What type of attack involves intercepting and surveilling the communication traffic between two devices?

The type of attack that involves intercepting and surveilling the communication traffic between two devices is an on-path attack. In this scenario, the attacker manages to position themselves in the communication path between the two devices, allowing them to capture and possibly alter the messages being transmitted. This method relies on the attacker having the ability to insert themselves into the communication stream without either of the communicating parties being aware of it.

On-path attacks can take various forms, including man-in-the-middle attacks, where the attacker impersonates one of the communicating parties to either eavesdrop on or manipulate the data being exchanged. This method can be particularly effective because it can exploit vulnerabilities in the network infrastructure or weak protocols.

The other options, while involving different types of malicious activity, do not specifically pertain to intercepting and surveilling communication traffic. Side channel attacks exploit unintended information leakage (such as timing or power consumption), denial-of-service attacks (DDOS) aim to overwhelm systems with traffic to disrupt services, and physical attacks target the physical components of a system. These approaches focus on different attack vectors and do not involve the interception of communication between devices like on-path attacks do.