Martínez-Herraiz
and
Carlos Cilleruelo-Rodríguez
Departamento de Ciencias de la Computación, Universidad de Alcalá, 28871 Madrid, Spain
*
Author to whom correspondence should be addressed.
This paper is an extended version of our paper published in Ferrer-Oliva, M.; Medina-Merodio, J.-A.; Martínez-Herraiz, J.-J.; Cilleruelo-Rodríguez, C. Relational Taxonomy of Cyberattacks: A Model for Threat Classification and Connection in Digital Environments. In Proceedings of the 12th Multidisciplinary International Social Networks Conference (MISNC 2025), Oviedo, Spain, 3–5 September 2025. https://doi.org/10.1007/978-3-032-09945-7_17.
Sensors 2025, 25(23), 7124; https://doi.org/10.3390/s25237124
Submission received: 15 September 2025 / Revised: 12 November 2025 / Accepted: 19 November 2025 / Published: 21 November 2025
(This article belongs to the Special Issue Data Privacy, Security, and Trust in New Technological Trends—2nd Edition)
Versions Notes

Abstract

The increasing scale and operational complexity of cyberattacks have exposed the limitations of static taxonomies for representing multistage threat scenarios. This study addresses the need for more flexible classification models by proposing a relational taxonomy of cyberattacks grounded in documented incidents. Therefore, the main objective is to propose a relational taxonomy that encodes direct transitions across eight groups in a dependency matrix and a directed graph while preserving traceability to MITRE ATT&CK. The taxonomy was validated by an independent panel of experts who assessed methodological clarity and operational utility. The results reveal consistent transition patterns across groups, delineate reproducible escalation routes, and pinpoint cut-off points linked to specific detection and control activities, providing an operational map of progression and intervention. The conclusions show that the taxonomy clarifies escalation paths, strengthens alignment across security monitoring and incident response functions, threat intelligence workflows and training, and provides an operational structure to manage interdependencies, anticipate escalation and focus monitoring on critical points.
Keywords: cyberattack taxonomy; threat progression; intelligence sharing; relational model; dark web cyberattack taxonomy; threat progression; intelligence sharing; relational model; dark web

Share and Cite

MDPI and ACS Style

Ferrer-Oliva, M.; Medina-Merodio, J.-A.; Martínez-Herraiz, J.-J.; Cilleruelo-Rodríguez, C. Relational Framework of Cyberattacks: Empirical Evidence from Multistage Incidents. Sensors 2025, 25, 7124. https://doi.org/10.3390/s25237124

AMA Style

Ferrer-Oliva M, Medina-Merodio J-A, Martínez-Herraiz J-J, Cilleruelo-Rodríguez C. Relational Framework of Cyberattacks: Empirical Evidence from Multistage Incidents. Sensors. 2025; 25(23):7124. https://doi.org/10.3390/s25237124

Chicago/Turabian Style

Ferrer-Oliva, Mikel, José-Amelio Medina-Merodio, José-Javier Martínez-Herraiz, and Carlos Cilleruelo-Rodríguez. 2025. "Relational Framework of Cyberattacks: Empirical Evidence from Multistage Incidents" Sensors 25, no. 23: 7124. https://doi.org/10.3390/s25237124

APA Style

Ferrer-Oliva, M., Medina-Merodio, J.-A., Martínez-Herraiz, J.-J., & Cilleruelo-Rodríguez, C. (2025). Relational Framework of Cyberattacks: Empirical Evidence from Multistage Incidents. Sensors, 25(23), 7124. https://doi.org/10.3390/s25237124

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop